Exploit for Embedded Malicious Code in Tukaani Xz

xzdoor-poc !License: MIThttps://img.shields.io/badge/Lice...

PT-2025-41492

Name of the Vulnerable Software and Affected Versions Python Social Auth versions prior to 5.6.0 Description Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, a user could be associated by email during authentication even if the associate by email...

CVE-2025-50340

An Insecure Direct Object Reference IDOR vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email-sending request. The server fails to verify whether the authenticated...

PYSEC-2025-118

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...

UBUNTU-CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

CVE-2022-23350

BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting XSS vulnerability...