417491 matches found
EUVD-2024-50519
Malicious code in bioql PyPI...
EUVD-2024-39560
Malicious code in bioql PyPI...
EUVD-2025-26346
Malicious code in bioql PyPI...
EUVD-2024-0289
Malicious code in bioql PyPI...
EUVD-2021-30064
Malicious code in bioql PyPI...
EUVD-2022-51716
Malicious code in bioql PyPI...
EUVD-2025-23144
Malicious code in bioql PyPI...
EUVD-2023-33556
Malicious code in bioql PyPI...
EUVD-2025-19921
Malicious code in bioql PyPI...
EUVD-2023-1208
Malicious code in bioql PyPI...
EUVD-2022-6864
Malicious code in bioql PyPI...
EUVD-2022-38189
Malicious code in bioql PyPI...
EUVD-2022-7123
Malicious code in bioql PyPI...
EUVD-2023-2203
Malicious code in bioql PyPI...
EUVD-2021-30821
Malicious code in bioql PyPI...
EUVD-2025-7270
Malicious code in bioql PyPI...
EUVD-2021-32802
Malicious code in bioql PyPI...
EUVD-2026-29911
Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud SaaS version. If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd wi...
EUVD-2026-29603
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
EUVD-2026-29443
The FastBots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
EUVD-2026-29445
Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...
EUVD-2026-29049
ATutor is vulnerable to Reflected XSS in /install/install.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...
EUVD-2026-29009
A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/salessave. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the...
EUVD-2021-34808
WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to inject arbitrary HTML code by exploiting the Help Text field in payment forms. Attackers can inject malicious HTML including image tags and scripts into the Help Text field during paymen...
EUVD-2026-28245
When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...
EUVD-2026-27815
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...
EUVD-2026-27096
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...
EUVD-2026-26895
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...
EUVD-2026-26806
Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...
EUVD-2026-26732
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
EUVD-2026-24461
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...
EUVD-2025-204614
FastAPI Users allows users to quickly add a registration and authentication system to their FastAPI project. Prior to version 15.0.2, the OAuth login state tokens are completely stateless and carry no per-request entropy or any data that could link them to the session that initiated the OAuth flo...
EUVD-2025-199922
HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3...
EUVD-2025-34454
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...
EUVD-2019-7057
Malware in sbrugna...
EUVD-2021-24216
Malware in sbrugna...
EUVD-2020-18370
Malware in sbrugna...
EUVD-2021-10024
Malware in sbrugna...
EUVD-2015-1953
Malware in sbrugna...
EUVD-2021-2394
Malware in sbrugna...
EUVD-2020-17931
Malware in sbrugna...
EUVD-2021-0760
Malware in sbrugna...
EUVD-2020-17093
Malware in sbrugna...
EUVD-2022-6165
Malicious code in bioql PyPI...
EUVD-2022-51839
Malicious code in bioql PyPI...
EUVD-2022-3656
Malicious code in bioql PyPI...
EUVD-2025-25398
Malicious code in bioql PyPI...
EUVD-2022-52727
Malicious code in bioql PyPI...
EUVD-2025-19743
Malicious code in bioql PyPI...
EUVD-2023-2620
Malicious code in bioql PyPI...