EUVD-2025-11864

Malicious code in bioql PyPI...

CVE-2025-23292

Summary : CVE-2025-23292 affects NVIDIA Delegated Licensing Service (DLS) for all appliance platforms. The vulnerability is a SQL injection in the DLS component that could allow an attacker to perform an unauthorized action, with potential partial denial of service affecting the UI. The CVSSv3.1 ...

CVE-2025-49081

There is an insufficient input validation vulnerability in the warehouse component of Absolute Secure Access prior to server version 13.55. Attackers with system administrator permissions can impair the availability of the Secure Access administrative UI by writing invalid data to the warehouse...

CVE-2025-30158 NamelessMC Forum iframe width/height abuse causing UI-based Denial of Service

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker ...

Concrete CMS 跨站请求伪造漏洞

PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. in the United States. Concrete CMS suffers from a cross-site request forgery vulnerability that allows an attacker to exploit the vulnerability to copy files, which can lead to an inconvenie...

CVE-2015-3336

Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENTSETTINGSTYPEFULLSCREEN and CONTENTSETTINGSTYPEMOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service UI disruption by constructing a crafted HTML document containing...

CVE-2015-3336

Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENTSETTINGSTYPEFULLSCREEN and CONTENTSETTINGSTYPEMOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service UI disruption by constructing a crafted HTML document containing...