355 matches found
net/http: Sensitive headers not cleared on cross-origin redirect in net/http
A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect...
CVE-2025-10599
A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...
CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection
A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...
Exploit for Improper Input Validation in Bsdi Bsd_Os
This repository appears to be a collection of old CVE Common Vulnerabilities and Exposures entries from 1999. The repository contains a series of markdown files, each describing a specific vulnerability, along with links to GitHub repositories that may contain proof-of-concept POC code or other...
EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2025-2136)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...
EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2025-2146)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...
OESA-2025-2279 libsoup3 security update
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: A denial-of-service vulnerability has been identified in the libso...
EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-2046)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...
EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-2015)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...
Linux Distros Unpatched Vulnerability : CVE-2021-4180
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this...
Linux Distros Unpatched Vulnerability : CVE-2020-29668
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string except one from an expired cookie as the cookie...
OESA-2025-2068 restic security update
restic is a backup program. It supports verification, encryption, snapshots and deduplication. Security Fixes: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.CVE-2025-4673...
OESA-2025-2067 restic security update
restic is a backup program. It supports verification, encryption, snapshots and deduplication. Security Fixes: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.CVE-2025-4673...
Malicious code in simple-stub-tree-nu-authenticate (npm)
The package simple-stub-tree-nu-authenticate was found to contain malicious code...
Malicious code in authenticate-log-lambda-double-notify (npm)
The package authenticate-log-lambda-double-notify was found to contain malicious code...
Malicious code in authenticate-enum-report-query-moon (npm)
The package authenticate-enum-report-query-moon was found to contain malicious code...
MAL-2025-14861 Malicious code in array-hash-view-balance-authenticate (npm)
The package array-hash-view-balance-authenticate was found to contain malicious code...
Malicious code in benchmark-epsilon-runtime-authenticate-slow (npm)
The package benchmark-epsilon-runtime-authenticate-slow was found to contain malicious code...
Malicious code in async-authenticate-iota-cron-table (npm)
The package async-authenticate-iota-cron-table was found to contain malicious code...
Malicious code in array-hash-view-balance-authenticate (npm)
The package array-hash-view-balance-authenticate was found to contain malicious code...