EUVD-2016-4045

Malware in sbrugna...

EUVD-2024-39264

Malicious code in bioql PyPI...

EUVD-2025-8753

Malicious code in bioql PyPI...

CVE-2025-36082

IBM OpenPages 9.0 and 9.1 allows web page cache to be stored locally which can be read by another user on the system...

CVE-2025-36082

IBM OpenPages 9.0 and 9.1 allows web page cache to be stored locally which can be read by another user on the system...

CVE-2025-36082

CVE-2025-36082 affects IBM OpenPages 9.0 and 9.1, where web page cache can be stored locally and read by another user. Root cause: insecure caching behavior allowing sensitive data to linger in local caches. Impact: information disclosure on shared systems. Remediation: IBM released fixes to enfo...

IBM OpenPages 安全漏洞

IBM OpenPages is an AI-driven, highly scalable governance, risk and compliance GRC solution from International Business Machines IBM. A security vulnerability exists in IBM OpenPages versions 9.0 and 9.1, which stems from a web page cache that can be stored locally and read by other users of the...

CVE-2019-5454

SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account...

CVE-2025-3048

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

Improper Access Control

snowflake-connector-nodejs is vulnerable to Improper Access Control. The vulnerability is due to insufficient file permission checks due to an attacker with write access to the local cache directory being able to bypass temporary credential cache restrictions...

CVE-2025-24791

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...

NodeJS Driver for Snowflake 安全漏洞

NodeJS Driver for Snowflake is an open source NodeJS driver from Snowflake Computing. A security vulnerability exists in NodeJS Driver for Snowflake versions prior to 2.0.2, which stems from an attacker with write access to a local cache directory can bypass file permission checks in the temporar...

GO-2025-3376 JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh in github.com/MicahParks/jwkset

JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh in github.com/MicahParks/jwkset...

CVE-2025-22149

The CVE-2025-22149 issue affects the JWK Set Go implementation’s auto-caching HTTP client (github.com/MicahParks/jwkset). Before v0.6.0, the local JWK Set cache could overwrite or append during remote refresh instead of performing a full replacement, potentially leaving revoked keys usable if rem...

CVE-2025-22149 JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

JWK Set JSON Web Key Set is a JWK and JWK Set Go implementation. Prior to 0.6.0, the project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use...

JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key removal fr...

CVE-2024-41906

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache...

CVE-2024-41906

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache...