25 matches found
EUVD-2019-14200
Malware in sbrugna...
EUVD-2020-4141
Malware in sbrugna...
EUVD-2003-0634
Malware in sbrugna...
EUVD-1999-1339
Malware in sbrugna...
EUVD-2024-54648
Malicious code in bioql PyPI...
EUVD-2022-40652
Malicious code in bioql PyPI...
EUVD-2023-28654
Malicious code in bioql PyPI...
EUVD-2023-2834
Malicious code in bioql PyPI...
CVE-2025-6076 CVE-2025-6076
Partner Software's Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an authenticated attacker to upload a malicious file and compromise the device. By default, the software runs as SYSTEM, heightening the severity of the...
CVE-2025-32967
OpenEMR prior to version 7.0.3.4 has a logging oversight where password change events are not recorded in the client-side log viewer, weakening traceability and potentially enabling undetectable internal or external misuse. The vulnerability affects the OpenEMR EHR/PM application and is addressed...
CVE-2025-48373 Schule Has Client-Side Role-Based Access Control (RBAC) Bypass Vulnerability
Schule is open-source school management system software. The application relies on client-side JavaScript index.js to redirect users to different panels based on their role. Prior to version 1.0.1, this implementation poses a serious security risk because it assumes that the value of data.role is...
Microsoft Defender for Endpoint Elevation of Privilege Vulnerability
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...
PT-2025-19826 · Unknown · Phpgurukul Art Gallery Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Art Gallery Management System version 1.1 Description: A critical vulnerability was found in the PHPGurukul Art Gallery Management System. The issue affects an unknown function of the file /admin/add-art-medium.php. The manipulatio...
CVE-2025-31324
CVE-2025-31324 affects SAP NetWeaver Visual Composer Metadata Uploader (VCFRAMEWORK). Unauthenticated uploads to /developmentserver/metadatauploader allow remote code execution with SAP service user privileges (RCE in VCFRAMEWORK) and can compromise confidentiality, integrity, and availability. C...
CVE-2025-27491 Windows Hyper-V Remote Code Execution Vulnerability
...
CVE-2025-21316
Windows Kernel Memory Information Disclosure Vulnerability...
PT-2025-3761 · Unknown · Code-Projects Chat System
Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A critical issue has been found in the code-projects Chat System, affecting an unknown functionality of the file /admin/deleteroom.php. The manipulation of the id argument leads to SQL...
BIT-NODE-MIN-2024-22020
A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports...
Improper Access Control Allows deleting other users' reminders
Description Because the report I reported before was exploited on the public, I created a new report to exploit on the local machine The vulnerability allows users to delete other users' prompts on the system via the groupid parameter Proof of Concept const deletePromptController = async req, res...
Remote code execution
Windows Media Remote Code Execution Vulnerability...