EUVD-2025-14302

Malicious code in bioql PyPI...

Gitlab -- vulnerabilities

Gitlab reports: Cross-site scripting issue in blob viewer impacts GitLab CE/EE Cross-site scripting issue in labels impacts GitLab CE/EE Cross-site scripting issue in Workitem impacts GitLab CE/EE Improper Handling of Permissions issue in project API impacts GitLab CE/EE Incorrect Privilege...

CVE-2025-44831

EngineerCMS v1.02–v2.0.5 contains a SQL injection vulnerability in the /project/addproject interface. Multiple sources confirm the affected versions and the injection pathway, with evidence describing the vulnerability as allowing arbitrary SQL commands through that endpoint. The root cause is an...

CVE-2023-4647

An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances...

Node-RED Path Traversal Vulnerability

Node-Red is an open source stream-based visual programming development tool for connecting hardware devices, APIs and online services together as part of the Internet of Things. A path traversal vulnerability exists in Node-RED 1.2.7 and earlier, which allows arbitrary path traversal via the...