417610 matches found
EUVD-2026-29933
The Avada Builder plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.15.2 via the 'fusiongetsvgfromfile' function with the 'customsvg' parameter of the 'fusionsectionseparator' shortcode. This makes it possible for authenticated attackers, with...
EUVD-2025-209808
An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed...
EUVD-2026-29396
The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...
EUVD-2026-28662
In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis: Fix NULL pointer dereference in adisinit The adisinit function dereferences adis-ops to check if the individual function pointers write, read, reset are NULL, but does not first check if adis-ops itself is NULL...
EUVD-2025-209734
Bitrix24 through 25.100.300 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged...
EUVD-2026-28323
The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduledoriginalfiledeletion function in all versions up to, and including, 4.5.2 Th...
EUVD-2026-27219
A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /printpdets.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...
EUVD-2026-27149
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...
EUVD-2026-26778
The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'sort' parameter in all versions up to, and including, 1.13.18. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. The escsql functi...
EUVD-2026-13267
OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the...
EUVD-2026-10523
A NULL Pointer Dereference vulnerability CWE-476 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker to crash the HTTP daemon via crafted HTTP...
EUVD-2026-10342
MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...
EUVD-2026-10207
A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could ...
EUVD-2026-8643
Basic FTP has Path Traversal Vulnerability in its downloadToDir method...
EUVD-2025-26490
Missing Authorization vulnerability in ThemeMove Makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through 1.8.5...
EUVD-2025-198625
A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...
EUVD-2025-34895
OpenBao has potential Denial of Service vulnerability when processing malicious unauthenticated JSON requests...
EUVD-1999-0978
Malware in sbrugna...
EUVD-2015-6196
Malware in sbrugna...
EUVD-2021-10014
Malware in sbrugna...
EUVD-2021-1649
Malware in sbrugna...
EUVD-2015-4602
Malware in sbrugna...
EUVD-2008-1062
Malware in sbrugna...
EUVD-2011-2775
Malware in sbrugna...
EUVD-2017-8864
Malware in sbrugna...
EUVD-2020-1224
Malware in sbrugna...
EUVD-2020-24137
Malware in sbrugna...
EUVD-2021-0871
Malware in sbrugna...
EUVD-2021-0372
Malware in sbrugna...
EUVD-2021-1313
Malware in sbrugna...
EUVD-2020-1419
Malware in sbrugna...
EUVD-2014-7796
Malware in sbrugna...
EUVD-2020-0155
Malware in sbrugna...
EUVD-2021-0028
Malware in sbrugna...
EUVD-2020-0273
Malware in sbrugna...
EUVD-2020-4247
Malware in sbrugna...
EUVD-2019-2657
Malware in sbrugna...
EUVD-2021-15132
Malware in sbrugna...
EUVD-2013-2110
Malware in sbrugna...
EUVD-2021-1001
Malware in sbrugna...
EUVD-2016-1559
Malware in sbrugna...
EUVD-2019-17243
Malware in sbrugna...
EUVD-2021-26628
Malware in sbrugna...
EUVD-2021-19778
Malware in sbrugna...
EUVD-2019-16815
Malware in sbrugna...
EUVD-2023-2477
Malicious code in bioql PyPI...
EUVD-2024-42276
Malicious code in bioql PyPI...
EUVD-2025-27212
Malicious code in bioql PyPI...
EUVD-2023-41186
Malicious code in bioql PyPI...
EUVD-2025-15004
Malicious code in bioql PyPI...