34 matches found
EUVD-2021-23789
Malware in sbrugna...
EUVD-2019-5828
Malware in sbrugna...
EUVD-2020-0347
Malware in sbrugna...
EUVD-2007-5764
Malware in sbrugna...
EUVD-2020-25973
Malware in sbrugna...
EUVD-2025-22295
Malicious code in bioql PyPI...
EUVD-2023-12718
Malicious code in bioql PyPI...
EUVD-2023-59666
Malicious code in bioql PyPI...
EUVD-2024-1235
Malicious code in bioql PyPI...
EUVD-2024-27070
Malicious code in bioql PyPI...
EUVD-2023-58946
Malicious code in bioql PyPI...
EUVD-2024-1519
Malicious code in bioql PyPI...
CVE-2025-53908
RomM is affected by an authenticated path traversal vulnerability in the /api/raw endpoint. Versions prior to 3.10.3 and prior to 4.0.0-beta.3 are vulnerable. The issue can allow leakage of passwords and user data on systems with multiple users (including unprivileged users such as the kiosk user...
CVE-2024-8978
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.9 via the 'initcontentregisteruseremailcontrols' function. This makes it possib...
CVE-2023-34467
XWiki Platform is a generic wiki platform. Starting in version 3.5-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, the mail obfuscation configuration was not fully taken into account. While the mail displayed to the end user was obfuscated, the rest response was also containing...
CVE-2019-14667
Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due to the lack of filtration of user-supplied data in the transaction description field and the asset account name. The JavaScript code is executed during a convert transaction action...
CVE-2025-30223
Beego is an open-source web framework for the Go programming language. Prior to 2.3.6, a Cross-Site Scripting XSS vulnerability exists in Beego's RenderForm function due to improper HTML escaping of user-controlled data. This vulnerability allows attackers to inject malicious JavaScript code that...
CVE-2024-12858
Delta Electronics CNCSoft-G2 suffers from a buffer overflow caused by improper validation of the length of user-supplied data prior to copying it into a fixed-length heap-based buffer. Affects CNCSoft-G2 version 2.1.0.16 and earlier; exploitation could allow code execution in the current process ...
CVE-2025-27101 Broken Access Control in Opal filesystem's copy functionality exposes all user data
Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, when copying any parent directory to a folder in the /temp/ directory, all files in that parent directory are copied, including files which the user should not have access to. All users of t...
GHSA-95J3-435G-VJCP Leantime affected by Improper Neutralization of HTML Tags
Summary HTML can be arbitrarily injected into emails from Leantime due to improper neutralization of HTML tags in users' first names. This effectively allows for the creation of phishing emails from a Leantime instance's email address...