EUVD-2024-3112

Malicious code in bioql PyPI...

EUVD-2025-23894

Malicious code in bioql PyPI...

CVE-2025-53620

@builder.io/qwik-city is the meta-framework for Qwik. When a Qwik Server Action QRL is executed it dynamically load the file containing the symbol. When an invalid qfunc is sent, the server does not handle the thrown error. The error then causes Node JS to exit. This vulnerability is fixed in...

PT-2025-20110 · Unknown · Iulia Cazan Easy Replace Image

Name of the Vulnerable Software and Affected Versions: Iulia Cazan Easy Replace Image versions prior to 3.5.0 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability, which allows for Server Side Request Forgery. Recommendations: For versions prior to 3.5.0, update t...

openSUSE Security Advisory (SUSE-SU-2025:1434-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:1370-1 Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: - Update to version 0.0.20250422T181640 2025-04-22T18:16:40Z jscPED-11136 GO-2025-3603 GO-2025-3604 GO-2025-3607 GO-2025-3608 GO-2025-3609 GO-2025-3610 GO-2025-3611 GO-2025-3612 GO-2025-3615 GO-2025-3618 GO-2025-3619 GO-2025-3620...

CVE-2025-32428 Jupyter Remote Desktop Proxy makes TigerVNC accessible via the network and not just via a UNIX socket as intended

Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still...

CVE-2024-52812 LF Edge eKuiper has Stored XSS in Rules Functionality

LF Edge eKuiper is an internet-of-things data analytics and stream processing engine. Prior to version 2.0.8, auser with rights to modify the service e.g. kuiperUser role can inject a cross-site scripting payload into the rule id parameter. Then, after any user with access to this service e.g...

CVE-2024-57965

In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability...

PT-2023-27011 · Unknown · Clusterpro X +3

Name of the Vulnerable Software and Affected Versions: CLUSTERPRO X versions 5.1 and earlier EXPRESSCLUSTER X versions 5.1 and earlier CLUSTERPRO X SingleServerSafe versions 5.1 and earlier EXPRESSCLUSTER X SingleServerSafe versions 5.1 and earlier Description: The issue allows an attacker to log...

PT-2023-29129 · WordPress · Jesweb.Dev Anchor Episodes Index

Name of the Vulnerable Software and Affected Versions: jesweb.Dev Anchor Episodes Index Spotify for Podcasters plugin versions = 2.1.7 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For...

SUSE-SU-2018:4088-3 Security update for git

This update for git fixes the following issue: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949...

JVN#27417220 mysql-lists from AquaGardenSoft Co.,Ltd. vulnerable to cross-site scripting

mysql-lists from AquaGardenSoft Co.,Ltd. is software to show MySQL data on the web browser. mysql-lists contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the vendor...

[SA12994] PHPlist Unspecified Vulnerability

TITLE: PHPlist Unspecified Vulnerability SECUNIA ADVISORY ID: SA12994 VERIFY ADVISORY: http://secunia.com/advisories/12994/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: phplist 2.x http://secunia.com/product/2544/ DESCRIPTION: A vulnerability with an unknown impact h...