39 matches found
MINI-96MM-9MJV-5RVR
Bulletin has no description...
CVE-2013-5622
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions...
CVE-2026-1592 Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud
Foxit PDF Editor Cloud pdfonline contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before...
EUVD-2005-4630
Malware in sbrugna...
EUVD-2021-1747
Malware in sbrugna...
EUVD-2019-3427
Malware in sbrugna...
EUVD-2019-6714
Malware in sbrugna...
EUVD-2023-24090
Malicious code in bioql PyPI...
EUVD-2022-0458
Malicious code in bioql PyPI...
EUVD-2022-34757
Malicious code in bioql PyPI...
EUVD-2025-9395
Malicious code in bioql PyPI...
CVE-2025-8057
CVE-2025-8057 concerns an authorization bypass in Patika Global Technologies’ HumanSuite. The issue arises from a user‑controlled key that enables an externally controlled reference to a resource in another sphere, leading to improper authorization. Affected product/version: HumanSuite prior to 5...
CVE-2025-38361 drm/amd/display: Check dce_hwseq before dereferencing it
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dcehwseq before dereferencing it WHAT hws was checked for null earlier in dce110blankstream, indicating hws can be null, and should be checked whenever it is used. cherry picked from commit...
CVE-2025-6585 WP JobHunt <= 7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Account Deletion
The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.2 via the csremoveprofilecallback function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level...
GHSA-5QPG-RH4J-QP35 pycares has a Use-After-Free Vulnerability
Summary pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS queries are still pending. This results in a fatal Python error and interpreter crash. Details Root Cause The vulnerability stems from improper handling of callback...
CVE-2025-48753
creationtimestamp| type| source ---|---|--- 2025-05-24 02:54:06+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpv5dhfubod2...
CVE-2020-36467
An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::get returns more than one mutable reference to the same object...
CVE-2020-15681
When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash. This vulnerability affects Firefox 82...
CVE-2013-2123
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attacke...
CVE-2025-43967
libheif before 1.19.6 has a NULL pointer dereference in ImageItemGrid::getdecoder in image-items/grid.cc because a grid image can reference a nonexistent image item...