CVE-2025-59941 go-f3 is Vulnerable to Cached Justification Verification Bypass

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.8 and below, go-f3's justification verification caching mechanism has a vulnerability where verification results are cached without properly considering the context of the message. An attacker can bypass...

CVE-2023-37951

Jenkins mabl Plugin 0.0.46 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...

Open Redirect

github.com/go-gitea/gitea is vulnerable to open redirect. The vulnerability exists in RedirectToFirst function in context.go due to the presence of backslashes in the Locations which allows an attacker to parse malicious URLs to redirect the user...

SilverStripe CMS - Multiple HTML Injection Vulnerabilities

SilverStripe CMS - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/62782/info SilverStripe is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML or JavaScript code could run in th...