417864 matches found
EUVD-2026-10520
An Improper Control of Interaction Frequency vulnerability CWE-799 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to bypas...
EUVD-2021-30685
Malicious code in bioql PyPI...
EUVD-2025-1696
Malicious code in bioql PyPI...
EUVD-2024-33422
Malicious code in bioql PyPI...
EUVD-2026-33577
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...
EUVD-2025-209614
3onedata modbus gateway device model GW1101-1DRS-485-TB-P hardware version V2.2.0 allows authenticated users to execute arbitrary shell commands in the context of the root user by providing payload in the "IP address" field of the diagnosis test tools. This issue has been resolved in firmware...
EUVD-2020-17001
Malware in sbrugna...
EUVD-2026-35586
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
EUVD-2025-16317
Malicious code in bioql PyPI...
EUVD-2021-30844
Malicious code in bioql PyPI...
EUVD-2026-32710
Keycloak has privilege escalation via improper scope mapping enforcement...
EUVD-2026-8451
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 148...
EUVD-2021-10082
Malware in sbrugna...
EUVD-2018-4605
Malware in sbrugna...
EUVD-2024-27353
Malicious code in bioql PyPI...
EUVD-2022-6755
Malicious code in bioql PyPI...
EUVD-2022-6811
Malicious code in bioql PyPI...
EUVD-2026-33919
CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in full compromise of confidentiality, integrity, and availability of affected installations...
EUVD-2026-28952
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...
EUVD-2026-1846
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
EUVD-2023-12750
Malicious code in bioql PyPI...
EUVD-2026-30774
Dify version 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...
EUVD-2025-12184
Malicious code in bioql PyPI...
EUVD-2025-24030
Malicious code in bioql PyPI...
EUVD-2026-36300
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow that runs after the unprivileged build workflow completes. The build workflow runs on pull requests, and the deploy workflow checks ou...
EUVD-2021-34805
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
EUVD-2026-27825
Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
EUVD-2024-31641
Malicious code in bioql PyPI...
EUVD-2025-27485
Malicious code in bioql PyPI...
EUVD-2026-32987
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent...
EUVD-2026-26884
A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function childprocess.spawn of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit...
EUVD-2021-21610
Malware in sbrugna...
EUVD-2021-1660
Malware in sbrugna...
EUVD-2025-27203
Malicious code in bioql PyPI...
EUVD-2025-22224
Malicious code in bioql PyPI...
EUVD-2024-2911
Malicious code in bioql PyPI...
EUVD-2024-31886
Malicious code in bioql PyPI...
EUVD-2025-21001
Malicious code in bioql PyPI...
EUVD-2026-36526
Naxclow devices use a server-side, per-device relay credential that never rotates and is re-issued to the device on each boot. Because this credential remains valid indefinitely and cannot be reset or revoked by the legitimate owner, any party that obtains it through any exposure path can maintai...
EUVD-2026-35707
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...
EUVD-2026-35531
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
EUVD-2018-0172
Malware in sbrugna...
EUVD-2022-2557
Malicious code in bioql PyPI...
EUVD-2022-55291
Malicious code in bioql PyPI...
EUVD-2026-31205
A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticated network attacker who can reference a target workspace's...
EUVD-2026-29845
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...
EUVD-2026-11645
Poseidon V1 variable-length input collision via implicit zero-padding...
EUVD-2025-203538
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal User Avatar - Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar - Reloaded: from n/a through = 1.2.2...
EUVD-2006-1402
Malware in sbrugna...
EUVD-2023-0759
Malicious code in bioql PyPI...