417709 matches found
EUVD-2025-24827
Malicious code in bioql PyPI...
EUVD-2023-34498
Malicious code in bioql PyPI...
EUVD-2023-24069
Malicious code in bioql PyPI...
EUVD-2025-27990
Malicious code in bioql PyPI...
EUVD-2024-54366
Malicious code in bioql PyPI...
EUVD-2025-29456
Malicious code in bioql PyPI...
EUVD-2022-35082
Malicious code in bioql PyPI...
EUVD-2022-45013
Malicious code in bioql PyPI...
EUVD-2023-35115
Malicious code in bioql PyPI...
EUVD-2026-35506
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-29830
PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication...
EUVD-2026-29436
A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
EUVD-2026-28826
SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/type API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms...
EUVD-2026-28348
Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal...
EUVD-2026-28387
Weblate Vulnerable to Private Translation Enumeration via Screenshot API...
EUVD-2026-27502
In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Co...
EUVD-2026-26732
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
EUVD-2026-25930
When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14 per vendor advisory...
EUVD-2025-208089
A vulnerability identified in the Trellix HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerable Driver BYOVD was leveraged to gain access to the critical Windows process memory...
EUVD-2021-1139
Malware in sbrugna...
EUVD-2020-26234
Malware in sbrugna...
EUVD-2021-21511
Malware in sbrugna...
EUVD-2020-5759
Malware in sbrugna...
EUVD-2018-7738
Malware in sbrugna...
EUVD-2021-13806
Malware in sbrugna...
EUVD-2022-39469
Malicious code in bioql PyPI...
EUVD-2024-34446
Malicious code in bioql PyPI...
EUVD-2025-18398
Malicious code in bioql PyPI...
EUVD-2025-27058
Malicious code in bioql PyPI...
EUVD-2023-2055
Malicious code in bioql PyPI...
EUVD-2024-2335
Malicious code in bioql PyPI...
EUVD-2026-31383
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...
EUVD-2026-29849
Command injection vulnerabilities exist in the command line interface CLI service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying...
EUVD-2026-29470
Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...
EUVD-2026-29049
ATutor is vulnerable to Reflected XSS in /install/install.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...
EUVD-2025-209739
Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.execphp. NOTE: the Supplier disputes this because the API call is only available to admins and they are intentionally allowed to execute PHP code...
EUVD-2026-28245
When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...
EUVD-2026-26842
A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected element is an unknown function of the component Service Port 1338. Such manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. Upgrading to version 25.2 R3...
EUVD-2025-175330
Keycloak has debug default bind address...
EUVD-2025-35062
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of internal buffer li...
EUVD-2021-21417
Malware in sbrugna...
EUVD-2007-0051
Malware in sbrugna...
EUVD-2021-19451
Malware in sbrugna...
EUVD-2022-51509
Malicious code in bioql PyPI...
EUVD-2025-19328
Malicious code in bioql PyPI...
EUVD-2025-32043
Malicious code in bioql PyPI...
EUVD-2025-27838
Malicious code in bioql PyPI...
EUVD-2022-3656
Malicious code in bioql PyPI...
EUVD-2025-23144
Malicious code in bioql PyPI...
EUVD-2022-50373
Malicious code in bioql PyPI...