11 matches found
EUVD-2026-42636
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, backend/openwebui/routers/terminals.py built the wsterminal upstream URL from an unencoded sessionid and appended userid as a query parameter, allowing query injection to make the terminal backe...
Malicious code in bolt-delivery-menu-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc39247db76b4edd80084e400324518739f141dafda621d368c3e5a9ac41f791 Package executes a DNS-based beacon at both install time package.json scripts.install runs node index.js and on every require of the module...
EUVD-2026-26054
When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions:...
curl: libcurl omits IPv6 zoneid from host identity and leaks credentials/cookies across scoped link-local realms
Summary: libcurl omits the IPv6 zoneid component from multiple security-sensitive host identity decisions even though the connection layer still routes by zoneid. As a result, two distinct scoped/link-local destinations such as fe80::X%zoneA and fe80::X%zoneB are treated as the same host by...
curl: HackerOne Vulnerability Report: libcurl SSL/TLS Identity Leakage via Insecure Connection Reuse
Summary libcurl contains a critical logic flaw in its connection reuse mechanism where transfers using the CURLOPTSSLCTXFUNCTION SSL context callback to establish a specific identity e.g., via client certificates can have their connections incorrectly reused by subsequent, unauthenticated transfe...
SUSE CVE-2002-1623
The design of the Internet Key Exchange IKE protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by 1 monitoring responses before the password is...
SAMSUNG Mobile devices telephony-common.jar 日志信息泄露漏洞
Samsung telephony-common.jar is a Telephony service for Samsung mobile devices that provides support for the Telephony Application Programming Interface TAPI. A local attacker with log access could exploit the vulnerability to obtain IMSI through device logs...
Researchers Uncover Novel Way to De-anonymize Device IDs to Users' Biometrics
Researchers have uncovered a potential means to profile and track online users using a novel approach that combines device identifiers with their biometric information. The details come from a newly published research titled "Nowhere to Hide: Cross-modal Identity Leakage between Biometrics and...
Researchers Uncover Novel Way to De-anonymize Device IDs to Users' Biometrics
Researchers have uncovered a potential means to profile and track online users using a novel approach that combines device identifiers with their biometric information. The details come from a newly published research titled "Nowhere to Hide: Cross-modal Identity Leakage between Biometrics and...
CVE-2017-5635
In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...
CVE-2017-5635
In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...