26 matches found
EUVD-2026-33251
The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmptempaccessajax AJAX action being registered with wpajaxnopriv and protected only by a nonce check using the...
EUVD-2010-3658
Malware in sbrugna...
EUVD-2022-1402
Malicious code in bioql PyPI...
EUVD-2025-10062
Malicious code in bioql PyPI...
CVE-2025-31486 Vite allows server.fs.deny to be bypassed with .svg or relative paths
Vite is a frontend tooling framework for javascript. The contents of arbitrary files can be returned to the browser. By adding ?.svg with ?.wasm?init or with sec-fetch-dest: script header, the server.fs.deny restriction was able to bypass. This bypass is only possible if the file is smaller than...
MAL-2024-1537 Malicious code in e2e-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2cc0de9f1d67d84da5e112a98d424fc366b573aa24bc68ac638ae8fdab9ef1f9 The OpenSSF Package Analysis project identified 'e2e-frontend' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-1530 Malicious code in frontend-datatable (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c7c2e13212e99fdaaa2039f7c837f80d08d0a6510e315a3db617cf16f49b477 The OpenSSF Package Analysis project identified 'frontend-datatable' @ 1.2.0 npm as malicious. It is considered malicious because: - The package...
CVE-2023-48860
TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code...
squid: Request/Response smuggling in HTTP/1.1 and ICAP
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
HTTP Request Smuggling
squid is vulnerable to HTTP Request Smuggling. The vulnerability is caused by lenient handling of chunked decoding, which could enable a remote attacker to conduct Request/Response smuggling beyond firewall and frontend security systems...
squid: Request/Response smuggling in HTTP/1.1 and ICAP
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
DEBIAN-CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
Design/Logic Flaw
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
squid: Request/Response smuggling in HTTP/1.1 and ICAP
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
RHEL 9 : squid (RHSA-2023:6266)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6266 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:...