MAL-2025-37839 Malicious code in unity-hhmqh-ulz6q-valley-project (npm)

The package unity-hhmqh-ulz6q-valley-project was found to contain malicious code...

CVE-2024-56525

The CVE-2024-56525 entry applies to PKP’s PKP Platform (OJS, OMP, OPS) prior to 3.3.0.21 and 3.4.x prior to 3.4.0.8. The vulnerability is described as an XXE flaw that, when exploited by a Journal Editor, can create a new role with super admin privileges within the journal context and insert a ba...

BIT-GITLAB-2022-1406

Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project...

BIT-GITLAB-2024-0456 Direct Request ('Forced Browsing') in GitLab

An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project...

CVE-2022-1406

Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project...

Microsoft Project Information Disclosure Vulnerability

Microsoft Project is a suite of project management software from the American company Microsoft Microsoft. The software is used to assist project managers in developing plans, allocating resources to tasks, tracking progress, managing budgets and analyzing workloads. An information disclosure...

RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)

RGui 3.5.0 - Local Buffer Overflow SEHDEP Bypass !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: RGui 3.5.0 - Local Buffer Overflow SEHDEP Bypass Date: 01-09-2018 Vulnerable Software: RGui 3.5.0 Vendor Homepage: https://www.r-project.org/ Version: 3.5.0 Software Link:...