4547 matches found
CVE-2026-15183 Input Validation Vulnerabilities in Snowflake Spark Connector
Multiple input validation vulnerabilities in the Snowflake Spark Connector spark-snowflake versions prior to 3.2.1 can allow attackers to exfiltrate OAuth client credentials, execute arbitrary SQL with the connector's Snowflake role, or redirect COPY operations to attacker-controlled storage. An...
MantisBT < 2.25.2 - Cross-Site Scripting
MantisBT before 2.25.2 contains a cross-site scripting vulnerability in browsersearchplugin.php. The application does not properly sanitize the 'type' parameter, which allows attackers to inject arbitrary web script or HTML via a crafted URL. id: CVE-2022-28508 info: name: MantisBT 2.25.2 -...
EyouCMS 1.5.4 Open Redirect
EyouCMS 1.5.4 is vulnerable to an Open Redirect vulnerability. An attacker can redirect a user to a malicious url via the Logout function. id: CVE-2021-39501 info: name: EyouCMS 1.5.4 Open Redirect author: 0xAkoko severity: medium description: EyouCMS 1.5.4 is vulnerable to an Open Redirect...
Haraj 3.7 - Cross-Site Scripting
Haraj 3.7 contains a cross-site scripting vulnerability in the User Upgrade Form. An attacker can inject malicious script and thus steal authentication credentials and launch other attacks. id: CVE-2022-31299 info: name: Haraj 3.7 - Cross-Site Scripting author: edoardottt severity: medium...
Zimbra Collaboration Suite - Memcached Command Injection
Zimbra Collaboration Suite versions 8.8.15 and 9.0 contain a memcached command injection vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance, leading to cache poisoning and potential credential theft. id: CVE-2022-27924 info: name:...
PAN-OS - Reflected Cross-Site Scripting
A reflected cross-site scripting XSS vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link.The...
CVE-2026-55500
CVE-2026-55500 (9router) exposes a critical flaw in the /api/settings/database endpoint. The GET export returns the entire database, including plaintext API keys, OAuth tokens, and provider credentials, while POST can wipe-and-replace the database with attacker-controlled data. This bypasses auth...
Malicious code in polymarket-apis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd77c8861490c0b5607b4029f8f9e51f12efb83a6696fc51b953b0a3cde1356b The package impersonates the Polymarket brand name polymarket-apis, author polymarket but contains no Polymarket API integration. Its exported...
CVE-2026-31982
An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...
EUVD-2026-42532
An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...
CVE-2026-31982
The connected records identify CVE-2026-31982 as an Open Redirect vulnerability in SAML Single Sign-On affecting Guardian/CMC prior to version 26.2.0. The root cause is insufficient validation of a user-controlled redirection parameter in the SAML sign-in endpoint, enabling an unauthenticated att...
CVE-2026-31982
An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...
CVE-2026-31982 Open Redirect in SAML Single Sign-On in Guardian/CMC before 26.2.0
An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...
EUVD-2026-42514
During bosh create-env and bosh delete-env, the CLI uploads compiled CPI packages and rendered job templates to the new VM's DAV blobstore over HTTPS without verifying the server certificate, even though a CA certificate for that endpoint is available in the installation manifest. A network...
PT-2026-56709
Name of the Vulnerable Software and Affected Versions UAA versions prior to v78.13.0 Cf-deployment versions prior to v56.2.0 Description A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA. This allows the attack...
CVE-2026-59802 PasswordPusher < 2.8.1 - Redirect-Based XSS via data URI in URL Push Payload
PasswordPusher before 2.8.1 accepts data URI schemes in URL push payloads due to insufficient validation in the validurl function. Attackers can create malicious pushes containing data:text/html URIs that execute arbitrary JavaScript in victims' browsers when clicked, enabling phishing and...
Malicious code in paperclip-adapter-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49d1a6c5381f58370cbfedc2321bd44796eb4ea79541d967a661760d9759801 [email protected] executes a credential-theft and C2 backdoor automatically on import. The package's main re-exports...
CVE-2026-47828 - Missing TLS Certificate Verification in BOSH CLI Allows Root Code Execution via Man-in-the-Middle Credential Replay | Cloud Foundry
CVSS Score: High 8.9 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H CVSSv3: High 7.1 CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Vendor BOSH-Ecosystem / BOSH bosh-cli Versions Affected Severity is High unless otherwise noted. bosh-cli – All versions prior to v7.10.4 Description...
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign. The activity involves the exploitation of now-patched, critical security flaws in...
MAL-2026-7012 Malicious code in express-mongo-limit (npm)
The npm package express-mongo-limit masquerades as an Express/MongoDB payload sanitization middleware likely typosquatting express-mongo-sanitize but is a credential stealer, remote-code-execution backdoor, crypto clipboard hijacker, and screenshot spyware. It declares a postinstall: node index.j...