EUVD-2025-9872

Malicious code in bioql PyPI...

CVE-2025-46616

Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution RCE via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage...

CVE-2025-46616

Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution RCE via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage...

CVE-2025-32161

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryo Arkhe Blocks arkhe-blocks allows Stored XSS.This issue affects Arkhe Blocks: from n/a through = 2.27.1...

CVE-2025-32161

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryo Arkhe Blocks arkhe-blocks allows Stored XSS.This issue affects Arkhe Blocks: from n/a through = 2.27.1...

PT-2025-14945 · Unknown · Ryo Arkhe Blocks

Name of the Vulnerable Software and Affected Versions: Ryo Arkhe Blocks versions n/a through 2.27.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

WordPress LIQUID SPEECH BALLOON Plugin < 1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software LIQUID SPEECH BALLOON Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27889 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b1811e420432 Credits Ryo Sato of BroadBa...

WordPress Button Widget Smartsoft plugin <= 1.0.1 - Cross-Site Request Forgery (CSRF) vulnerability to Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability to Cross-Site Scripting XSS was discovered by Ryo Onodera Cryptography Laboratory Tokyo Denki University in the WordPress Button Widget Smartsoft plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of June 8, 2022 a...

Exploit for Out-of-bounds Write in Google Android

AutomatedRoot !GitHubhttps://img.shields.io/github/license/...

ProjectButler 1.5.0 Remote File Inclusion

projectbutler - 1.5.0 offset RFI Vulnerability Author: cr4wl3r Contact: cr4wl3r4tlinuxmaildotorg Download: http://sourceforge.net/projects/projectbutler/files/projectbutler/1.5.0/ProjectButler.tar.gz Vuln : requireonce$offset."class.project.inc"; PoC :...