200 matches found
Weblate leaks information via screenshots
Impact The screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. Patches https://github.com/WeblateOrg/weblate/pull/17516 References Thanks to Lukas May and Michael Leu...
CVE-2025-40933
Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely. Session ids are generated using an MD5 hash of the epoch time and a call to the built-in rand function. The epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is...
CVE-1999-0505
A Windows NT domain user or administrator account has a guessable password...
CVE-1999-0518
A NETBIOS/SMB share password is guessable...
CVE-1999-0521
An NIS domain name is easily guessable...
CVE-1999-0699
The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs...
CVE-1999-0503
A Windows NT local user or administrator account has a guessable password...
Photo booth flaw exposes people’s private pictures online
Photo booths are great. You press a button and get instant results. The same can’t be said, allegedly, for the security practices of at least one company operating them. A security researcher spent weeks trying to warn a photo booth operator about a vulnerability in its system. The flaw reportedl...
CVE-2025-11521
The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient validation of remote URLs for zip downloads and an easily guessable key in all versions up to, and including, 0.2. This makes it possible for unauthenticated attacke...
EUVD-2025-60923
The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient validation of remote URLs for zip downloads and an easily guessable key in all versions up to, and including, 0.2. This makes it possible for unauthenticated attacke...
CVE-2025-11521
The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient validation of remote URLs for zip downloads and an easily guessable key in all versions up to, and including, 0.2. This makes it possible for unauthenticated attacke...
CVE-2025-11521 Astra Security Suite – Firewall & Malware Scan <= 0.2 - Unauthenticated Arbitrary File Upload
The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient validation of remote URLs for zip downloads and an easily guessable key in all versions up to, and including, 0.2. This makes it possible for unauthenticated attacke...
EUVD-2019-2729
Malware in sbrugna...
EUVD-1999-0519
Malware in sbrugna...
EUVD-2020-6229
Malware in sbrugna...
EUVD-1999-0501
Malware in sbrugna...
EUVD-2020-0307
Malware in sbrugna...
EUVD-2019-2728
Malware in sbrugna...
EUVD-1999-0505
Malware in sbrugna...
EUVD-2001-0954
Malware in sbrugna...