EUVD-2004-1580

Malware in sbrugna...

EUVD-2025-8871

Malicious code in bioql PyPI...

GO-2024-3014 ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel

ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...

PGP Signature Spoofing

openpgp is vulnerable to PGP Signature Spoofing. The vulnerability exists due to ignoring text before the hash: ... section. An attacker can append text to the start of of the line, which will appear as signed but the library ignores verifying it...

SUSE CVE-2020-13757

Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior such as by...

Gradle 数据伪造问题漏洞

Gradle is a set of JVM-based project building tools from the US company Gradle, which supports maven, Ivy repositories and more. A security vulnerability exists in Gradle versions prior to 7.5, which stems from the fact that dependency validation can ignore checksum validation when signature...

PT-2022-18841 · Jenkins · Jenkins Proxmox Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Proxmox Plugin versions 0.6.0 and earlier Description: The issue concerns the disabling of SSL/TLS certificate validation globally for the Jenkins controller JVM when the plugin is configured to ignore SSL/TLS issues. This affects the...

Tfsec - Security Scanner For Your Terraform Code

tfsec uses static analysis of your terraform templates to spot potential security issues. Now with terraform v0.12+ support. Example Output Installation Install with brew/linuxbrew: brew install tfsec Install with Chocolatey: choco install tfsec You can also grab the binary for your system from t...

Juniper Networks Junos OS Evolved Code Issue Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. Juniper Networks Junos OS Evolved has a security vulnerability that can be exploited by an attacker to bypass restrictions and escalate his privileges by ignoring logout-disconnect...

Design/Logic Flaw

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet containing the data will be ignored by...

CVE-2019-8233

In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an unauthenticated user can inject arbitrary JavaScript code as a result of the sanitization engine ignoring HTML comments...

Authentication flaw

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request...

SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2016:2904-1)

This update for sudo fixes the following security issues : - Fix two security vulnerabilities that allowed users to bypass sudo's NOEXEC functionality : - noexec bypass via system and popen CVE-2016-7032, bsc1007766 - noexec bypass via wordexp CVE-2016-7076, bsc1007501 - Fix unsafe handling of TZ...

Fedora 23 : ghostscript (2016-1c13825502)

This is a rebase of ghostscript package, to address several security issues : - CVE-2016-7977 - .libfile does not honor -dSAFER - CVE-2013-5653 - getenv and filenameforall ignore -dSAFER - CVE-2016-7976 - various userparams allow %pipe% in paths, allowing remote shell - CVE-2016-7978 - reference...

Aladdin Knowledge Systems eSafe Gateway 3.0 HTML tag Script-filtering Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2800/info eSafe Gateway is a security utility used for filtering internet content. It is possible to craft an html file that slips through eSafe Gateway's script filtering feature. eSafe Gateway will ignore scripting...

Fedora 13 : dhcp-4.1.1-27.P1.fc13 (2010-17303)

Thu Nov 4 2010 Jiri Popelka - 12:4.1.1-27.P1 - Fix for CVE-2010-3611 649880 - Wed Oct 13 2010 Jiri Popelka - 12:4.1.1-26.P1 - Server was ignoring client's Solicit where client included address/prefix as a preference 634842 - Tue Sep 7 2010 Jiri Popelka - 12:4.1.1-25.P1 - Hardening...

mIRC DCC Server Security Flaw

Good afternoon, There is an error in the impmelentation of the mIRC DCC server protocol. This venerability allows an attacker to obtain: 1 The victim's nickname. 2 Whether or not the victim is ignoring the attackers requests for a direct connection. 3 Information regarding the number of IRC serve...