CVE-2025-31978 HCL BigFix Service Management (SM) does not adequately sanitize or safely render

HCL BigFix Service Management SM does not adequately sanitize or safely render spreadsheet files CSV, XLS, XLSX before processing or distributing them. An attacker could populate data fields which, when saved to a CSV file, may attempt information exfiltration or other malicious activity when...

CIC-Trap4Phish: A Unified Multi-Format Dataset for Phishing and Quishing Attachment Detection

Phishing attacks represents one of the primary attack methods which is used by cyber attackers. In many cases, attackers use deceptive emails along with malicious attachments to trick users into giving away sensitive information or installing malware while compromising entire systems. The...

PT-2026-3906

Name of the Vulnerable Software and Affected Versions Grist versions prior to 1.7.9 Description Grist is spreadsheet software that utilizes Python as its formula language. When configured to run formulas in the Pyodide sandbox GRIST SANDBOX FLAVOR set to pyodide, a crafted spreadsheet formula can...

EUVD-2013-0734

Malware in sbrugna...

EUVD-2023-26960

Malicious code in bioql PyPI...

EUVD-2025-12282

Malicious code in bioql PyPI...

EUVD-2025-8801

Malicious code in bioql PyPI...

EUVD-2025-14752

Malicious code in bioql PyPI...

EUVD-2025-24781

Malicious code in bioql PyPI...

EUVD-2023-52356

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-12626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bu...

Linux Distros Unpatched Vulnerability : CVE-2016-4434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE...

WordPress Plugin CF7 Spreadsheets Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin CF7 Spreadsheets 2.3.2 and prior version...

CVE-2025-50040

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Stored XSS.This issue affects CF7 Spreadsheets: from n/a through = 2.3.2...

CVE-2025-50040

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Stored XSS.This issue affects CF7 Spreadsheets: from n/a through = 2.3.2...

CVE-2025-50040 WordPress CF7 Spreadsheets Plugin <= 2.3.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Stored XSS.This issue affects CF7 Spreadsheets: from n/a through = 2.3.2...

CVE-2025-50040

CVE-2025-50040 is a stored XSS in the WordPress plugin CF7 Spreadsheets, up to version 2.3.2, caused by improper neutralization of input during web page generation. The vulnerability is authenticated (requires a user with at least low privileges and user interaction) and is rated with CVSS v3.1 b...

CVE-2025-50040 WordPress CF7 Spreadsheets Plugin <= 2.3.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Stored XSS.This issue affects CF7 Spreadsheets: from n/a through = 2.3.2...

PT-2025-33204 · Unknown · Moshensky Cf7 Spreadsheets

Name of the Vulnerable Software and Affected Versions: moshensky CF7 Spreadsheets versions through 2.3.2 Description: The vulnerability involves improper neutralization of input during web page generation, leading to a stored cross-site scripting XSS issue in moshensky CF7 Spreadsheets...

WordPress plugin CF7 Spreadsheets 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin CF7 Spreadsheets 2.3.2 and prior version...