411 matches found
EUVD-2025-18940
Malicious code in bioql PyPI...
EUVD-2024-41134
Malicious code in bioql PyPI...
Malicious code in @zalastax/nolb-react-tm (npm)
The package @zalastax/nolb-react-tm was found to contain malicious code...
MAL-2025-13808 Malicious code in @zalastax/nolb-react-tm (npm)
The package @zalastax/nolb-react-tm was found to contain malicious code...
MAL-2025-11021 Malicious code in @zalastax/nolb-cra-tm (npm)
The package @zalastax/nolb-cra-tm was found to contain malicious code...
Malicious code in @zalastax/nolb-cra-tm (npm)
The package @zalastax/nolb-cra-tm was found to contain malicious code...
PT-2025-26673 · Tarantool +1 · Tarantool +1
Name of the Vulnerable Software and Affected Versions: Tarantool versions up to 3.3.1 Description: A vulnerability has been found in the tm to datetime function in the library src/lib/core/datetime.c. The manipulation leads to a reachable assertion. Attacking locally is a requirement...
CVE-2025-49972
Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...
CVE-2025-49972
Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...
CVE-2025-49972 WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...
CVE-2025-49972 WordPress TM Replace Howdy plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in David Wood TM Replace Howdy tm-replace-howdy allows Cross Site Request Forgery.This issue affects TM Replace Howdy: from n/a through = 1.4.2...
CVE-2025-49972
CVE-2025-49972 concerns the WordPress plugin TM Replace Howdy (versions
WordPress plugin TM Replace Howdy 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2025-26340 · Unknown · Tm Replace Howdy
Name of the Vulnerable Software and Affected Versions: TM Replace Howdy versions 1.4.2 and earlier Description: A Cross-Site Request Forgery CSRF issue allows unauthorized actions to be performed on behalf of a user. This issue affects the TM Replace Howdy plugin, enabling Cross Site Request...
CVE-2024-44912
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem cryptotm.c...
CVE-2023-5230
The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'tmwoowishlisttable' shortcode in versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2022-34213
Jenkins Squash TM Publisher Squash4Jenkins Plugin 1.0.0 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2018-16987
Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code...
CVE-2010-3121
Buffer overflow in tm-console-bin in the DevonIT thin-client management tool might allow remote attackers to execute arbitrary code via unspecified vectors...
CVE-2025-47730
The TeleMessage archiving backend through 2025-05-05 accepts API calls to request an authentication token from the TM SGNL aka Archive Signal app with the credentials of logfile for the user and enRR8UVVywXYbFkqUQDPRkO for the password...