45 matches found
CVE-2025-13676
The JustClick registration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 0.1. This is due to insufficient input sanitization and output escaping on the PHPSELF server variable. This makes it possible for unauthenticated attackers to...
EUVD-2019-2265
Malware in sbrugna...
EUVD-2006-3579
Malware in sbrugna...
EUVD-2006-2825
Malware in sbrugna...
EUVD-2022-37509
Malicious code in bioql PyPI...
EUVD-2021-9628
Malicious code in bioql PyPI...
EUVD-2024-34305
Malicious code in bioql PyPI...
EUVD-2025-21444
Malicious code in bioql PyPI...
EUVD-2023-46515
Malicious code in bioql PyPI...
EUVD-2022-32930
Malicious code in bioql PyPI...
EUVD-2024-0709
Malicious code in bioql PyPI...
CVE-2025-5047 DGN File Parsing Uninitialized Variable Vulnerability
A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-22834 ThirdPartyVideo SetVariable Vulnerability
AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability...
Linux Distros Unpatched Vulnerability : CVE-2022-49001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: riscv: fix race when vmap stack overflow Currently, when detecting vmap stack overflow, risc...
CVE-2025-47281 Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
CVE-2025-48934
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to versions 2.1.13 and 2.2.13, the Deno.env.toObject method ignores any variables listed in the --deny-env option of the deno run command. When looking at the documentation of the --deny-env option this might lead to a false...
[SECURITY] [DLA 4181-1] glibc security update
Debian LTS Advisory DLA-4181-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton May 27, 2025 https://wiki.debian.org/LTS Package : glibc Version : 2.31-13+deb11u13 CVE ID : CVE-2025-4802 A flaw was discovered in the dynamic linking support in the GNU C Library, the C...
CVE-2021-21798
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code execution under the...
Autodesk 2025 < 2025.1.2 Multiple Vulnerabilities (AutoCAD) (adsk-sa-2025-0001)
The 2025 version of Autodesk AutoCAD installed on the remote Windows host is a version prior to 2025.1.2. It is, therefore, affected by multiple vulnerabilities: - A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A...
CVE-2025-1649
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...