CVE-2026-41466 ProjeQtor < 12.4.4 Stored XSS via checkValidHtmlText()

ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the checkValidHtmlText function within Security.php that fails to properly sanitize user input by only detecting specific patterns while returning unsanitized strings without output encoding. Attackers ca...

ProjeQtOr 跨站脚本漏洞

ProjeQtOr is a project management software developed by the French company ProjeQtOr. Versions 7.0 to 12.4.3 of ProjeQtOr contain cross-site scripting vulnerabilities. These vulnerabilities stem from the checkValidHtmlText function in the Security.php file, which improperly cleans user input,...

PT-2026-3579

Name of the Vulnerable Software and Affected Versions IBM Licensing Operator affected versions not specified Description The IBM Licensing Operator incorrectly assigns privileges to security critical files. This could allow a local root escalation within a container running the IBM Licensing...

EUVD-2025-202866

In SwDcpItg of upL2commonPdcpSecurity.cpp, there is a possible denial of service due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-41550

Name of the Vulnerable Software and Affected Versions V-SFT versions prior to 6.2.7.0 Description An out-of-bounds write vulnerability exists in the VS6ComFile!CItemDraw::is motion tween function. Opening specially crafted V-SFT files may lead to information disclosure, system crashes, and...

EUVD-2021-25061

Malware in sbrugna...

EUVD-2014-5346

Malware in sbrugna...

EUVD-2019-5941

Malware in sbrugna...

EUVD-2014-0835

Malware in sbrugna...

EUVD-2005-0072

Malware in sbrugna...

EUVD-2000-0082

Malware in sbrugna...

An Empirical Study of Security-Policy Related Issues in Open Source Projects

GitHub recommends that projects adopt a SECURITY.md file that outlines vulnerability reporting procedures. However, the effectiveness and operational challenges of such files are not yet fully understood. This study aims to clarify the challenges that SECURITY.md files face in the vulnerability...

EUVD-2024-52170

Malicious code in bioql PyPI...

EUVD-2022-5722

Malicious code in bioql PyPI...

CVE-2025-7487

A vulnerability, which was classified as critical, was found in JoeyBling SpringBootMyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26. This affects the function SysFileController of the file /file/upload. The manipulation of the argument portraitFile leads to unrestricted upload. It is...

PT-2025-26458

Name of the Vulnerable Software and Affected Versions: Selea Targa IP OCR-ANPR cameras versions including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB Description: A path traversal vulnerability exists in the /common/get...

CVE-2023-0613

A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The...

The vulnerability of the mlx5 driver (drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c) in Linux operating systems, which allows a hacker to cause a service failure.

The vulnerability of the mlx5 driver drivers/net/ethernet/mellanox/mlx5/core/enaccel/ipsec.c in Linux operating systems is related to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause service failures...

CVE-2023-46045

Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root...

PT-2023-10309 · Ruby · Ruby-Saml

Name of the Vulnerable Software and Affected Versions: ruby-saml gem versions prior to 1.0.0 Description: The issue allows XPath injection and code execution in the ruby-saml gem because prepared statements are not used. This is related to the xml security.rb file. Recommendations: For versions...