8 matches found
CVE-2026-9242
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versions up to and including 6.0.8.6. This is due to the PayPal IPN callback handler...
CVE-2026-11832 Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce
Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable...
Roadiz Document base system 数据伪造问题漏洞
The Roadiz Document Base System is an open-source HTML template rendering system based on documents developed by Roadiz. Versions prior to 2.3.43, 2.5.45, 2.6.31, and 2.7.18 of the Roadiz Document Base System had data manipulation vulnerabilities. These vulnerabilities stemmed from the use of OID...
EUVD-2022-7637
Malicious code in bioql PyPI...
FreeBSD : p5-Authen-SASL -- Insecure source of randomness (defe9a20-781e-11f0-97c4-40b034429ecf)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the defe9a20-781e-11f0-97c4-40b034429ecf advisory. p5-Authen-SASL project reports: Authen::SASL::Perl::DIGESTMD5 versions 2.04 through 2.1800 for Perl...
SUSE CVE-2020-11945
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter a short integer. Remote code execution may occur if...
USN-4356-1 squid, squid3 vulnerabilities
Jeriko One discovered that Squid incorrectly handled certain Edge Side Includes ESI responses. A malicious remote server could cause Squid to crash, possibly poison the cache, or possibly execute arbitrary code. CVE-2019-12519, CVE-2019-12521 It was discovered that Squid incorrectly handled the...
RHEL 8 : squid:4 (RHSA-2020:2038)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2038 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid:...