Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication due to improper validation of authentication tokens in the incus webui process. An attacker can gain unauthorized access to the user's Incus instances and potentially escalate privileges by interacting with the...

PT-2025-46162

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description A Cross-Site Request Forgery CSRF issue exists in the application, potentially allowing an attacker to cause an authenticated administrative user to perform actions witho...

EUVD-2024-41279

Malicious code in bioql PyPI...

EUVD-2025-14884

Malicious code in bioql PyPI...

PT-2023-31081 · Unknown · Teachpress

Name of the Vulnerable Software and Affected Versions: teachPress versions n/a through 9.0.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the us...

CVE-2022-2782

In affected versions of Octopus Server it is possible for a session token to be valid indefinitely due to improper validation of the session token parameters...

KLA10515 Multiple vulnerabilities in PHP and extensions

Multiple serious vulnerabilities have been found in PHP and extensions. Malicious users can exploit these vulnerabilities to cause denial of service or inject code. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be exploited remotely via a specially designed year...

Security Update For Exchange Server 2016 CU17 (KB4581424)

A Microsoft Exchange information disclosure exists in how tokens are validated when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user...