417626 matches found
EUVD-2023-25851
Malicious code in bioql PyPI...
EUVD-2025-10986
Malicious code in bioql PyPI...
EUVD-2023-23419
Malicious code in bioql PyPI...
EUVD-2024-36432
Malicious code in bioql PyPI...
EUVD-2023-28021
Malicious code in bioql PyPI...
EUVD-2025-14242
Malicious code in bioql PyPI...
EUVD-2022-3554
Malicious code in bioql PyPI...
EUVD-2023-0498
Malicious code in bioql PyPI...
EUVD-2022-5322
Malicious code in bioql PyPI...
EUVD-2023-33958
Malicious code in bioql PyPI...
EUVD-2025-11357
Malicious code in bioql PyPI...
EUVD-2025-32055
Malicious code in bioql PyPI...
EUVD-2024-54930
Malicious code in bioql PyPI...
EUVD-2022-28674
Malicious code in bioql PyPI...
EUVD-2022-3503
Malicious code in bioql PyPI...
EUVD-2022-51060
Malicious code in bioql PyPI...
EUVD-2024-44259
Malicious code in bioql PyPI...
EUVD-2022-0453
Malicious code in bioql PyPI...
EUVD-2022-3903
Malicious code in bioql PyPI...
EUVD-2024-43228
Malicious code in bioql PyPI...
EUVD-2021-31312
Malicious code in bioql PyPI...
EUVD-2024-2610
Malicious code in bioql PyPI...
EUVD-2022-7228
Malicious code in bioql PyPI...
EUVD-2025-31510
Malicious code in bioql PyPI...
EUVD-2025-25355
Malicious code in bioql PyPI...
EUVD-2025-23296
Malicious code in bioql PyPI...
EUVD-2022-3177
Malicious code in bioql PyPI...
EUVD-2021-34103
Malicious code in bioql PyPI...
EUVD-2023-29876
Malicious code in bioql PyPI...
EUVD-2022-42516
Malicious code in bioql PyPI...
EUVD-2022-5977
Malicious code in bioql PyPI...
EUVD-2023-32155
Malicious code in bioql PyPI...
EUVD-2025-18114
Malicious code in bioql PyPI...
EUVD-2020-8887
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
EUVD-2026-36733
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...
EUVD-2026-35843
CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this iss...
EUVD-2026-35735
Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...
EUVD-2026-32538
opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint default 0.0.0.0:9464 has no error handling around URL parsing, so a request with an invalid...
EUVD-2026-31615
A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...
EUVD-2026-30673
Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash...
EUVD-2026-30607
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP and OAuth authentication flows use a TOCTOU Time-of-Check-Time-of-Use pattern for first-user admin role assignment. The regular signup handler signuphandler in auths.py, line...
EUVD-2026-30578
phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl that allows authenticated users to inject JavaScript via malformed URLs in comments. Attackers can craft URLs with unescaped quotes to inject event handlers, stealing admin session cookies and achieving...
EUVD-2026-30559
Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...
EUVD-2026-30537
PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicious JavaScript code to the parameter whose value is processed by Node.js and subsequently executed...
EUVD-2025-209861
Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...
EUVD-2025-209859
Improper Control of Generation of Code 'Code Injection' vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion. This issue affects Library Automation System: from v.19.5 before v.22....
EUVD-2026-30290
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...
EUVD-2026-30113
Exposure of the QKEY used as input into the ‘OTA-Quantum’ device registration process and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03...
EUVD-2026-30020
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid bitfield RMW for claim/retune flags Move claimed and retune control flags out of the bitfield word to avoid unrelated RMW side effects in asynchronous contexts. The host-claimed bit shared a word with retune flag...
EUVD-2026-30024
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...