1083 matches found
CVE-2025-31954 HCL iAutomate is susceptible to a sensitive information disclosure
HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see...
HCL iAutomate 安全漏洞
HCL iAutomate is a powerful and intelligent runbook automation product from HCL India. A security vulnerability exists in HCL iAutomate version v6.5.1 and v6.5.2, which stems from using the HTTP GET method to process a request and including sensitive information in the query string, which could...
PT-2025-45150
Name of the Vulnerable Software and Affected Versions HCL iAutomate versions 6.5.1 through 6.5.2 Description HCL iAutomate versions 6.5.1 and 6.5.2 have a sensitive information disclosure issue. The application uses an HTTP GET method to process requests, including sensitive information within th...
Fedora 43 : gi-docgen (2025-86cf4f2eed)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-86cf4f2eed advisory. gi-docgen 2025.5 - 2025-10-11 This is a security fix for CVE-2025-11687. The severity of this issue depends on what else is hosted on the same domain as the...
CVE-2025-62254
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...
GHSA-Q95H-87J6-273X Liferay Portal ComboServlet denial of service via large file combination
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...
Liferay Portal ComboServlet denial of service via large file combination
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...
CVE-2025-62254
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...
CVE-2025-62254
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...
CVE-2025-62254
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...
Fedora 42 : gi-docgen (2025-b4184a589e)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b4184a589e advisory. gi-docgen 2025.5 - 2025-10-11 This is a security fix for CVE-2025-11687. The severity of this issue depends on what else is hosted on the same domain as the...
GHSA-RPJR-PCMR-9PPW Alt Redirect: Potential Authentication Bypass by Spoofing through query-string stripping logic flaw
The Alt Redirect 1.6.3 addon for Statamic fails to consistently strip query string parameters when the "Query String Strip" feature is enabled. Case variations, encoded keys, and duplicates are not removed, allowing attackers to bypass sanitization. This may lead to cache poisoning, parameter...
EUVD-2025-33723
The Alt Redirect 1.6.3 addon for Statamic fails to consistently strip query string parameters when the "Query String Strip" feature is enabled. Case variations, encoded keys, and duplicates are not removed, allowing attackers to bypass sanitization. This may lead to cache poisoning, parameter...
Alt Redirect: Potential Authentication Bypass by Spoofing through query-string stripping logic flaw
The Alt Redirect 1.6.3 addon for Statamic fails to consistently strip query string parameters when the "Query String Strip" feature is enabled. Case variations, encoded keys, and duplicates are not removed, allowing attackers to bypass sanitization. This may lead to cache poisoning, parameter...
Improper Validation of Unsafe Equivalence in Input
Overview alt-design/alt-redirect is an Alt Redirect addon, add Redirects to your site Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input via handling of query string parameters when the "Query String Strip" feature is enabled. An attacker can...
CVE-2025-60868
The Alt Redirect 1.6.3 addon for Statamic fails to consistently strip query string parameters when the "Query String Strip" feature is enabled. Case variations, encoded keys, and duplicates are not removed, allowing attackers to bypass sanitization. This may lead to cache poisoning, parameter...
CVE-2025-60868
The Alt Redirect 1.6.3 addon for Statamic fails to consistently strip query string parameters when the "Query String Strip" feature is enabled. Case variations, encoded keys, and duplicates are not removed, allowing attackers to bypass sanitization. This may lead to cache poisoning, parameter...
CVE-2025-60868
The CVE-2025-60868 entry concerns the Alt Redirect 1.6.3 addon for Statamic. The vulnerability arises from incomplete query string parameter cleanup when the Query String Strip option is enabled: case variations, encoded keys, and duplicate parameters are not consistently removed, potentially ena...
EUVD-2013-2689
Malware in sbrugna...
EUVD-2006-0912
Malware in sbrugna...