219 matches found
EUVD-2023-43203
Malicious code in bioql PyPI...
EUVD-2025-4267
Malicious code in bioql PyPI...
EUVD-2022-2773
Malicious code in bioql PyPI...
EUVD-2022-36030
Malicious code in bioql PyPI...
EUVD-2022-3136
Malicious code in bioql PyPI...
EUVD-2021-8843
Malicious code in bioql PyPI...
EUVD-2022-45480
Malicious code in bioql PyPI...
CVE-2025-8544 Portabilis i-Educar edit cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar 2.10. Affected by this vulnerability is an unknown functionality of the file /module/RegraAvaliacao/edit. The manipulation of the argument nome leads to cross site scripting. The attack can be launched remotely. The exploi...
CVE-2025-7577 Teledyne FLIR FB-Series O/FLIR FH-Series ID hard-coded password
A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather...
CVE-2025-7116 UTT 进取 750W Fast_wireless_conf buffer overflow
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fastwirelessconf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclose...
CVE-2025-29331
An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code via the management script x-ui passes the no check certificate option to wget when downloading updates...
(0Day) Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the compressFirmwareDumpFiles method. The issue...
CVE-2025-6643
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...
CVE-2025-41663
The CVE-2025-41663 entry pertains to the Weidmueller IE-SR-2TX-WL industrial security router. Affected component is the u-link Management API, where an unauthenticated, man‑in‑the‑middle attacker can inject arbitrary commands in responses returned by WWH servers, leading to arbitrary command exec...
CVE-2025-5888 jsnjfz WebStack-Guns cross-site request forgery
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may b...
CVE-2025-5525 Jrohy trojan linux.go LogChan os command injection
A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This vulnerability affects the function LogChan of the file trojan/util/linux.go. The manipulation of the argument c leads to os command injection. The attack can be initiated remotely. The complexity of an...
CVE-2025-49113
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization...
CVE-2025-5215 D-Link DCS-5020L ptdc.cgi websReadEvent stack-based overflow
A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit ha...
CVE-2025-0787
A vulnerability was found in ESAFENET CDG V5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /appDetail.jsp. The manipulation of the argument curpage leads to cross site scripting. The attack can be launched remotely. The exploit has be...
CVE-2022-3815
A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the component mp4decrypt. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...