CVE-2026-10070

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...

CVE-2025-1813

A vulnerability classified as problematic was found in zj1983 zz up to 2024-08. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The...

CVE-2024-2900

A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. This affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflow. It is possible to initiate th...

EUVD-2024-27224

Malicious code in bioql PyPI...

EUVD-2024-49712

Malicious code in bioql PyPI...

EUVD-2024-48264

Malicious code in bioql PyPI...

EUVD-2023-54558

Malicious code in bioql PyPI...

EUVD-2025-5522

Malicious code in bioql PyPI...

EUVD-2024-51253

Malicious code in bioql PyPI...

EUVD-2024-55018

Malicious code in bioql PyPI...

EUVD-2024-46308

Malicious code in bioql PyPI...

EUVD-2025-5966

Malicious code in bioql PyPI...

EUVD-2025-12714

Malicious code in bioql PyPI...

EUVD-2024-16962

Malicious code in bioql PyPI...

CVE-2025-5163

The CVE-2025-5163 entry concerns yangshare warehouseManager (版本 1.0). The vulnerability is an improper access controls flaw introduced by a manipulation of the affected component, with remote initiation possible. Exploitation details are publicly disclosed, and the vendor is reportedly unresponsi...

CVE-2024-8075

A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about thi...

CVE-2024-12993

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...

CVE-2024-11491

A vulnerability was found in 115cms up to 20240807. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php/admin/web/useradmin.html. The manipulation of the argument ks leads to cross site scripting. The attack may be launched remotely. The...

CVE-2023-3791

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. Affected by this issue is the function actionExport of the file ?r=contact/default/export of the component Personal Office Address Book. The manipulation leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2023-2421

A vulnerability classified as problematic has been found in Control iD RHiD 23.3.19.0. Affected is an unknown function of the file /v2//add/department. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-227718 is the identifier...