EUVD-2021-23369

Malware in sbrugna...

EUVD-2019-1723

Malware in sbrugna...

CVE-2021-36791

The datednews aka Dated News extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data...

PT-2024-25924 · O Ran · O-Ran Near-Rt Ric

Name of the Vulnerable Software and Affected Versions: O-RAN Near-RT RIC I-Release affected versions not specified Description: An issue was discovered in appmgr, allowing an attacker to register an unintended RMR message type during xApp registration, which could disrupt other service components...

Multiple vulnerabilities in Extension "Dated News" (dated_news)

The extension fails to properly encode user input for output in HTML context CVE-2021-36790 and contains a blind SQL injection vulnerability CVE-2021-36789. It is also possible to confirm various applications CVE-2021-36792 and thereby obtain all application registration data CVE-2021-36791...

CVE-2019-0996

A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to authorize applications, resulting in a cross-site request forgery. An attacker who successfully exploited this vulnerability could bypass OAuth protections and register an application on behalf of the...

Coinbase: Multiple Issues related to registering applications

On the page https://coinbase.com/oauth/applications, an authenticated coinbase user can create an application and successfully submit it to the app gallery. After submitting, the app is pending review to be approved. However, while the app is in review, the coinbase user can send a URL something...