418 matches found
EUVD-2015-2852
Malware in sbrugna...
EUVD-2020-27047
Malware in sbrugna...
EUVD-2013-6253
Malware in sbrugna...
EUVD-2019-17246
Malware in sbrugna...
EUVD-2017-11572
Malware in sbrugna...
EUVD-2010-0582
Malware in sbrugna...
EUVD-2023-39718
Malicious code in bioql PyPI...
EUVD-2021-8675
Malicious code in bioql PyPI...
EUVD-2022-25987
Malicious code in bioql PyPI...
EUVD-2024-51504
Malicious code in bioql PyPI...
EUVD-2023-38018
Malicious code in bioql PyPI...
EUVD-2021-30241
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2012-0647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture...
Hydra Network Logon Cracker 9.6
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus...
CVE-2012-10024 XBMC ≤ 11.0 Web Server Path Traversal
XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw ...
CVE-2025-46341
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, when the server is using HTTP auth via reverse proxy, it's possible to impersonate any user either via the Remote-User header or the X-WebAuth-User header by making specially crafted requests via the add feed functionality an...
CVE-2025-46341 Privilege escalation via SSRF when using HTTP auth
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, when the server is using HTTP auth via reverse proxy, it's possible to impersonate any user either via the Remote-User header or the X-WebAuth-User header by making specially crafted requests via the add feed functionality an...
CVE-2025-46341
FreshRSS before 1.26.2 is vulnerable to user impersonation via HTTP auth when behind a reverse proxy. An attacker who knows the proxied instance IP, the admin username, and has an account can craft requests through the add feed flow to obtain a CSRF token and impersonate other users using the Rem...
CVE-2025-46341 Privilege escalation via SSRF when using HTTP auth
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, when the server is using HTTP auth via reverse proxy, it's possible to impersonate any user either via the Remote-User header or the X-WebAuth-User header by making specially crafted requests via the add feed functionality an...
PT-2025-23856 · Freshrss · Freshrss
Name of the Vulnerable Software and Affected Versions: FreshRSS versions prior to 1.26.2 Description: FreshRSS is a self-hosted RSS feed aggregator. When the server is using HTTP auth via reverse proxy, it's possible to impersonate any user either via the Remote-User header or the X-WebAuth-User...