371 matches found
CVE-2025-49594
XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Starting in version 2.17.1 and prior to version 2.18.2, anyone with VIEW access to a user profile can create a token for that user. If that XWiki instance is configured to allow token authentication, it allows...
EUVD-2018-14807
Malware in sbrugna...
EUVD-2010-5248
Malware in sbrugna...
EUVD-2019-2847
Malware in sbrugna...
EUVD-2001-0101
Malware in sbrugna...
EUVD-2006-6582
Malware in sbrugna...
EUVD-2006-2890
Malware in sbrugna...
EUVD-2014-6266
Malware in sbrugna...
EUVD-2016-8017
Malware in sbrugna...
Unity Linux 20.1070e Security Update: libsoup (UTSA-2025-984675)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984675 advisory. A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 Unauthorize...
EUVD-2025-1761
Malicious code in bioql PyPI...
EUVD-2022-2732
Malicious code in bioql PyPI...
net/http: Sensitive headers not cleared on cross-origin redirect in net/http
A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect...
CVE-2025-10599
A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...
CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection
A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...
Exploit for Improper Input Validation in Bsdi Bsd_Os
This repository appears to be a collection of old CVE Common Vulnerabilities and Exposures entries from 1999. The repository contains a series of markdown files, each describing a specific vulnerability, along with links to GitHub repositories that may contain proof-of-concept POC code or other...
EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2025-2146)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...
EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2025-2136)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...
OESA-2025-2279 libsoup3 security update
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: A denial-of-service vulnerability has been identified in the libso...
EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-2046)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...