247 matches found
EUVD-2022-51676
Malicious code in bioql PyPI...
EUVD-2024-19724
Malicious code in bioql PyPI...
EUVD-2024-2692
Malicious code in bioql PyPI...
EUVD-2023-2771
Malicious code in bioql PyPI...
EUVD-2024-48679
Malicious code in bioql PyPI...
EUVD-2024-52234
Malicious code in bioql PyPI...
EUVD-2022-51286
Malicious code in bioql PyPI...
EUVD-2024-37287
Malicious code in bioql PyPI...
EUVD-2023-58306
Malicious code in bioql PyPI...
EUVD-2025-11526
Malicious code in bioql PyPI...
EUVD-2025-4647
Malicious code in bioql PyPI...
WordPress plugin Appointmind 跨站脚本漏洞
WordPress Appointmind plugin is an online appointment management plugin for WordPress, mainly used to embed the online appointment scheduling feature into posts or sidebars. WordPress Appointmind plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...
Unspecified Vulnerability in Microsoft Visual Studio Code (CNVD-2025-22193)
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Microsoft Visual Studio Code that originates from insufficiently filtered or validated user-supplied data and can be exploited by an attacker to remotely execute arbitrary code...
CVE-2025-8022
Rejected reason: Bun Shell does not invoke /bin/sh, or any other interpreter, for template literals created with the $ function. Each $… interpolation is treated as a single argument. The security responsibility for this usage pattern lies with the calling application, which must ensure the...
CVE-2025-24936
The web application allows user input to pass unfiltered to a command executed on the underlying operating system. The vulnerable component is bound to the network stack and the set of possible attackers extends up to and including the entire Internet. An attacker with low privileged access to th...
CVE-2025-49839
GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in bsroformer.py. The modelchoose variable takes user input e.g. a path to a model and passes it to the uvr function. In uvr, a new instance of...
CVE-2025-3753
A code execution vulnerability has been identified in the Robot Operating System ROS 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval function to process unsanitized, user-supplied input in the 'rosbag filter' command. This...
CVE-2025-49838 GHSL-2025-050: GPT-SoVITS Deserialization of Untrusted Data vulnerability
GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in vr.py AudioPreDeEcho. The modelchoose variable takes user input e.g. a path to a model and passes it to the uvr function. In uvr, a new instance o...
PT-2025-29300 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The Apache HTTP Server contains an issue due to unvalidated user input. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
CVE-2025-7363
The CVE-2025-7363 entry concerns the MediaWiki TitleIcon extension. Affected versions include 1.39.X before 1.39.13, 1.42.X before 1.42.7, and 1.43.X before 1.43.2. The root cause is un-sanitized input passed to the #titleicon_unicode parser function, wrapped in an HtmlArmor object and rendered i...