CVE-2026-9558

A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...

CVE-2017-18385

cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores SEC-311...

CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

EUVD-2001-1441

Malware in sbrugna...

EUVD-2007-3674

Malware in sbrugna...

EUVD-2024-39172

Malicious code in bioql PyPI...

EUVD-2022-41580

Malicious code in bioql PyPI...

EUVD-2023-58745

Malicious code in bioql PyPI...

EUVD-2025-13506

Malicious code in bioql PyPI...

EUVD-2025-19741

Malicious code in bioql PyPI...

CVE-2025-27028

The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 can read the entire file system content, including files belonging to other users and having restricted access like, for example, the root password hash...

CVE-2025-6943

Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables...

CVE-2023-38685

Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the stab...

CVE-2019-0318

Under certain conditions SAP NetWeaver Application Server for Java Startup Framework, versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted...

CVE-2019-0391

Under certain conditions SAP NetWeaver AS Java corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 allows an attacker to access information which would otherwise be restricted...

CVE-1999-0753

The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories...

PT-2025-20813 · Unknown · Promotion Management Wizard

Name of the Vulnerable Software and Affected Versions: Promotion Management Wizard PMW affected versions not specified Description: The issue allows an attacker to access restricted information under certain conditions. This has a high impact on confidentiality, with a low impact on the integrity...

PT-2025-16489

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description Unauthenticated attackers can obtain restricted information about a user's smart device collections, also known as "rooms". Recommendations At the moment, there is no information about a newer...

Medium: haproxy

Issue Overview: Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain...

CVE-2022-48470

Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2022-42291 This vulnerability has been assigned a CVEID:CVE-2022-48470...