CVE-2026-40588 blueprintUE: Authenticated Password Change Does Not Verify Current Password

blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the password change form at /profile/slug/edit/ does not include a currentpassword field and does not verify the user's existing password before accepting a new one. Any attacker who obtains a valid authenticated session —...

CVE-2026-4427

Removed by vendor...

CVE-2023-50707

Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device...

CVE-2024-41687

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow...

CVE-2019-16133

An issue was discovered in eteams OA v4.0.34. Because the session is not strictly checked, the account names and passwords of all employees in the company can be obtained by an ordinary account. Specifically, the attacker sends a jsessionid value for URIs under app/profile/summary/...

CVE-2024-8527 ALC WebCTRL Carrier i-Vu Open Redirect via URL parameter

Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0, 8.0, 8.5, 9.0 may allow attackers to exploit user sessions...

PT-2025-47454

Name of the Vulnerable Software and Affected Versions Automated Logic WebCTRL and Carrier i-Vu versions 6.0 through 9.0 Description An open redirect exists due to a flaw in a URL parameter. This could allow attackers to exploit user sessions. Recommendations Versions 6.0 through 9.0 should be...

EUVD-2018-11866

Malware in sbrugna...

EUVD-2020-14753

Malware in sbrugna...

EUVD-2017-17840

Malware in sbrugna...

EUVD-2006-4204

Malware in sbrugna...

EUVD-2019-10452

Malware in sbrugna...

EUVD-2016-7499

Malware in sbrugna...

EUVD-2013-2193

Malware in sbrugna...

EUVD-2016-9512

Malware in sbrugna...

EUVD-2024-43149

Malicious code in bioql PyPI...

EUVD-2025-0057

Malicious code in bioql PyPI...

EUVD-2022-42726

Malicious code in bioql PyPI...

CVE-2025-48462 Login Session Exhaustion

Successful exploitation of the vulnerability could allow an attacker to consume all available session slots and block other users from logging in, thereby preventing legitimate users from gaining access to the product...

CVE-2025-0602

A stored Cross-site Scripting XSS vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...