EUVD-2012-5469

Malware in sbrugna...

EUVD-2017-12307

Malware in sbrugna...

EUVD-2023-26634

Malicious code in bioql PyPI...

EUVD-2022-36780

Malicious code in bioql PyPI...

EUVD-2022-28149

Malicious code in bioql PyPI...

GO-2025-3787 May leak sensitive information in logs when processing malformed data in github.com/go-viper/mapstructure

May leak sensitive information in logs when processing malformed data in github.com/go-viper/mapstructure...

MariaDB 10.11.0 < 10.11.12 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.11.12. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.11.12 advisory. - Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected a...

EulerOS 2.0 SP12 : python-requests (EulerOS-SA-2025-1197)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...

EulerOS 2.0 SP10 : python-requests (EulerOS-SA-2025-1012)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...

CVE-2024-12294

CVE-2024-12294 — The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to Sensitive Information Exposure via get_legacy_cookies, affecting all versions up to 1.0.1. Unauthenticated attackers can obtain titles and permalinks of private, password-protected, pending, and draft posts...

PT-2024-34141 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2024 November Security Update Ivanti Endpoint Manager versions prior to 2022 SU6 November Security Update Description: The issue allows a remote authenticated attacker with admin privileges to achieve...

PT-2024-4019 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2022 SU5 Description: The issue is related to a SQL Injection vulnerability in the GetVulnerabilitiesDataTable method of Ivanti Endpoint Manager, due to a lack of protection for the SQL query structur...

CVEfixes-db

This repository is an offensive tool for collecting and processing CVE Common Vulnerabilities and Exposures data. It is a Python-based tool that collects CVE data from various sources, including the National Vulnerability Database NVD and GitHub, and stores it in a SQLite database. The tool is...

SUSE-SU-2022:3983-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2022-39282: Fix to init data read by /parallel command line switch. bsc1204258 - CVE-2022-39283: Fix to prevent video channel from reading uninitialized data. bsc1204257...

CVE-2022-23040

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

Microsoft SharePoint Server 2013 < 15.0.5311.1000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source da...

Reboot of PunkSpider Tool at DEF CON Stirs Debate

Researchers will release a reboot of a controversial tool that crawls the web to identify back-end vulnerabilities in websites in the hopes that companies will quickly fix them and reduce security risks. However, experts have mixed feelings about the tool called PunkSpider, created by the analyti...

OPENSUSE-SU-2020:1752-1 Recommended update for mailman

This update for mailman to version 2.1.34 fixes the following issues: - The fix for lp1859104 can result in ValueError being thrown on attempts to subscribe to a list. This is fixed and extended to apply REFUSESECONDPENDING to unsubscription as well. lp1878458 - DMARC mitigation no longer misses ...

SUSE-SU-2019:1236-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBD...

DevAudit - Open-source, Cross-Platform, Multi-Purpose Security Auditing Tool

DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array of auditing capabilities that automate...