125 matches found
PT-2026-54418
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Incorrect security UI in the Passwords feature allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by usi...
Apache Airflow allows code execution through crafted XCom payloads
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users are recommended to upgrade to Apache Airflow 3.2.0,...
Medium: python3-urllib3
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
CVE-2021-2392
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: BI Publisher Security. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2021-2316
Vulnerability in the Oracle HRMS France product of Oracle E-Business Suite component: French HR. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle HRMS France. Successful attack...
WordPress AH Shortcodes plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin AH Shortcodes versions = 1.0.2...
WordPress HR Management Lite plugin <= 3.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin HR Management Lite versions = 3.6...
CVE-2025-13635
Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
WordPress JB News Ticker plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin JB News Ticker versions = 1.0...
EUVD-2019-6175
Malware in sbrugna...
EUVD-2019-5998
Malware in sbrugna...
EUVD-2016-1740
Malware in sbrugna...
EUVD-2022-48024
Malicious code in bioql PyPI...
EUVD-2021-30801
Malicious code in bioql PyPI...
EUVD-2023-50114
Malicious code in bioql PyPI...
EUVD-2022-43121
Malicious code in bioql PyPI...
EUVD-2023-52553
Malicious code in bioql PyPI...
EUVD-2024-18875
Malicious code in bioql PyPI...
EUVD-2023-52492
Malicious code in bioql PyPI...
EUVD-2023-2687
Malicious code in bioql PyPI...