PT-2026-32183

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Varnish Enterprise versions prior to 6.0.16r11 Description Varnish Cache and Varnish Enterprise are susceptible to a denial of service daemon panic due to a workspace overflow. This occurs when handling...

PT-2025-50765

Name of the Vulnerable Software and Affected Versions AnyDesk versions 7.0.15 and 9.0.1 Description AnyDesk versions 7.0.15 and 9.0.1 have an unquoted service path configuration. This allows local, non-privileged users to potentially run code with SYSTEM-level privileges. An attacker can exploit...

WordPress Mstore Mobile Multivendor plugin <= 9.0.1 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Mstore Mobile App versions = 9.0.1...

EUVD-2025-198490

The Mstoreapp Mobile App WordPress plugin through 2.08 and Mstoreapp Mobile Multivendor through 9.0.1 do not properly verify users identify when using an AJAX action, allowing unauthenticated users to retrieve a valid session for arbitrary users by knowing their email address...

EUVD-2021-1973

Malware in sbrugna...

EUVD-2019-2913

Malware in sbrugna...

EUVD-2014-6021

Malware in sbrugna...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-984995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984995 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and...

EUVD-2021-9810

Malicious code in bioql PyPI...

EUVD-2024-1566

Malicious code in bioql PyPI...

Malicious code in across-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9dcdfc6a9dc7db63bf70744266f75c8200349bb4332b36dbc8319caa1df15e31 The OpenSSF Package Analysis project identified 'across-toolkit' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...

Linux Distros Unpatched Vulnerability : CVE-2015-7013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service memory...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

...

MAL-2025-41274 Malicious code in nextjs14-approuter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73539e0dd962fbad2bd7a634bd17a7406d5df3f1c282a29c376d97121625b95f The OpenSSF Package Analysis project identified 'nextjs14-approuter' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...

Malicious code in nextjs14-approuter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73539e0dd962fbad2bd7a634bd17a7406d5df3f1c282a29c376d97121625b95f The OpenSSF Package Analysis project identified 'nextjs14-approuter' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...

Linux Distros Unpatched Vulnerability : CVE-2024-21239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0....

Linux Distros Unpatched Vulnerability : CVE-2024-21243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Telemetry. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and...

BIT-DOLIBARR-2024-5315 Multiple vulnerabilities in DOLIBARR's ERP CMS

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in...

mysql: MySQL Server: Optimizer Denial of Service Vulnerability

A flaw was found in MySQL Server: Optimizer. This vulnerability allows a high privileged attacker to cause a complete Denial of Service DOS via network access using multiple protocols...

mysql: InnoDB unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server execute...