1131 matches found
Malicious code in vishu_transitive_fn (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89f90df0189636fa1988950e054ba609b79142c54a65e9cf18806db68cebf5d3 Any computer that has this package installed or running should be considered...
EUVD-2025-30841
Malicious code in bioql PyPI...
EUVD-2025-28737
Malicious code in bioql PyPI...
EUVD-2025-26606
Malicious code in bioql PyPI...
EUVD-2021-32509
Malicious code in bioql PyPI...
EUVD-2025-24370
Malicious code in bioql PyPI...
CVE-2025-10707 JeecgBoot sendMsg improper authorization
A weakness has been identified in JeecgBoot up to 3.8.2. Affected is an unknown function of the file /message/sysMessageTemplate/sendMsg. Executing manipulation can lead to improper authorization. The attack may be launched remotely. The exploit has been made available to the public and could be...
CVE-2025-10410 SourceCodester Link Status Checker index.php server-side request forgery
A security vulnerability has been detected in SourceCodester Link Status Checker 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument proxy leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed...
CVE-2025-5005
A vulnerability was detected in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. This affects an unknown function of the file crm/WeiXinApp/dingtalk/indexevent.php. The manipulation of the argument corpurl results in server-side request forgery. The attack can be launched...
Fuji Electric FRENIC-Loader 4
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...
PT-2025-35472
Name of the Vulnerable Software and Affected Versions: RemoteClinic versions prior to 2.1 Description: A vulnerability allows for unrestricted file upload via manipulation of the image argument in the /staff/edit.php file. The attack can be initiated remotely. The exploit is publicly available...
CVE-2025-9750 Campcodes Online Learning Management System login.php sql injection
A security flaw has been discovered in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument Username results in sql injection. It is possible to launch the attack remotely. The exploit has been...
GE Vernova CIMPLICITY
RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...
CVE-2025-8997
OpenText Enterprise Security Manager has an Information Exposure vulnerability (CVE-2025-8997). The issue is described as remotely exploitable with network access, enabling disclosure of information and affecting confidentiality (high impact per CVSS: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/SC:N/V...
PT-2025-34596 · Opentext · Opentext Enterprise Security Manager
Name of the Vulnerable Software and Affected Versions: OpenText Enterprise Security Manager affected versions not specified Description: An information exposure issue exists in OpenText Enterprise Security Manager. The issue is remotely exploitable. Recommendations: At the moment, there is no...
PT-2025-34670 · Opentext · Opentext Enterprise Security Manager
Name of the Vulnerable Software and Affected Versions: OpenText Enterprise Security Manager affected versions not specified Description: A Stored Cross-Site Scripting XSS vulnerability exists in OpenText Enterprise Security Manager. The vulnerability is remotely exploitable. Recommendations: At t...
Rockwell Automation 1756-EN4TR, 1756-EN4TRXT (Update B)
RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker causing a denial of service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...
Rockwell Automation FactoryTalk Viewpoint
RISK EVALUATION Successful exploitation of this vulnerability could result in full privilege escalation. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...
CVE-2025-8926
The CVE-2025-8926 vulnerability affects SourceCodester COVID 19 Testing Management System 1.0, specifically the /login.php endpoint where the Username parameter is susceptible to SQL injection. Publicly disclosed exploits enable remote exploitation, potentially compromising confidentiality, integ...
CVE-2025-50164
CVE-2025-50164 is a Windows RRAS vulnerability described as a heap-based buffer overflow in Routing and Remote Access Service. It enables an authorized attacker to execute code over the network (attack vector: network; authentication: low; user interaction required). The CVSS 3.1 basis in the ini...