EUVD-2021-11942

Malware in sbrugna...

EUVD-2021-11731

Malware in sbrugna...

EUVD-2021-11736

Malware in sbrugna...

EUVD-2022-33755

Malicious code in bioql PyPI...

EUVD-2023-12571

Malicious code in bioql PyPI...

EUVD-2024-16344

Malicious code in bioql PyPI...

CVE-2025-32795 Dify Allows Insecure User Role Access Control for APP Editing

Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in the DIFY where normal users are improperly granted permissions to edit APP names, descriptions and icons. This access control flaw allows non-admin users to modify app details, despite...

CVE-2025-32790

CVE-2025-32790 affects Dify versions 0.6.8 and earlier. The vulnerability allows normal users to export APP DSL via the /export feature due to insufficient access control. Root cause: improper permission checks enabling export without admin privileges. Documented impacts indicate potential exposu...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab Community Edition and GitLab...

CVE-2021-36826 WordPress WP Project Manager plugin <= 2.4.13 - Stored Cross-Site Scripting (XSS) vulnerability

Authenticated subscriber or higher user role if allowed to access projects Stored Cross-Site Scripting XSS vulnerability in weDevs WP Project Manager plugin = 2.4.13 versions...