85 matches found
CVE-2026-43897 Link Preview JS: vunerable to IPv6 and internal loopback attacks
Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1...
EUVD-2021-26046
Malware in sbrugna...
EUVD-2018-0013
Malware in sbrugna...
EUVD-2020-27049
Malware in sbrugna...
EUVD-2020-29351
Malware in sbrugna...
EUVD-2020-29355
Malware in sbrugna...
EUVD-2020-29353
Malware in sbrugna...
EUVD-2021-10373
Malware in sbrugna...
EUVD-2016-10512
Malware in sbrugna...
EUVD-2021-6559
Malicious code in bioql PyPI...
EUVD-2022-5891
Malicious code in bioql PyPI...
EUVD-2024-41747
Malicious code in bioql PyPI...
CVE-2025-24936
The web application allows user input to pass unfiltered to a command executed on the underlying operating system. The vulnerable component is bound to the network stack and the set of possible attackers extends up to and including the entire Internet. An attacker with low privileged access to th...
CVE-2024-12224
Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...
CVE-2023-41932
Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'...
Nextcloud Server Insecure Temporary File Creation Vulnerability (GHSA-q568-2933-gcjq)
Nextcloud Server is prone to an insecure temporary file creation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-3340
A vulnerability, which was classified as critical, has been found in codeprojects Online Restaurant Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/comboupdate.php. The manipulation of the argument ID leads to sql injection. The attack may be launche...
CVE-2024-55895 IBM InfoSphere Information Server information disclosure
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...
CVE-2020-8485
Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash...
CVE-2020-8484
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash...