12 matches found
EUVD-2021-27208
Malware in sbrugna...
EUVD-2020-6527
Malware in sbrugna...
EUVD-2020-23865
Malware in sbrugna...
EUVD-2023-23346
Malicious code in bioql PyPI...
EUVD-2022-4970
Malicious code in bioql PyPI...
CVE-2025-53823
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...
CVE-2025-5987
CVE-2025-5987 affects libssh when using ChaCha20 with OpenSSL. Root cause: OpenSSL error codes alias with SSH_OK, causing libssh to miss detection of an error during ChaCha20-Poly1305 key setup, potentially leading to a partially initialized cipher context and undefined behavior that can compromi...
CVE-2025-5987 Libssh: invalid return code for chacha20 poly1305 with openssl backend
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
CVE-2022-46310
The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2020-14376
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying ivdata from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as syst...
jenkins-2-plugins/matrix-project: Stored XSS vulnerability in single axis builds tooltips
A flaw was found in the Matrix Project Plugin version 1.16 and prior. Node names shown in tooltips are not escaped on the overview page of builds with a single axis which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure permission for this...
CVE-2020-7941
A privilege escalation flaw was found in plone in versions 4.3 through 5.2.1. Users are allowed to PUT overwrite some content without needing write permissions. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...