CVE-2026-4646

Mattermost has an input-validation flaw in the API request handlers used by the PR details endpoint. Affected versions are 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, and 10.11.x

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in versions of Mattermost 11.6.0 and earlier 11.6.x series, as well as versions prior to 11.5.3 11.5.x series, 11.4.4 and earlier 11.4.x series, and 10.11.14 and earlier 10.11.x...

CVE-2025-66511 Nextcloud Calendar app used predictable proposal participant tokens

Nextcloud Calendar is a calendar app for Nextcloud. Prior to 6.0.3, the Calendar app generates participant tokens for meeting proposals using a hash function, allowing an attacker to compute valid participant tokens, which allowed them to request details and submit dates in meeting proposals. The...

EUVD-2020-27406

Malware in sbrugna...

EUVD-2025-28898

Malicious code in bioql PyPI...

EUVD-2025-28904

Malicious code in bioql PyPI...

EUVD-2025-16555

Malicious code in bioql PyPI...

CVE-2025-40695

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'remark', 'status' and 'takeaction' parameters via POST at the endpoint '/ofrs/admin/request-details.php'. This...

CVE-2025-40689

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'remark', 'status' and 'requestid' parameters in the endpoint '/ofrs/admin/request-details.php'...

CVE-2025-40689

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'remark', 'status' and 'requestid' parameters in the endpoint '/ofrs/admin/request-details.php'...

CVE-2025-40695

The CVE-2025-40695 affects the Online Fire Reporting System (OFRS) v1.2. A stored XSS exists in the /ofrs/admin/request-details.php endpoint due to insufficient validation of POST parameters remark, status, and takeaction. This authenticated vulnerability could allow a remote attacker to inject s...

CVE-2025-40689 SQL injection in PHPGurukul Online Fire Reporting System

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'remark', 'status' and 'requestid' parameters in the endpoint '/ofrs/admin/request-details.php'...

CVE-2025-40689 SQL injection in PHPGurukul Online Fire Reporting System

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'remark', 'status' and 'requestid' parameters in the endpoint '/ofrs/admin/request-details.php'...

PT-2025-37179

Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a stored cross-site scripting XSS issue. The lack of proper validation of user inputs for the remark, status, and takeaction parameters via POST...

Online Fire Reporting System SQL注入漏洞

Online Fire Reporting System is an online fire reporting system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Fire Reporting System version 1.2, which stems from incorrect manipulation of the parameters mark, status, and requestid in the endpoint...

PT-2025-37171

Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System is susceptible to SQL Injection attacks. An attacker can potentially retrieve, create, update, and delete database information through the remark, status,...

Online Fire Reporting System 跨站脚本漏洞

Online Fire Reporting System is an online fire reporting system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Fire Reporting System version 1.2, which stems from insufficient validation of inputs for the parameters mark, status, and...

CVE-2025-3586

creationtimestamp| type| source ---|---|--- 2025-09-01 21:30:39+00:00| seen| https://gist.github.com/Darkcrai86/97e979aa0a18c6083e6c140ffe3c735d 2025-09-01 22:48:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxsoqhcmyz2v...

CVE-2025-54485

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...

CVE-2025-38453

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: ensure iokiocb freeing is deferred for RCU syzbot reports that defer/local taskwork adding via msgring can hit a request that has been freed: CPU: 1 UID: 0 PID: 19356 Comm: iou-wrk-19354 Not tainted...