419039 matches found
EUVD-2026-8800
Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers...
EUVD-2026-5823
A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...
EUVD-2026-3209
HCL AION version 2 is affected by a Cacheable HTTP Response vulnerability. This may lead to unintended storage of sensitive or dynamic content, potentially resulting in unauthorized access or information disclosure...
EUVD-2026-2151
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
EUVD-2026-1861
EUVD-2026-1861...
EUVD-2026-1676
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
EUVD-2026-1209
A stored Cross-Site Scripting XSS vulnerability exists in Perch CMS version 3.2. An authenticated attacker with administrative privileges can inject malicious JavaScript code into the “Help button url” setting within the admin panel. The injected payload is stored and executed when any...
EUVD-2025-205274
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brownbagmarketing Greenhouse Job Board greenhouse-job-board allows DOM-Based XSS.This issue affects Greenhouse Job Board: from n/a through = 2.7.3...
EUVD-2025-205179
In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: fix potential resource leak in ssippnopen ssippnopen claims the HSI client's port with hsiclaimport. When hsiregisterportevent gets some error and returns a negetive value, the HSI client's port should be releas...
EUVD-2025-205018
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...
EUVD-2025-204396
Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow CAPEC-100 and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number...
EUVD-2025-204024
Memory corruption while loading an invalid firmware in boot loader...
EUVD-2025-201147
Malicious code in elf-stats-lanternlit-snowman-834 npm...
EUVD-2025-37882
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
EUVD-2025-36668
An issue in NCR Atleos Terminal Manager ConfigApp v3.4.0 allows attackers to escalate privileges via a crafted request...
EUVD-2025-35634
Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted...
EUVD-2025-35364
Vert.x-Web vulnerable to Stored Cross-site Scripting in directory listings via file names...
EUVD-2025-35594
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
EUVD-2025-35182
Koa is expressive middleware for Node.js using ES2017 async functions. In versions 2.16.2 to before 2.16.3 and 3.0.1 to before 3.0.3, a bypass to CVE-2025-8129 was discovered in the Koa.js framework affecting its back redirect functionality. In certain circumstances, an attacker can manipulate th...
EUVD-2025-33845
The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 0.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...
EUVD-2014-0227
Malware in sbrugna...
EUVD-2017-12020
Malware in sbrugna...
EUVD-2019-4111
Malware in sbrugna...
EUVD-2021-11564
Malware in sbrugna...
EUVD-2019-14741
Malware in sbrugna...
EUVD-2015-8684
Malware in sbrugna...
EUVD-2021-24341
Malware in sbrugna...
EUVD-2021-27176
Malware in sbrugna...
EUVD-2019-0706
Malware in sbrugna...
EUVD-2016-8272
Malware in sbrugna...
EUVD-2015-6256
Malware in sbrugna...
EUVD-2020-7320
Malware in sbrugna...
EUVD-2021-10270
Malware in sbrugna...
EUVD-2020-0848
Malware in sbrugna...
EUVD-2000-0749
Malware in sbrugna...
EUVD-2009-4198
Malware in sbrugna...
EUVD-2021-1708
Malware in sbrugna...
EUVD-2021-13805
Malware in sbrugna...
EUVD-2020-11856
Malware in sbrugna...
EUVD-2008-1298
Malware in sbrugna...
EUVD-2009-3599
Malware in sbrugna...
EUVD-2018-17965
Malware in sbrugna...
EUVD-2020-30210
Malware in sbrugna...
EUVD-2020-22729
Malware in sbrugna...
EUVD-2012-5092
Malware in sbrugna...
EUVD-2018-8026
Malware in sbrugna...
EUVD-2018-18811
Malware in sbrugna...
EUVD-2021-21855
Malware in sbrugna...
EUVD-2007-1975
Malware in sbrugna...
EUVD-2013-5539
Malware in sbrugna...