25 matches found
PT-2026-55450
Name of the Vulnerable Software and Affected Versions dragonfly versions prior to 2.4.4 Description The Dragonfly Manager fails to enforce authentication on specific API endpoints, allowing unauthenticated network-reachable attackers to retrieve sensitive OAuth client secrets. The issue occurs...
CVE-2025-14844
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 3.2.16 via the 'rcpstripecreatesetupintentforsavedcard' function due to missing capability check. Additionally, the plugin does not check a user-controlled...
EUVD-2023-43431
Malicious code in bioql PyPI...
EUVD-2023-43439
Malicious code in bioql PyPI...
EUVD-2023-43432
Malicious code in bioql PyPI...
EUVD-2023-43434
Malicious code in bioql PyPI...
EUVD-2023-43436
Malicious code in bioql PyPI...
EUVD-2023-43433
Malicious code in bioql PyPI...
CVE-2024-53253
Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...
CVE-2023-39734
The leakage of the client secret in VISION MEAT WORKS TrackDiner10/10mc Line v13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
Line Security Breach
Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v.13.6.1, which originates from disclosing key credentials client secret to the client, allowing remote attackers to obtain the key...
CVE-2023-39739
The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39736
The leakage of the client secret in Fukunagamemberscard Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39737
The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39740
The leakage of the client secret in Onigiriya-musubee Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39740
The leakage of the client secret in Onigiriya-musubee Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39732
The leakage of the client secret in Tokueimaruwaiting Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39733
The leakage of the client secret in TonTon-Tei Line v13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39736
The leakage of the client secret in Fukunagamemberscard Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...
CVE-2023-39735
The leakage of the client secret in UomasaSaijinews Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages...