Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update

Description The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them history.pushState'', '', '/'; document.forms0.submit; the response of the request above is 403, but the settings update still happens...

CVE-2022-22278

A vulnerability in SonicOS CFS Content filtering service returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service DoS attack...

PT-2021-3445 · Symfony +3 · Symfony +3

Name of the Vulnerable Software and Affected Versions: Symfony versions prior to 3.4 Description: The issue is related to information disclosure, allowing a remote attacker to gain unauthorized access to protected information. The vulnerability is caused by the ability to enumerate users without...

CVE-2015-1337

Simple Streams simplestreams does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 aka Forbidden response...

CVE-2015-1337

Simple Streams simplestreams does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 aka Forbidden response...