413604 matches found
EUVD-2020-7270
Malware in sbrugna...
EUVD-2026-19763
Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via /.cassandra/cqlshhistory local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description:...
EUVD-2025-9230
Malicious code in bioql PyPI...
EUVD-2026-29658
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-36367
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...
EUVD-2023-25265
Malicious code in bioql PyPI...
EUVD-2023-40615
Malicious code in bioql PyPI...
EUVD-2024-46576
Malicious code in bioql PyPI...
EUVD-2025-23677
Malicious code in bioql PyPI...
EUVD-2026-36269
MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...
EUVD-2023-0955
Malicious code in bioql PyPI...
EUVD-2023-28856
Malicious code in bioql PyPI...
EUVD-2021-30685
Malicious code in bioql PyPI...
EUVD-2025-24265
Malicious code in bioql PyPI...
EUVD-2025-24062
Malicious code in bioql PyPI...
EUVD-2021-34809
CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to...
EUVD-2025-13411
Malicious code in bioql PyPI...
EUVD-2022-6811
Malicious code in bioql PyPI...
EUVD-2022-6755
Malicious code in bioql PyPI...
EUVD-2026-29666
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...
EUVD-2026-28952
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...
EUVD-2025-27203
Malicious code in bioql PyPI...
EUVD-2025-24030
Malicious code in bioql PyPI...
EUVD-2022-29573
Malicious code in bioql PyPI...
EUVD-2026-10520
An Improper Control of Interaction Frequency vulnerability CWE-799 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to bypas...
EUVD-2021-1660
Malware in sbrugna...
EUVD-2024-2911
Malicious code in bioql PyPI...
EUVD-2025-27485
Malicious code in bioql PyPI...
EUVD-2022-3861
Malicious code in bioql PyPI...
EUVD-2023-0759
Malicious code in bioql PyPI...
EUVD-2024-54770
Malicious code in bioql PyPI...
EUVD-2026-36300
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow that runs after the unprivileged build workflow completes. The build workflow runs on pull requests, and the deploy workflow checks ou...
EUVD-2026-11645
Poseidon V1 variable-length input collision via implicit zero-padding...
EUVD-2025-5025
Malicious code in bioql PyPI...
EUVD-2022-2557
Malicious code in bioql PyPI...
EUVD-2025-22224
Malicious code in bioql PyPI...
EUVD-2022-4483
Malicious code in bioql PyPI...
EUVD-2026-30334
Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...
EUVD-2026-29845
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...
EUVD-2025-204037
Biopython is vulnerable to doctype XML external entity XXE injection through Bio.Entrez...
EUVD-2021-0471
Malware in sbrugna...
EUVD-2023-26134
Malicious code in bioql PyPI...
EUVD-2026-35723
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
EUVD-2026-30139
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
EUVD-2026-25588
Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking...
EUVD-2021-21837
Malware in sbrugna...
EUVD-2021-0262
Malware in sbrugna...
EUVD-2024-34998
Malicious code in bioql PyPI...
EUVD-2021-34805
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
EUVD-2026-1846
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...