417223 matches found
EUVD-2020-7270
Malware in sbrugna...
EUVD-2026-19763
Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via /.cassandra/cqlshhistory local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description:...
EUVD-2026-35723
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
EUVD-2026-36269
MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...
EUVD-2025-9230
Malicious code in bioql PyPI...
EUVD-2026-25450
In the Linux kernel, the following vulnerability has been resolved: nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue completion for the same worker:- A. Async event work queued on...
EUVD-2026-36367
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...
EUVD-2026-29658
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-11519
A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function jsiteratorconcatreturn of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:...
EUVD-2026-35548
Improper link resolution before file access 'link following' in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally...
EUVD-2026-30334
Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...
EUVD-2024-54770
Malicious code in bioql PyPI...
EUVD-2022-29573
Malicious code in bioql PyPI...
EUVD-2025-6630
Malicious code in bioql PyPI...
EUVD-2026-9462
Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...
EUVD-2023-25265
Malicious code in bioql PyPI...
EUVD-2015-5479
Malware in sbrugna...
EUVD-2025-204037
Biopython is vulnerable to doctype XML external entity XXE injection through Bio.Entrez...
EUVD-2025-22233
Malicious code in bioql PyPI...
EUVD-2026-31247
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...
EUVD-2023-0955
Malicious code in bioql PyPI...
EUVD-2023-40615
Malicious code in bioql PyPI...
EUVD-2024-46576
Malicious code in bioql PyPI...
EUVD-2025-36134
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The exploit is now...
EUVD-2023-28856
Malicious code in bioql PyPI...
EUVD-2025-23677
Malicious code in bioql PyPI...
EUVD-2021-0927
Malware in sbrugna...
EUVD-2025-31021
Malicious code in bioql PyPI...
EUVD-2026-29666
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...
EUVD-2025-24265
Malicious code in bioql PyPI...
EUVD-2024-17095
Malicious code in bioql PyPI...
EUVD-2025-24062
Malicious code in bioql PyPI...
EUVD-2021-2577
Malware in sbrugna...
EUVD-2021-30685
Malicious code in bioql PyPI...
EUVD-2025-13411
Malicious code in bioql PyPI...
EUVD-2025-25062
Malicious code in bioql PyPI...
EUVD-2026-32920
TinyMCE Cross-Site Scripting XSS vulnerability using sanitization bypass through nested SVGs...
EUVD-2026-29033
Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...
EUVD-2021-34809
CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to...
EUVD-2026-10520
An Improper Control of Interaction Frequency vulnerability CWE-799 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to bypas...
EUVD-2020-17001
Malware in sbrugna...
EUVD-2022-51878
Malicious code in bioql PyPI...
EUVD-2026-35527
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
EUVD-2026-33577
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...
EUVD-2026-29955
Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...
EUVD-2024-33422
Malicious code in bioql PyPI...
EUVD-2018-4605
Malware in sbrugna...
EUVD-2024-27353
Malicious code in bioql PyPI...
EUVD-2022-6755
Malicious code in bioql PyPI...
EUVD-2026-32710
Keycloak has privilege escalation via improper scope mapping enforcement...