CVE-2026-33314

pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, a Host Header Spoofing vulnerability in the @localcheck decorator allows unauthenticated external attackers to bypass local-only restrictions. This grants access to the Click'N'Load API endpoints,...

Origin Validation Error

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Origin Validation Error via the @localcheck decorator. An attacker can gain unauthorized access to restricted API endpoints by spoofing the Host header in...

KLA10430 RCE vulnerability in Free Download Manager

A lack of size assertion was found in Free Download Manager. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely at a point related to the download queue via a specially designed object name. Original advisories RCESecueity...

Microsoft IE 脚本错误处理内存破坏漏洞（MS07-057）

BUGTRAQ ID: 25916 CVECAN ID: CVE-2007-3893 Internet Explorer是微软的操作系统中所捆绑的WEB浏览器。 IE在处理文件下载队列时存在漏洞，恶意网站可能利用此漏洞控制用户系统。 在处理文件下载队列时，如果Internet Explorer处理了多个并行的启动文件下载尝试，就可能导致内存破坏，使用已经释放的对象。攻击者可以通过构建特制的网页来利用该漏洞。如果用户查看网页，该漏洞可能允许远程执行指令。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP1...