18 matches found
EUVD-2020-24001
Malware in sbrugna...
EUVD-2024-31910
Malicious code in bioql PyPI...
EUVD-2025-24021
Malicious code in bioql PyPI...
EUVD-2025-24058
Malicious code in bioql PyPI...
CVE-2025-6478
A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely...
CVE-2025-6109 javahongxi whatsmars InitializrController.java initialize path traversal
A vulnerability was found in javahongxi whatsmars 2021.4.0. It has been rated as problematic. Affected by this issue is the function initialize of the file /whatsmars-archetypes/whatsmars-initializr/src/main/java/org/hongxi/whatsmars/initializr/controller/InitializrController.java. The manipulati...
CVE-2025-5645
A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of ...
CVE-2025-5545 aaluoxiang oa_system ProcedureController.java image path traversal
A vulnerability classified as problematic has been found in aaluoxiang oasystem up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. This affects the function image of the file src/main/java/cn/gson/oasys/controller/process/ProcedureController.java. The manipulation leads to path traversal. It is...
CVE-2022-4600
A vulnerability was found in Shoplazza LifeStyle 1.1. It has been classified as problematic. This affects an unknown part of the file /admin/api/theme-edit/ of the component Product Carousel Handler. The manipulation of the argument Heading/Description leads to cross site scripting. It is possibl...
CVE-2022-1980
A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been rated as problematic. This issue affects the file /admin/?page=systeminfo/contactinfo. The manipulation of the textbox Telephone with the input leads to cross site scripting. The attack may be initiated remotely b...
CVE-2018-25064
A vulnerability was found in OSM Lab show-me-the-way. It has been rated as problematic. This issue affects some unknown processing of the file js/site.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. The patch is named...
CVE-2025-4740 BeamCtrl Airiana coef deserialization
A vulnerability was found in BeamCtrl Airiana up to 11.0. It has been declared as problematic. This vulnerability affects unknown code of the file coef. The manipulation leads to deserialization. The attack needs to be approached locally. The exploit has been disclosed to the public and may be us...
CVE-2025-2490 Dromara ujcms File Upload WebFileUploadController.java upload cross site scripting
A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...
CVE-2025-1377
A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelfgetsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been...
CVE-2025-1169 SourceCodester Image Compressor Tool compressor.php cross site scripting
A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /image-compressor/compressor.php. The manipulation of the argument image leads to cross site scripting. The attack may be initiated...
CVE-2025-0400 StarSea99 starsea-mall update cross site scripting
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/categories/update. The manipulation of the argument categoryName leads to cross site scripting. The attack may be initiated remotely. The exploi...
CVE-2024-13018
PHPGurukul Maid Hiring Management System v1.0 contains a cross-site scripting vulnerability in /admin/profile.php triggered by manipulation of the input parameter (name/argument name). Multiple connected sources confirm the flaw stems from insufficient input validation/filtering, enabling remote ...
SUSE SLES15 Security Update : xorg-x11-server (SUSE-SU-2022:3850-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3850-1 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString...