CVE-2026-4364

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 allows certificate listings retrieved via a browser session to return a...

CVE-2025-12104

CVE-2025-12104 affects Azure Access Technology BLU-IC2 and BLU-IC4 (through version 1.19.5). Connected sources consistently attribute the issue to outdated and vulnerable UI dependencies in these devices. The root cause is the use of insecure UI components, with high-impact indicators (CVE record...

CVE-2025-12104 Incorrect Content-Type Header

Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12104 Incorrect Content-Type Header

Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

CVE-2025-12001 Incorrect Content-Type Header

Lack of application manifest sanitation could lead to potential stored XSS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

EUVD-2021-16193

Malware in sbrugna...

EUVD-2024-40003

Malicious code in bioql PyPI...

GO-2025-3888 Helm May Panic Due To Incorrect YAML Content in helm.sh/helm

Helm May Panic Due To Incorrect YAML Content in helm.sh/helm...

Next.js 环境问题漏洞

Next.js is a React framework open-sourced by Vercel. An environment issue vulnerability exists in Next.js versions prior to 15.3.0 through 15.3.3 and Vercel CLI versions 41.4.1 through 42.2.0, which stems from a cache contamination vulnerability that could result in the return of incorrect conten...

varnish: request smuggling attacks

A vulnerability was found in Varnish Cache. This vulnerability may allow request smuggling attacks, where a malicious actor can craft seemingly legitimate HTTP requests. This issue could result in an unspecified system caching incorrect content that can expose confidential information...

varnish: request smuggling attacks

A vulnerability was found in Varnish Cache. This vulnerability may allow request smuggling attacks, where a malicious actor can craft seemingly legitimate HTTP requests. This issue could result in an unspecified system caching incorrect content that can expose confidential information...

CVE-2023-42940

A session rendering issue was addressed with improved session tracking. This issue is fixed in macOS Sonoma 14.2.1. A user who shares their screen may unintentionally share the incorrect content...

CVE-2024-42180

HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files...

CVE-2024-42180

HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files...

CVE-2024-42180

CVE-2024-42180 affects HCL DRYiCE MyXalytics (HCL MyXalytics). The vulnerability is a malicious file upload issue where the application accepts invalid uploads (wrong content types, double extensions, null bytes, and special characters), enabling an attacker to upload and potentially execute mali...

CVE-2023-42940

A session rendering issue was addressed with improved session tracking. This issue is fixed in macOS Sonoma 14.2.1. A user who shares their screen may unintentionally share the incorrect content...

Apple macOS Sonoma Security Vulnerability

Apple macOS Sonoma is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma version 14.2.1, which originates from the possibility that users using a shared screen may inadvertently share incorrect content...

SUSE CVE-2006-0236

GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by Thunderbird, along with an...

CVE-2022-41919 Fastify vulnerable to Cross-Site Request Forgery (CSRF) attack via incorrect content type

Fastify is a web framework with minimal overhead and plugin architecture. The attacker can use the incorrect Content-Type to bypass the Pre-Flight checking of fetch. fetch requests with Content-Type’s essence as "application/x-www-form-urlencoded", "multipart/form-data", or "text/plain", could...

CVE-2021-29719

IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an incorrect content type. IBM X-Force ID: 201091...