EUVD-2026-19657

Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, API keys with an expiresAt date are never validated against the current time during authentication. Any API key — regardless of its expiration date — is accepted indefinitely, allowing a user whose key has expire...

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

EUVD-2018-13779

Malware in sbrugna...

EUVD-2025-31225

Malicious code in bioql PyPI...

CVE-2025-10099

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educarusuariocad.php of the component Editar usuário Page. This manipulation of the argument email/datainicial/dataexpiracao causes cross site...

CVE-2025-4945

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

ROS-20240816-06

The vulnerability in OpenVPN software is related to the lack of resource release after the resource expires. the resource's expiration date. Exploitation of the vulnerability could allow an attacker to "save a session" even if the the server has been ordered to disconnect that client...

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

CVE-2024-34596

CVE-2024-34596 concerns Samsung SmartThings authentication. Multiple connected sources confirm an improper authentication flaw in SmartThings versions prior to 1.8.17 that allows remote attackers to bypass the owner-set expiration date for members. Affected software is Samsung SmartThings (SmartT...

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

security.txt Detection (HTTP)

Web Servers can use a file called security.txt to provide contact information for security researchers and other security related content. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

How to Tell When Your Phone Will Stop Getting Security Updates

Every smartphone has an expiration date. Here’s when yours will probably come...

FAQ | Azure client secrets and Citrix DaaS

General Queries on Azure client secrets and Citrix DaaS 1. If we were to modify the expiration date of application secret from DaaS console, then would it also update the new expiration date within the Azure portal? 2. The Citrix docs states that there would be an alert within the DaaS console...

CVE-2021-33020

Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key...

Design/Logic Flaw

Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key...

CVE-2021-33020 Philips Vue PACS Use of a Key Past its Expiration Date

Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key...