99 matches found
CVE-2023-40771
SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function...
EUVD-2010-2239
Malware in sbrugna...
EUVD-2020-7868
Malware in sbrugna...
EUVD-2016-9566
Malware in sbrugna...
EUVD-2005-1028
Malware in sbrugna...
EUVD-2023-46914
Malicious code in bioql PyPI...
EUVD-2025-10931
Malicious code in bioql PyPI...
EUVD-2024-52432
Malicious code in bioql PyPI...
EUVD-2023-27058
Malicious code in bioql PyPI...
EUVD-2021-7850
Malicious code in bioql PyPI...
EUVD-2025-11714
Malicious code in bioql PyPI...
EUVD-2022-26168
Malicious code in bioql PyPI...
EUVD-2025-5065
Malicious code in bioql PyPI...
EUVD-2025-10932
Malicious code in bioql PyPI...
CVE-2025-52372
CVE-2025-52372 affects hMailServer v5.8.6. The issue allows a local attacker to obtain sensitive information via the files hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini. The provided documents do not specify the root cause beyond the files involved, nor a remediation o...
BIT-MOODLE-2024-45689 Moodle: unprotected access to sensitive information via dynamic tables
A flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access...
CVE-2025-39498
Insertion of Sensitive Information Into Sent Data vulnerability in Spotlight Spotlight - Social Media Feeds Premium allows Retrieve Embedded Sensitive Data.This issue affects Spotlight - Social Media Feeds Premium: from n/a through 1.7.1...
CVE-2024-48509
Learning with Texts LWT 2.0.3 is vulnerable to SQL Injection. This occurs when the application fails to properly sanitize user inputs, allowing attackers to manipulate SQL queries by injecting malicious SQL statements into URL parameters. By exploiting this vulnerability, an attacker could gain...
CVE-2023-35696
Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests...
CVE-2023-5710
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdconstants function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level...