414 matches found
PT-2025-44808
Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker versions 2.27.1 and below Description Mantis Bug Tracker is an open source issue tracker. A lack of server-side validation of note length allows attackers to permanently corrupt issue activity logs by submitting extremely lo...
EUVD-2025-37521
MantisBT unauthorized disclosure of private project column configuration...
Improper Authorization
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Improper Authorization due to insufficient access-level checks in the manageconfigcolumnspage.php. An attacker can retrieve configuration details from private projects by using the 'Copy From'...
MantisBT unauthorized disclosure of private project column configuration
Impact Due to insufficient access-level checks, any non-admin user having access to manageconfigcolumnspage.php typically project managers having MANAGER role can use the Copy From action to retrieve the columns configuration from a private project they have no access to. Access to the reverse...
EUVD-2025-37522
MantisBT lacks verification when changing a user's email address...
MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length
A lack of server-side validation for note length in MantisBT allows attackers to permanently corrupt issue activity logs by submitting extremely long notes tested with 4,788,761 characters. Once such a note is added: Impact - The entire activity stream becomes unviewable UI fails to render. - New...
PT-2025-44804
Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker versions 2.27.1 and below Description Mantis Bug Tracker is an open source issue tracker. When a user modifies their profile to update their email address, the system saves the change without verifying ownership. This can le...
EUVD-2016-2082
Malware in sbrugna...
EUVD-2004-1513
Malware in sbrugna...
EUVD-2013-1882
Malware in sbrugna...
EUVD-2024-43294
Malicious code in bioql PyPI...
EUVD-2024-1832
Malicious code in bioql PyPI...
EUVD-2024-1549
Malicious code in bioql PyPI...
EUVD-2024-1537
Malicious code in bioql PyPI...
EUVD-2023-2812
Malicious code in bioql PyPI...
EUVD-2023-0719
Malicious code in bioql PyPI...
CVE-2024-45792
Mantis Bug Tracker MantisBT is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profiles. This vulnerability is fixed in 2.26.4...
CVE-2024-34080
MantisBT Mantis Bug Tracker is an open source issue tracker. If an issue references a note that belongs to another issue that the user doesn't have access to, then it gets hyperlinked. Clicking on the link gives an access denied error as expected, yet some information remains available via the...
CVE-2023-22476
Mantis Bug Tracker MantisBT is an open source issue tracker. In versions prior to 2.25.6, due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can access to the Summary field of private Issues i.e. having Private view status, or belonging to a private Proje...
Mozilla Firefox Security Advisory (MFSA2025-28) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2025-28. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...