EUVD-2012-5941

Malware in sbrugna...

EUVD-2013-0547

Malware in sbrugna...

EUVD-2008-2136

Malware in sbrugna...

EUVD-2018-7733

Malware in sbrugna...

EUVD-2025-7271

Malicious code in bioql PyPI...

EUVD-2024-31713

Malicious code in bioql PyPI...

EUVD-2024-18070

Malicious code in bioql PyPI...

CVE-2025-20277

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper...

CVE-2020-5776

Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE via phpcli command is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI...

CVE-2024-10819 CSRF to XSS in binary-husky/gpt_academic

A Cross-Site Request Forgery CSRF vulnerability in version 3.83 of binary-husky/gptacademic allows an attacker to trick a user into uploading files without their consent, exploiting their session. This can lead to unauthorized file uploads and potential system compromise. The uploaded file can...

Mozilla Firefox Resource Closing or Releasing Improperly Vulnerability

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. Mozilla Firefox suffers from a resource shutdown or release improper...

UBUNTU-CVE-2024-23831

LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...

OpenClinic GA License Issue Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management and other functions. An authorization issue vulnerability exists in OpenClinic GA versions 5.09.02 and 5.89.05b, which can be exploited b...

CVE-2017-5622

With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other...

PHP < 4.4.5 / 5.2.1 _SESSION Deserialization Overwrite Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

phpBB <= 2.0.12 Change User Rights Authentication Bypass

Exploit for unknown platform in category web applications ======================================================== phpBB new ; my $cookiejar = HTTP::Cookies-new ; $browser-cookiejar $cookiejar ; $cookiejar-setcookie "0","phpbb2mysqldata", "a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3B...

mod_ssl and Apache_SSL modules contain a buffer overflow in the implementation of the OpenSSL "i2d_SSL_SESSION" routine

Overview There is a remotely exploitable buffer overflow in two modules that implement the Secure Sockets Layer SSL and Transport Layer Security TLS protocol. This can be used to execute arbitrary code. Description The Secure Sockets Layer SSL and Transport Layer Security TLS protocols are used t...