417966 matches found
EUVD-2025-208538
Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...
EUVD-2025-208240
DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting missing textarea rawtext element validation in the SAFEFORXML regex. Attackers can include closing rawtext tags like in attribute...
EUVD-2026-8800
Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers...
EUVD-2026-5878
In the Linux kernel, the following vulnerability has been resolved: perf: sched: Fix perf crash with new isusertask helper In order to do a user space stacktrace the current task needs to be a user task that has executed in user space. It use to be possible to test if a task is a user task or not...
EUVD-2026-5305
Missing Authorization vulnerability in WP connect WP Sync for Notion wp-sync-for-notion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sync for Notion: from n/a through = 1.7.0...
EUVD-2026-3411
Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...
EUVD-2026-2151
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
EUVD-2026-2183
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
EUVD-2026-1861
EUVD-2026-1861...
EUVD-2026-1462
Shakapacker has environment variable leak via EnvironmentPlugin that exposes secrets to client-side bundles...
EUVD-2026-0978
Insufficient Verification of Data Authenticity vulnerability in TECNO Mobile com.Afmobi.Boomplayer allows Authentication Bypass.This issue affects com.Afmobi.Boomplayer: 7.4.63...
EUVD-2024-55372
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...
EUVD-2025-205657
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.7.5...
EUVD-2022-55767
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...
EUVD-2025-205179
In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: fix potential resource leak in ssippnopen ssippnopen claims the HSI client's port with hsiclaimport. When hsiregisterportevent gets some error and returns a negetive value, the HSI client's port should be releas...
EUVD-2025-204710
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Notification rules, Open tickets module allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.5, from...
EUVD-2025-202339
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could lead to arbitrary code execution by a high priviledged attacker. Exploitation of this issue does not require user interaction and scope is changed...
EUVD-2025-201147
Malicious code in elf-stats-lanternlit-snowman-834 npm...
EUVD-2025-131914
N-central versions 2025.4 are vulnerable to an XML External Entities injection leading to information disclosure...
EUVD-2025-36668
An issue in NCR Atleos Terminal Manager ConfigApp v3.4.0 allows attackers to escalate privileges via a crafted request...
EUVD-2025-35851
Emoncms 11.7.3 is vulnerable to Cross Site in the input handling mechanism. This vulnerability allows authenticated attackers with API access to inject malicious JavaScript code that executes when administrators view the application logs...
EUVD-2025-35634
Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted...
EUVD-2025-35182
Koa is expressive middleware for Node.js using ES2017 async functions. In versions 2.16.2 to before 2.16.3 and 3.0.1 to before 3.0.3, a bypass to CVE-2025-8129 was discovered in the Koa.js framework affecting its back redirect functionality. In certain circumstances, an attacker can manipulate th...
EUVD-2025-34630
When a BIG-IP APM Access Policy is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2025-33236
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating...
EUVD-2010-1871
Malware in sbrugna...
EUVD-2020-28099
Malware in sbrugna...
EUVD-2021-0868
Malware in sbrugna...
EUVD-2017-3704
Malware in sbrugna...
EUVD-2021-15131
Malware in sbrugna...
EUVD-2010-3921
Malware in sbrugna...
EUVD-2021-0751
Malware in sbrugna...
EUVD-2001-0381
Malware in sbrugna...
EUVD-2021-2703
Malware in sbrugna...
EUVD-2006-6215
Malware in sbrugna...
EUVD-2017-14105
Malware in sbrugna...
EUVD-2021-2317
Malware in sbrugna...
EUVD-2019-1325
Malware in sbrugna...
EUVD-2008-2311
Malware in sbrugna...
EUVD-2018-15685
Malware in sbrugna...
EUVD-2021-0417
Malware in sbrugna...
EUVD-2018-14662
Malware in sbrugna...
EUVD-2018-8026
Malware in sbrugna...
EUVD-2008-4449
Malware in sbrugna...
EUVD-2008-1298
Malware in sbrugna...
EUVD-2020-29748
Malware in sbrugna...
EUVD-2019-2666
Malware in sbrugna...
EUVD-2020-11955
Malware in sbrugna...
EUVD-2021-2359
Malware in sbrugna...
EUVD-2020-30559
Malware in sbrugna...