PT-2026-2310

Name of the Vulnerable Software and Affected Versions hermes versions 0.8.1 through 0.9.0 Description hermes, a software publication automation workflow, exhibits a flaw where subcommands accept arbitrary options through the -O argument. Providing sensitive data, such as API tokens e.g., via herm...

CVE-2024-2291

In Progress MOVEit Transfer versions released before 2022.0.11 14.0.11, 2022.1.12 14.1.12, 2023.0.9 15.0.9, 2023.1.4 15.1.4, a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which result...

EUVD-2017-15760

Malware in sbrugna...

EUVD-2009-4461

Malware in sbrugna...

EUVD-2019-17150

Malware in sbrugna...

EUVD-2016-10397

Malware in sbrugna...

EUVD-2025-11904

Malicious code in bioql PyPI...

EUVD-2025-17008

Malicious code in bioql PyPI...

EUVD-2024-41744

Malicious code in bioql PyPI...

EUVD-2024-19593

Malicious code in bioql PyPI...

EUVD-2022-3814

Malicious code in bioql PyPI...

EUVD-2022-52256

Malicious code in bioql PyPI...

CVE-2024-52680

EyouCMS 1.6.7 is vulnerable to Cross Site Scripting XSS in /login.php?m=admin&c=System&a=web&lang=cn...

PT-2025-30015 · Fortinet · Fortiisolator

Name of the Vulnerable Software and Affected Versions: FortiIsolator versions 2.3 through 2.4.4 Description: An improper access control issue exists in the logging component of FortiIsolator. A remote authenticated read-only attacker may be able to alter logs by sending a crafted HTTP request...

CVE-2025-53941

creationtimestamp| type| source ---|---|--- 2025-07-17 02:22:56+00:00| seen| https://bsky.app/profile/hollo.hollo.social.ap.brid.gy/post/3lu4uro24kpm2 2025-07-17 02:23:44+00:00| seen| https://bsky.app/profile/hollo.hollo.social.ap.brid.gy/post/3lu4ut6pad4m2 2025-07-17 02:25:35+00:00| seen|...

CVE-2025-53885

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the "Log to Console" operation and a template...

CVE-2025-53885 Directus doesn't redact sensitive user data when logging via event hooks

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the "Log to Console" operation and a template...

CVE-2025-53498 Lack of Audit Logging in AbuseFilter

Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2...

CVE-2025-53498

CVE-2025-53498 affects Wikimedia Foundation MediaWiki - AbuseFilter Extension. Affected: AbuseFilter extension versions 1.43.X before 1.43.2. Root cause: insufficient logging/audit trails potentially enabling data leakage (data leakage attacks). Impact: confidential data could be exposed due to l...

CVE-2025-53108

creationtimestamp| type| source ---|---|--- 2025-07-02 17:34:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsyqpptq552o...