DjangoBlog 安全漏洞

DjangoBlog is a blog system developed by liangliangyy using Django. Versions of DjangoBlog 2.1.0.0 and earlier have security vulnerabilities. These vulnerabilities stem from incorrect handling of the oauthid parameter in the oauth/views.py file, which may lead to improper authorization...

CVE-2024-26477

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazonsns, export endpoints...

PT-2025-48224

Name of the Vulnerable Software and Affected Versions Anyscale Ray version 2.52.0 Description Anyscale Ray 2.52.0 has a default configuration where token-based authentication for Ray management interfaces, including the dashboard and Jobs API, is disabled unless explicitly enabled by setting the...

EUVD-2018-0249

Malware in sbrugna...

EUVD-2025-24545

Malicious code in bioql PyPI...

INSTAR 2K+和INSTAR 4K 安全漏洞

INSTAR 2K+ and INSTAR 4K are both webcams from the German company INSTAR. A security vulnerability exists in INSTAR 2K+ and INSTAR 4K version 3.11.1 Build 1124, which originates from a buffer overflow due to manipulation of the Authorization parameter by the base64decode function of the fcgiserve...

D-Link DCS-5020L 安全漏洞

D-Link DCS-5020L is a DCS series IP camera from China AUO D-Link. The D-Link DCS-5020L suffers from a buffer overflow vulnerability, which originates from the parameter Authorization in the file /rame/ptdc.cgi that fails to correctly validate the length of the input data, which can be exploited b...

Unauthorized Access

Apache NiFi is vulnerable to Unauthorized Access. The vulnerability is due to missing fine-grained authorization checks during Process Group creation, allowing attackers to access Parameter Contexts, Controller Services, and Parameter Providers without proper permissions...

PT-2024-38924 · Unknown · Kitsada8621 Digital Library Management System

Name of the Vulnerable Software and Affected Versions: kitsada8621 Digital Library Management System version 1.0 Description: A vulnerability was found in the kitsada8621 Digital Library Management System. It has been classified as problematic and affects the function JwtRefreshAuth of the file...

LemonLDAP::NG Code Issue Vulnerability

LemonLDAP::NG is a web single sign-on and access management software. A code issue vulnerability exists in LemonLDAP::NG versions prior to 2.17.1. An attacker could use this vulnerability to send a GET request to an arbitrary URL via the requesturi authorization parameter...

K65355492: Apache vulnerability CVE-2018-5506

Security Advisory Description Apache modules apacheauthtokenmod and modauthf5authtoken.cpp allow possible unauthenticated bruteforce on the emserverip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager EM and managed...