16 matches found
CVE-2019-12991
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation issue 5 of 6...
EUVD-2024-43356
Malicious code in bioql PyPI...
EUVD-2025-19189
Malicious code in bioql PyPI...
EUVD-2025-10632
Malicious code in bioql PyPI...
CVE-2025-52937
Vulnerability in PointCloudLibrary PCL surface/src/3rdparty/opennurbs modules. This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib WITHSYSTEMZLIB=FALSE...
CVE-2023-35040
Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6...
CVE-2025-4640
Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITHSYSTEMZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or...
CVE-2025-3131 ECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031
Cross-Site Request Forgery CSRF vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2...
CVE-2025-30567
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP01 WP01 wp01 allows Path Traversal.This issue affects WP01: from n/a through = 2.6.2...
CVE-2025-26985
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Majestic Support Majestic Support majestic-support allows PHP Local File Inclusion.This issue affects Majestic Support: from n/a through = 1.0.6...
CVE-2024-12916
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Agito Computer Life4All allows SQL Injection. This issue affects Life4All: before 10.01.2025...
CVE-2025-25153
Cross-Site Request Forgery CSRF vulnerability in djjmz Simple Auto Tag simple-auto-tag allows Stored XSS.This issue affects Simple Auto Tag: from n/a through = 1.1...
CVE-2025-23823
Cross-Site Request Forgery CSRF vulnerability in jprintf CNZZ&51LA for WordPress cnzz51la-for-wordpress allows Cross Site Request Forgery.This issue affects CNZZ&51LA for WordPress: from n/a through = 1.0.1...
CVE-2025-22552
Cross-Site Request Forgery CSRF vulnerability in bnielsen Affiliate Disclosure Statement affiliate-disclosure-statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through = 0.3...
CVE-2025-22693
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows SQL Injection.This issue affects Contest Gallery: from n/a through = 25.1.0...
CVE-2020-36829
The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...