PT-2026-39592

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The Magic Link authentication flow lacks adequate rate limiting or resource control, allowing it to accept multiple invalid authentication requests. This leads t...

CVE-2025-66019

pypdf is a free and open-source pure-python PDF library. Prior to version 6.4.0, an attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This issue has been patch...

EUVD-2023-1019

Malicious code in bioql PyPI...

OpenStack Keystone Credential Leakage

OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforcescope is false. Users with a role on a project are able to view any other users' credentials,...

CVE-2020-10755

An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...

JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (Deployment)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...