417692 matches found
EUVD-2026-30743
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
EUVD-2026-30502
Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...
EUVD-2026-30256
The Media Sync plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.9 via the 'subdir' and 'mediaitems' parameters. This is due to insufficient validation of user-supplied file paths, which are not checked for directory traversal sequences or restricted t...
EUVD-2024-55581
Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the APSmartAudio::loop, APSmartAudio, APSmartAudio.cpp components...
EUVD-2026-29914
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.9.9. This is due to the getcourseidby function unconditionally trusting the user-supplied course GET parameter as the authoritative course ...
EUVD-2026-29442
Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042...
EUVD-2025-209754
A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page...
EUVD-2026-28604
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue why Need to add function hook check before use...
EUVD-2026-28261
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...
EUVD-2026-28184
OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptKey configuration and blank callback tokens fail open instead of rejecting requests, enabling...
EUVD-2026-27783
In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...
EUVD-2026-27301
The Betheme theme for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 28.4. This is due to the uploadicons function workflow moving and unzipping user-controlled ZIP files into a public uploads directory without validating extracted file types. This makes it...
EUVD-2026-27025
D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...
EUVD-2026-24165
Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL...
EUVD-2026-22855
Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules.This issue affects BC-JAVA: before 1.84. Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion...
EUVD-2026-20117
The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in versions up to and including 2.1.7. This is due to insufficient webhook signature verification in the handlewebhook function. The...
EUVD-2026-11486
A weakness has been identified in OpenAkita up to 1.24.3. This impacts the function run of the file src/openakita/tools/shell.py of the component Chat API Endpoint. Executing a manipulation of the argument Message can lead to os command injection. The attack is restricted to local execution. The...
EUVD-2025-205317
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and...
EUVD-2025-34727
HCL BigFix Modern Client Management MCM 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy CSP. An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content...
EUVD-2025-34512
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.0. This is due to the plugin assigning the editor role by default. While limitations with respect to capabiliti...
EUVD-2018-0090
Malware in sbrugna...
EUVD-2021-27080
Malware in sbrugna...
EUVD-2021-11128
Malware in sbrugna...
EUVD-2020-12698
Malware in sbrugna...
EUVD-2021-1894
Malware in sbrugna...
EUVD-2021-0519
Malware in sbrugna...
EUVD-2020-24961
Malware in sbrugna...
EUVD-2021-11188
Malware in sbrugna...
EUVD-2021-1184
Malware in sbrugna...
EUVD-2006-6719
Malware in sbrugna...
EUVD-2020-5691
Malware in sbrugna...
EUVD-2020-24137
Malware in sbrugna...
EUVD-2018-4993
Malware in sbrugna...
EUVD-2021-1560
Malware in sbrugna...
EUVD-2020-0626
Malware in sbrugna...
EUVD-2021-26628
Malware in sbrugna...
EUVD-2025-13275
Malicious code in bioql PyPI...
EUVD-2023-50986
Malicious code in bioql PyPI...
EUVD-2023-0662
Malicious code in bioql PyPI...
EUVD-2024-1371
Malicious code in bioql PyPI...
EUVD-2022-28758
Malicious code in bioql PyPI...
EUVD-2025-30509
Malicious code in bioql PyPI...
EUVD-2023-33825
Malicious code in bioql PyPI...
EUVD-2024-47644
Malicious code in bioql PyPI...
EUVD-2025-24211
Malicious code in bioql PyPI...
EUVD-2022-43158
Malicious code in bioql PyPI...
EUVD-2025-32054
Malicious code in bioql PyPI...
EUVD-2024-30651
Malicious code in bioql PyPI...
EUVD-2023-43191
Malicious code in bioql PyPI...
EUVD-2024-54957
Malicious code in bioql PyPI...