EUVD-2020-29327

Malware in sbrugna...

CVE-2023-32111

In SAP PowerDesigner Proxy - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application...

CVE-2025-1212 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab

An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information...

CVE-2025-1212

Removed by vendor...

CVE-2025-24502

An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address...

ID4me does not validate signature or expiration

None...

CVE-2022-32137

In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required...

U.S. Dept Of Defense: Web Cache Poisoning on █████

Description: The web application https://████████ uses a web cache to more efficiently serve its pages to the users. An attacker can send a malformed request which the server caches the response of and sends it to the users. Impact An attacker can alter the web cache, making the web application...