CVE-2025-1925

A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amfnsmfpdusessionhandleupdatesmcontext of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be launched...

EUVD-2024-31783

Malicious code in bioql PyPI...

EUVD-2025-15983

Malicious code in bioql PyPI...

EUVD-2024-51216

Malicious code in bioql PyPI...

EUVD-2025-22294

Malicious code in bioql PyPI...

CVE-2025-8554

A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0. This issue affects some unknown processing of the file /admin/user/list. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. The exploit has...

CVE-2025-8554

CVE-2025-8554 affects atjiu pybbs up to version 6.0.0. The issue is a cross-site scripting vulnerability caused by manipulation of the Username argument in the file /admin/user/list. Exploitation can be remote and the patch is available as a specific fix identified by the patch hash 2fe4a51afbce0...

CVE-2025-8550 atjiu pybbs list cross site scripting

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/topic/list. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The...

CVE-2025-8510

A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. This affects the function Gerar of the file ieducar/intranet/educarmatriculalst.php. The manipulation of the argument refcodaluno leads to cross site scripting. It is possible to initiate the attack remotely. Th...

CVE-2025-7953

A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS up to 5.202506.a. This issue affects some unknown processing of the file publiccms-parent/publiccms/src/main/webapp/resource/plugins/pdfjs/viewer.html. The manipulation of the argument File leads to open...

CVE-2025-7865 thinkgem JeeSite XSS Filter EncodeUtils.java xssFilter cross site scripting

A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affects the function xssFilter of the file src/main/java/com/jeesite/common/codec/EncodeUtils.java of the component XSS Filter. The manipulation of the argument text leads to cross...

CVE-2025-7435

CVE-2025-7435 affects LiveHelperChat lhc-php-resque Extension (up to commit ee1270b35625f552425e32a6a3061cd54b5085c4). The vulnerability arises from manipulation of the queue name argument in the List Handler (unknown subpath: /site_admin/lhcphpresque/list/), enabling cross-site scripting. It can...

CVE-2025-5895

A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit...

CVE-2015-10072

A vulnerability classified as problematic was found in NREL api-umbrella-web 0.7.1. This vulnerability affects unknown code of the component Flash Message Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.0 is able to address...

CVE-2014-125004

A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decodehextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue...

CVE-2025-2591

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

CVE-2024-9285 Tu Yafeng Via Browser Javascript Bridge cross site scripting

A vulnerability was found in Tu Yafeng Via Browser up to 5.9.0 on Android. It has been rated as problematic. This issue affects some unknown processing of the component Javascript Bridge. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2024-3191

A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-13129

A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by this vulnerability is the function actionservice of the file app/modules/roxywi/roxy.py. The manipulation of the argument action/service leads to os command injection. The attack can be launched...

PT-2024-31804 · Faraday · Faraday Gm828X +1

Name of the Vulnerable Software and Affected Versions: Faraday GM8181 and GM828x up to 20240429 Description: A problematic issue has been found, affecting some unknown functionality of the file /command port.ini. This leads to information disclosure and can be exploited remotely. The issue has be...