CVE-2025-71058

Dual DHCP DNS Server 8.01 improperly accepts and caches UDP DNS responses without validating that the response originates from a legitimate configured upstream DNS server. The implementation matches responses primarily by TXID and inserts results into the cache, enabling a remote attacker to inje...

EUVD-2020-9392

Malware in sbrugna...

DEBIAN-CVE-2024-32879

Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed b...

Python Social Auth 安全漏洞

Python Social Auth is an easy to set up social authentication/registration mechanism from Python Social Auth open source. Multiple frameworks and authentication providers are supported. A security vulnerability exists in Python Social Auth versions prior to 5.4.1 , which stems from the default...

CVE-2023-48296 OroPlatform's storefront user can access history and most viewed data from matching back-office user with the same ID

OroPlatform is a PHP Business Application Platform BAP. Navigation history, most viewed and favorite navigation items are returned to storefront user in JSON navigation response if ID of storefront user matches ID of back-office user. This vulnerability is fixed in 5.1.4...

Mozilla: Addons update must verify IDs match between current and new versions (MFSA 2016-89, MFSA 2016-90)

A flaw was found in the way Add-on update process was handled by Firefox. A Man-in-the-Middle attacker could use this flaw to install a malicious signed add-on update...

Fedora 23 : obs-signd-2.2.1-8.fc23 (2016-6e1892ba8e)

fix user id matching to provide unique results Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...