417626 matches found
EUVD-2026-30584
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cartid and uses it to enter the payment flow without verifying cart ownership. A logged-in attacker can therefore reuse another...
EUVD-2026-30284
Verba is affected by a Stored Cross-Site Scripting XSS vulnerability within its login logging mechanism. When an unauthenticated remote attacker attempts to log in using an incorrect username and password combination, the supplied username value is recorded in the application logs. Due to lack of...
EUVD-2026-30009
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical...
EUVD-2026-29886
The MonsterInsights – Google Analytics Dashboard for WordPress Website Stats Made Easy plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability checks on the getadsaccesstoken and resetexperience functions in all versions up to, and including,...
EUVD-2026-29623
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
EUVD-2026-29401
The Quick Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' attribute of the 'qtbl' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
EUVD-2026-29398
The Fancy Image Show plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fancy-img-show shortcode in all versions up to, and including, 9.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
EUVD-2026-29157
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php. This issue affects Echo: from before 1.43.7, 1.44.4, 1.45.2...
EUVD-2026-28701
In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...
EUVD-2026-28417
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...
EUVD-2025-209716
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5...
EUVD-2026-28248
The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater Enterpris...
EUVD-2026-27390
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
EUVD-2026-27317
A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It is indicated that...
EUVD-2023-60563
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...
EUVD-2026-26836
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...
EUVD-2026-26802
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A hi...
EUVD-2026-20894
HashiCorp’s go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This vulnerability, CVE-2026-4660, is fixed in go-getter v1.8.6. This vulnerability does not affect the go-getter/v2 branch and package...
EUVD-2025-34919
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...
EUVD-2021-21472
Malware in sbrugna...
EUVD-2020-4557
Malware in sbrugna...
EUVD-2021-1067
Malware in sbrugna...
EUVD-2021-13814
Malware in sbrugna...
EUVD-2020-28714
Malware in sbrugna...
EUVD-2021-14575
Malware in sbrugna...
EUVD-2020-0257
Malware in sbrugna...
EUVD-2020-1478
Malware in sbrugna...
EUVD-2021-16785
Malware in sbrugna...
EUVD-2019-17172
Malware in sbrugna...
EUVD-2021-1565
Malware in sbrugna...
EUVD-2020-18810
Malware in sbrugna...
EUVD-2020-1452
Malware in sbrugna...
EUVD-2021-1350
Malware in sbrugna...
EUVD-2021-2548
Malware in sbrugna...
EUVD-2022-0961
Malicious code in bioql PyPI...
EUVD-2022-46510
Malicious code in bioql PyPI...
EUVD-2023-55083
Malicious code in bioql PyPI...
EUVD-2025-19856
Malicious code in bioql PyPI...
EUVD-2025-16627
Malicious code in bioql PyPI...
EUVD-2025-25464
Malicious code in bioql PyPI...
EUVD-2025-10910
Malicious code in bioql PyPI...
EUVD-2023-38330
Malicious code in bioql PyPI...
EUVD-2022-34531
Malicious code in bioql PyPI...
EUVD-2023-57531
Malicious code in bioql PyPI...
EUVD-2024-48866
Malicious code in bioql PyPI...
EUVD-2022-47659
Malicious code in bioql PyPI...
EUVD-2025-22780
Malicious code in bioql PyPI...
EUVD-2022-5169
Malicious code in bioql PyPI...
EUVD-2021-30152
Malicious code in bioql PyPI...
EUVD-2022-5425
Malicious code in bioql PyPI...