53 matches found
EUVD-2022-26794
Malicious code in bioql PyPI...
EUVD-2021-30860
Malicious code in bioql PyPI...
EUVD-2022-2458
Malicious code in bioql PyPI...
EUVD-2022-15606
Malicious code in bioql PyPI...
EUVD-2023-38414
Malicious code in bioql PyPI...
EUVD-2024-43811
Malicious code in bioql PyPI...
CVE-2025-54584
GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...
CVE-2025-7227
INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-7095 Comodo Internet Security Premium Update certificate validation
A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of an atta...
CVE-2022-46503
A cross-site scripting XSS vulnerability in the component /admin/register.php of Online Student Enrollment System v1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected into the name parameter...
CVE-2011-4683
Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue."...
CVE-2009-5074
Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors...
CVE-2025-0539
In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication material allowing a suitably positioned attacker to compromise the account running Octopus Server and potentially the host infrastructure itself...
CVE-2024-39770
Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...
CVE-2025-23111
An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user that receives the survey into clicking on the field name, which redirects them to a phishing website...
CVE-2024-6720 Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF
The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
Command Execution Vulnerability in YonBIP of UFIDA Network Technology Corporation (CNVD-2024-34828)
YonBIP is a converged service group with the basic product form of digital intelligence platform + scene services in ten fields + large-scale ecology. A command execution vulnerability exists in YonBIP of UFIDA Network Technology Corporation, which can be exploited by an attacker to execute...
CVE-2023-28045
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data...
Joomla JKassa ShoppingCart 2.0.0 SQL Injection Vulnerability
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website :...
CVE-2021-43565
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server...