Incorrect Authorization

Clerk is vulnerable to Incorrect Authorization. The vulnerability is due to improper request matching in createRouteMatcher, which allows an attacker to craft requests that bypass middleware protection and access downstream handlers...

CVE-2026-20069

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This...

WordPress plugin Import into Easy Property Listings 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is ...

Beward N100 安全漏洞

Beward N100 is an IP camera from the Russian company Beward. A security vulnerability exists in Beward N100 version M2.1.6, which stems from a lack of proper request validation and could lead to a cross-site request forgery attack...

GHSA-WCGJ-F865-C7J7 Improper Request Caching Lookup in the Auth0 Next.js SDK

Description When using affected versions of the Next.js SDK, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. Am I Affected? You are affected if you meet the following preconditions: - Applications using the auth0/nextjs-aut...

EUVD-2019-0995

Malware in sbrugna...

EUVD-2017-3388

Malware in sbrugna...

EUVD-2025-7453

Malicious code in bioql PyPI...

EUVD-2024-28054

Malicious code in bioql PyPI...

CVE-2025-54477 Joomla! Core - [20250902] User-Enumeration in passkey authentication method

Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method...

Gardyn 4 安全漏洞

Gardyn 4 is a home vertical hydroponic growing system from Gardyn USA. A security vulnerability exists in Gardyn 4 that stems from improper request handling and could lead to information disclosure and execution of arbitrary code...

The vulnerability of Websoft HCM’s automation software for HR processes lies in its inability to properly handle incoming requests, allowing attackers to disclose protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

X.Org X Server 安全漏洞

X.Org X Server is an X Window System display server from the X.Org Foundation. A security vulnerability exists in X.Org X Server that stems from improper request handling and could lead to a denial of service...

OctoPrint 安全漏洞

OctoPrint is an open source application from OctoPrint. It provides a fast web interface for controlling consumer 3D printers. A security vulnerability exists in OctoPrint 1.11.1 and earlier versions that stems from improper request handling and could lead to a denial of service...

The vulnerability of the Polarion ALM application lifecycle management software lies in its inability to properly handle incoming requests, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Polarion ALM application lifecycle management software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2024-56924

A Cross Site Request Forgery CSRF vulnerability in Code Astro Internet banking system 2.0.0 allows remote attackers to execute arbitrary JavaScript on the admin page pagesaccount, potentially leading to unauthorized actions such as changing account settings or stealing sensitive user information...

BOS IPCs SQL注入漏洞

BOS IPCs is a family of sensors from BOS. A SQL injection vulnerability exists in versions prior to BOS IPCs 21.45.8.2.3230220, which stems from improper handling of the request body and could lead to SQL injection...

CVE-2021-41554

ARCHIBUS Web Central 21.3.3.815 a version from 2014 does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.axvw,...

Improper Request Handling

http-proxy-middleware is vulnerable to Improper Request Handling. The vulnerability is due to improper request handling caused by fixRequestBody executing even when bodyParser has failed, which allows attackers to smuggle malicious HTTP requests...

PCMan FTP Server 安全漏洞

PCMan FTP Server is a server software for File Transfer Protocol FTP. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the failure of the DIR Command Handler module DIR Command Handler to properly handle a specific request. No detailed vulnerability details are provid...