21 matches found
Exploit for CVE-2025-11203
CVE-2025-11203 – LiteLLM Health Endpoint APIKEY Information D...
CVE-2026-1857 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' Parameter
The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.6.1. This is due to insufficient validation of the endpoint parameter in the getitems function of the GetResponse REST API handler. The endpoint's...
USN-7981-1: wlc vulnerabilities
It was discovered that wlc did not correctly handle SSL verification. An attacker could possibly use this issue to access sensitive resources. CVE-2026-22250 It was discovered that wlc did not correctly handle API keys. An attacker could possibly use this issue to leak API keys to a malicious...
EUVD-2019-17161
Malware in sbrugna...
EUVD-2023-50906
Malicious code in bioql PyPI...
CVE-2025-34062
The CVE affects OneLogin AD Connector before 6.1.5. A vulnerability exists in the /api/adc/v4/configuration endpoint where a valid directory_token (potentially obtainable from host registry keys or insecure logs) can yield a plaintext response that exposes sensitive credentials, including API key...
Exploit for Code Injection in Get-Simple Getsimple_Cms
CVE-2022-41544 Exploit Script This repository contains a scri...
Lobe Chat API Key Leak
Summary If an attacker can successfully authenticate through SSO/Access Code, they can obtain the real backend API Key by modifying the base URL to their own attack URL on the frontend and setting up a server-side request. Details The attack process is described above. PoC Frontend: 1. Pass basic...
CVE-2024-37895 API Key Leak in lobe-chat
Lobe Chat is an open-source LLMs/AI chat framework. In affected versions if an attacker can successfully authenticate through SSO/Access Code, they can obtain the real backend API Key by modifying the base URL to their own attack URL on the frontend and setting up a server-side request. This issu...
openSUSE: Security Advisory for python (openSUSE-SU-2023:0279-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for python (openSUSE-SU-2023:0334-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2023:0334-1 Security update for python-bugzilla
This update for python-bugzilla fixes the following issues: - Fixed potential API Key leak boo1215718...
PT-2023-35515 · Unknown · Python-Bugzilla
Name of the Vulnerable Software and Affected Versions: python-bugzilla affected versions not specified Description: The issue concerns a potential API Key leak. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
Security update for python-bugzilla (important)
openSUSE Security Update: Security update for python-bugzilla Announcement ID: openSUSE-SU-2023:0334-1 Rating: important References: 1215718 Affected Products: openSUSE Backports SLE-15-SP5 An update that contains security fixes can now be installed. Description: This update for python-bugzilla...
OPENSUSE-SU-2023:0279-1 Security update for python-bugzilla
This update for python-bugzilla fixes the following issues: - Fixed potential API Key leak boo1215718...
PT-2023-35511 · Unknown · Python-Bugzilla
Name of the Vulnerable Software and Affected Versions: python-bugzilla affected versions not specified Description: The issue concerns a potential API Key leak. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
Security update for python-bugzilla (important)
openSUSE Security Update: Security update for python-bugzilla Announcement ID: openSUSE-SU-2023:0279-1 Rating: important References: 1215718 Affected Products: openSUSE Backports SLE-15-SP4 An update that contains security fixes can now be installed. Description: This update for python-bugzilla...
FreeBSD : Gitlab -- Multiple vulnerabilities (16f7ec68-5cce-11ed-9be7-454b1dd82c64)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 16f7ec68-5cce-11ed-9be7-454b1dd82c64 advisory. - Gitlab reports: DAST analyzer sends custom request headers with every request Stored-XSS wit...
Potential leak of NuGet.org API key
Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 and .NET Core 3.1, NuGet NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat version range from 3.5.0 to 6.2.0. This advisory also provides guidance on what...
Information Disclosure
node-etsy-client is vulnerable to information disclosure. It leaks api key value secret through client error reports...