272 matches found
EUVD-2022-38162
Malicious code in bioql PyPI...
EUVD-2021-6880
Malicious code in bioql PyPI...
EUVD-2022-36196
Malicious code in bioql PyPI...
EUVD-2024-42142
Malicious code in bioql PyPI...
EUVD-2023-29068
Malicious code in bioql PyPI...
EUVD-2021-6882
Malicious code in bioql PyPI...
EUVD-2023-29097
Malicious code in bioql PyPI...
EUVD-2022-7426
Malicious code in bioql PyPI...
EUVD-2022-6338
Malicious code in bioql PyPI...
Cisco Identity Services Engine (cisco-sa-ise_xss_acc_cont-YsR4uT4U)
According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. This vulnerability is due to the lack of...
The vulnerability of the jingx_asp() function in D-Link DI-8100 router microprogramming software allows a hacker to induce a service failure.
The vulnerability of the jingxasp function in D-Link DI-8100 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending a specially crafted HTTP request...
CVE-2025-36548
A cross-site scripting xss vulnerability exists in the LoginWordPress loginForm cancelUri parameter functionality of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigg...
WWBN AVideo .htaccess sample incomplete blacklist vulnerability
Talos Vulnerability Report TALOS-2025-2213 WWBN AVideo .htaccess sample incomplete blacklist vulnerability July 24, 2025 CVE Number CVE-2025-48732 SUMMARY An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request ca...
CVE-2025-46002
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
GHSA-R7Q6-6FMQ-MX4C Filemanager is vulnerable to Relative Path Traversal through filemanager.php
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
CVE-2025-46002
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint...
CVE-2025-6168 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated maintainers to bypass group-level user invitation restrictions by sending crafted API requests...
CVE-2025-40732
user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php...
Google Chrome Integer Overflow Vulnerability
Google Chrome is a popular web browser. Google Chrome suffers from an integer overflow vulnerability that stems from improper handling of integer values, which can be exploited by an attacker to submit a special WEB request that can be tricked into being parsed by the user, crashing the applicati...
CVE-2024-25582
Module savepoints could be abused to inject references to malicious code delivered through the same domain. Attackers could perform malicious API requests or extract information from the users account. Exploiting this vulnerability requires temporary access to an account or successful social...