F5 Networks BIG-IP : iControl SOAP vulnerability (K000159021)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000159021 advisory. An authenticated iControl SOAP user may be able to obtain information of other accounts. CVE-2026-3506...

CVE-2018-25336 jCart for OpenCart 2.3.0.2 Cross-Site Request Forgery

jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HTML forms targeting endpoints , and to change user credentials, passwords, and affiliate account details...

EUVD-2026-29965

An authenticated iControl SOAP user may be able to obtain information of other accounts. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-35062 iControl SOAP vulnerability

An authenticated iControl SOAP user may be able to obtain information of other accounts. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-35062

An authenticated iControl SOAP user may be able to obtain information of other accounts. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2026-26530

A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects modulehashdecode in multiple Kerberos-related modules because accountinfolen is...

CVE-2026-28766

A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...

CVE-2026-28766

A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...

CVE-2026-28766

A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication...

PT-2026-30231

Name of the Vulnerable Software and Affected Versions Gardyn affected versions not specified Description A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication. Recommendations At the moment, there is no information about a newer...

CVE-2020-37007

Liman 0.7 contains a cross-site request forgery vulnerability that allows attackers to manipulate user account settings without proper request validation. Attackers can craft malicious HTML forms to change user passwords or modify account information by tricking logged-in users into submitting...

CVE-2021-33396

Cross Site Request Forgery CSRF vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php...

CVE-2020-12051

The CentralAuth extension through REL134 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query=globaluserinfo= request. In other words, the information can be retrieved via the action API even though access would be denied when simply...

CVE-1999-0198

finger .@host on some systems may print information on some user accounts...

EUVD-2018-8921

Malware in sbrugna...

EUVD-2007-5244

Malware in sbrugna...

EUVD-2014-1989

Malware in sbrugna...

EUVD-2018-3138

Malware in sbrugna...

EUVD-2020-4367

Malware in sbrugna...

EUVD-2021-24033

Malware in sbrugna...