417925 matches found
EUVD-2026-29013
A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The explo...
EUVD-2026-29008
A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. Affected by this vulnerability is an unknown functionality of the file /inventory/purchasesave. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available a...
EUVD-2022-55975
WordPress Plugin cab-fare-calculator 1.0.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the controller parameter in tblight.php. Attackers can supply path traversal sequences through the controller GET parameter to...
EUVD-2026-28948
A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be...
EUVD-2025-209709
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...
EUVD-2026-28318
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL validation function that blocks dangerous SQL keywords e.g., pgreadfile, LOADFILE, dblink is applied on the collections:create and...
EUVD-2026-27382
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served. Earlier, unsupported Django series such as 5.0.x,...
EUVD-2026-26491
Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...
EUVD-2026-25595
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack require...
EUVD-2025-206132
In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists...
EUVD-2020-12149
Malware in sbrugna...
EUVD-2021-10036
Malware in sbrugna...
EUVD-2021-0669
Malware in sbrugna...
EUVD-2008-5420
Malware in sbrugna...
EUVD-2020-1192
Malware in sbrugna...
EUVD-2020-26572
Malware in sbrugna...
EUVD-2021-22257
Malware in sbrugna...
EUVD-2019-6082
Malware in sbrugna...
EUVD-2025-17352
Malicious code in bioql PyPI...
EUVD-2023-45177
Malicious code in bioql PyPI...
EUVD-2022-2658
Malicious code in bioql PyPI...
EUVD-2023-32094
Malicious code in bioql PyPI...
EUVD-2024-20887
Malicious code in bioql PyPI...
EUVD-2025-27665
Malicious code in bioql PyPI...
EUVD-2024-54655
Malicious code in bioql PyPI...
EUVD-2025-27227
Malicious code in bioql PyPI...
EUVD-2022-2081
Malicious code in bioql PyPI...
EUVD-2024-0448
Malicious code in bioql PyPI...
EUVD-2025-22763
Malicious code in bioql PyPI...
EUVD-2023-31858
Malicious code in bioql PyPI...
EUVD-2023-58182
Malicious code in bioql PyPI...
EUVD-2021-27530
Malicious code in bioql PyPI...
EUVD-2023-2924
Malicious code in bioql PyPI...
EUVD-2022-52771
Malicious code in bioql PyPI...
EUVD-2025-0007
Malicious code in bioql PyPI...
EUVD-2023-34787
Malicious code in bioql PyPI...
EUVD-2025-24243
Malicious code in bioql PyPI...
EUVD-2022-6354
PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users...
EUVD-2026-35679
Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
EUVD-2026-35318
In Micrometer, it is possible for a user to provide specially crafted gRPC requests that may cause a denial-of-service DoS condition. Affected versions: Micrometer 1.16.0 through 1.16.5; 1.15.0 through 1.15.11...
EUVD-2026-33831
A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...
EUVD-2026-33556
A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function scanmemorycontent of the file tools/memorytool.py. This manipulation causes injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used f...
EUVD-2026-30803
amazon-redshift-python-driver vulnerable to Remote Code Execution via eval Injection...
EUVD-2026-30963
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...
EUVD-2026-30712
A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...
EUVD-2026-30534
Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability...
EUVD-2026-30419
Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests to ticket endpoints. Attackers can exploit insufficient access control checks on the...
EUVD-2026-29685
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
EUVD-2026-29623
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
EUVD-2026-29587
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...