Lucene search
K

32 matches found

OSV
OSV
added 2026/06/24 7:41 p.m.2 views

OPENSUSE-SU-2026:21045-1 Security update for perl-libwww-perl

This update for perl-libwww-perl fixes the following issue - CVE-2026-8368: authorization and proxy-authorization headers are leaked on cross-origin redirects bsc1265156...

6.5CVSS5.8AI score0.00266EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.10 views

CVE-2026-8368 affecting package perl-libwww-perl for versions less than 6.83-1

CVE-2026-8368 affecting package perl-libwww-perl for versions less than 6.83-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS5.4AI score0.00266EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.8 views

Fedora 43 : perl-libwww-perl (2026-3b48ba7dc7)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3b48ba7dc7 advisory. Changes: 6.83 2026-05-12 11:41:48Z - LWP::UserAgent now strips Authorization and Proxy-Authorization headers on cross-origin redirects a different scheme,...

6.5CVSS5.5AI score0.00266EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/16 12:0 a.m.12 views

perl-libwww-perl-6.830.0-1.1 on GA media (moderate)

perl-libwww-perl-6.830.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10781-1 Rating: moderate Cross-References: CVE-2026-8368 CVSS scores: CVE-2026-8368 SUSE : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-8368 SUSE : 6...

6CVSS5.8AI score0.00266EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/12 3:16 p.m.12 views

CVE-2026-8368

LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...

6.5CVSS5.8AI score0.00266EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/12 2:1 p.m.15 views

CVE-2026-8368

LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...

6.5CVSS5.8AI score0.00266EPSS
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-8368 Malicious code in @leaffm/automatically-gen-script (npm)

The package @leaffm/automatically-gen-script was found to contain malicious code...

7.2AI score
Exploits0
Circl
Circl
added 2025/07/31 7:52 a.m.22 views

CVE-2025-8368

creationtimestamp| type| source ---|---|--- 2025-07-31 07:52:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvanptdwil2p...

6.1CVSS4.6AI score0.00491EPSS
Exploits1References1
NVD
NVD
added 2025/07/31 6:15 a.m.12 views

CVE-2025-8368

A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...

6.1CVSS0.00491EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/07/31 5:32 a.m.3 views

CVE-2025-8368 Portabilis i-Educar pesquisa_pessoa_lst.php cross site scripting

A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...

5.3CVSS4.3AI score0.00491EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/31 5:32 a.m.13 views

CVE-2025-8368 Portabilis i-Educar pesquisa_pessoa_lst.php cross site scripting

A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...

5.3CVSS0.00491EPSS
Exploits1References5
CVE
CVE
added 2025/07/31 5:32 a.m.20 views

CVE-2025-8368

CVE-2025-8368 affects Portabilis i-Educar 2.9. The vulnerability is a reflected cross-site scripting in the file /intranet/pesquisa_pessoa_lst.php, caused by manipulation of the argument campo_busca/cpf. It can be triggered remotely and, per the sources, the exploit has been publicly disclosed. M...

6.1CVSS4.5AI score0.00491EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 a.m.7 views

CVE-2019-8368

OpenEMR v5.0.1-6 allows XSS...

6.1CVSS6.9AI score0.46888EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:36 p.m.3 views

CVE-2024-8368

A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...

9.8CVSS7.2AI score0.00755EPSS
Exploits1References1
Circl
Circl
added 2024/09/01 7:46 a.m.7 views

CVE-2024-8368

creationtimestamp| type| source ---|---|--- 2024-09-01 07:46:00+00:00| seen| https://t.me/cvedetector/4581...

9.8CVSS7.3AI score0.00755EPSS
Exploits1References1
CVE
CVE
added 2024/09/01 5:0 a.m.65 views

CVE-2024-8368

The CVE-2024-8368 entry concerns code-projects Hospital Management System version 1.0, where the Login index.php component is vulnerable to SQL injection via the username parameter. This flaw could be exploited remotely and has been publicly disclosed. Root cause is an SQL injection in the handli...

9.8CVSS7.6AI score0.00755EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/01 5:0 a.m.13 views

CVE-2024-8368 code-projects Hospital Management System Login index.php sql injection

A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...

7.5CVSS7.3AI score0.00755EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/09/01 5:0 a.m.42 views

CVE-2024-8368 code-projects Hospital Management System Login index.php sql injection

A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...

7.5CVSS0.00755EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.26 views

Mitsubishi Electric MELSEC-Q QJ71E71 series Improper Synchronization (CVE-2016-8368)

An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to conne...

8.6CVSS7.9AI score0.02615EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/04/13 8:41 p.m.14 views

CVE-2020-8368

...

Exploits0
Rows per page
Query Builder