EUVD-2024-38437

Malicious code in bioql PyPI...

CVE-2025-8454

It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts a collection of scripts to make the life of a Debian Package maintainer easier, skips OpenPGP verification if the upstream source is already downloaded from a previous run even...

CVE-2025-33079

Summary of CVE-2025-33079 (IBM Controller information disclosure) Affected products: IBM Controller: version 11.1.0 (and IBM Cognos Controller 11.0.0 – 11.0.1). Root cause / vulnerability: An authenticated user could obtain sensitive credentials that may be inadvertently included within the sourc...

Russian Midnight Blizzard Hackers Breached Microsoft Source Code

By Deeba Ahmed Midnight Blizzard aka Cozy Bear and APT29 originally breached Microsoft on January 12, 2024. This is a post from HackRead.com Read the original post: Russian Midnight Blizzard Hackers Breached Microsoft Source Code...

MAL-2023-7303 Malicious code in tposintadget (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 09d7c9df1859042d6bf492ed412327a819ba78649e3175f7c9f05953d096b30c EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

CVE-2019-14468

GnuCOBOL 2.2 has a buffer overflow in cbpushop in cobc/field.c via crafted COBOL source code...

CVE-2017-2194

CVE-2017-2194 describes a cross-site scripting vulnerability in the Source code security studying tool iCodeChecker. The linked sources confirm this is a XSS issue (CWE-79) that allows an attacker to inject arbitrary web script or HTML, with the arbitrary script execution potentially affecting th...

CVE-2017-2194

Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

Silver Stripe CMS: source code security analysis report

Several vulnerabilities were discovered in SilverStripe Limited 'Silver Stripe CMS' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Incorrect Newlin...

Graudit - Find potential security flaws in source code using grep

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very...

Check Point Software Firewall-1 3.0/1 4.0/1 4.1 - Session Agent Dictionary Attack (1)

source: https://www.securityfocus.com/bid/1662/info A vulnerability exists in all versions of the Check Point Session Agent, part of Firewall-1. Session Agent works in such a way that the firewall will establish a connection back to the client machine. Upon doing so, it will prompt for a username...