462 matches found
EUVD-2021-2455
Malware in sbrugna...
EUVD-2021-13869
Malware in sbrugna...
EUVD-2019-0360
Malware in sbrugna...
EUVD-2019-0006
Malware in sbrugna...
EUVD-2023-0593
Malicious code in bioql PyPI...
EUVD-2025-27607
Malicious code in bioql PyPI...
EUVD-2025-17714
Malicious code in bioql PyPI...
EUVD-2024-1641
Malicious code in bioql PyPI...
EUVD-2024-2766
Malicious code in bioql PyPI...
EUVD-2024-0365
Malicious code in bioql PyPI...
EUVD-2025-9533
Malicious code in bioql PyPI...
CVE-2025-54815
CVE-2025-54815 is a server‑side template injection (SSTI) vulnerability in PPress 0.0.9 (beta). The affected component is the template rendering used by themes, with the underlying issue described as SSTI that enables arbitrary code execution. Public references within the provided documents confi...
Exploit for CVE-2025-27210
This is a PoC exploit for CVE-2025-27210, a vulnerability in a N...
CVE-2025-9556 CVE-2025-9556
Langchaingo supports the use of jinja2 syntax when parsing prompts, which is in turn parsed using the gonja library v1.5.3. Gonja supports include and extends syntax to read files, which leads to a server side template injection vulnerability within langchaingo, allowing an attacker to insert a...
CVE-2025-35113
Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Users should upgrade to Agiloft Release 31...
Security Bulletin: IBM SOAR QRadar Plugin app for IBM QRadar SIEM includes components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible...
Linux Distros Unpatched Vulnerability : CVE-2023-5764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. Th...
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2025-1722)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-5398
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of a templating engine in all versions up to, and including, 3.10.2.1 due to insufficient output escaping on user data passed through the template. This mak...
CVE-2025-49142
Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configuration of the Jinja2 templating feature used in computed fields, custom links, etc. in Nautobot, a...