557 matches found
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...
PT-2026-7016
Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1., 2. before 2.0.7. Users are recommended to upgrade to version 2.0.7 or later, which fixes the issue. Prior to Shiro 2.0.7, code paths for non-existent vs. existing users are different enough, tha...
Updated python-flask-cors packages fix security vulnerabilities
Log Injection Vulnerability in corydolphin/flask-cors. CVE-2024-1681 Improper Access Control in corydolphin/flask-cors. CVE-2024-6221 Improper Regex Path Matching in corydolphin/flask-cors. CVE-2024-6839 Inconsistent CORS Matching Due to Handling of '+' in URL Path in corydolphin/flask-cors...
Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-9169)
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
JLSEC-2025-28 libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if ...
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
EUVD-2021-1513
Malware in sbrugna...
EUVD-2020-0357
Malware in sbrugna...
EUVD-2010-3093
Malware in sbrugna...
EUVD-2006-0766
Malware in sbrugna...
EUVD-2014-5189
Malware in sbrugna...
EUVD-2009-2157
Malware in sbrugna...
EUVD-2016-9461
Malware in sbrugna...
Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680628)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680628 advisory. @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee tha...
CVE-2025-59944 Cursor IDE: Sensitive File Overwrite Bypass is Possible
Cursor is a code editor built for programming with AI. Versions 1.6.23 and below contain case-sensitive checks in the way Cursor IDE protects its sensitive files e.g., /.cursor/mcp.json, which allows attackers to modify the content of these files through prompt injection and achieve remote code...
CVE-2025-59944
Cursor IDE versions 1.6.23 and earlier are affected by a vulnerability in how sensitive files are protected (notably /.cursor/mcp.json). The issue arises from case-sensitive checks that can be bypassed, allowing an attacker to modify sensitive files via prompt injection and achieve remote code ex...
EUVD-2024-2602
Malicious code in bioql PyPI...
EUVD-2024-17466
Malicious code in bioql PyPI...
EUVD-2022-5728
Malicious code in bioql PyPI...
EUVD-2024-0322
Malicious code in bioql PyPI...
EUVD-2025-24263
Malicious code in bioql PyPI...