396 matches found
CVE-2026-6805 Vulnerability on Cryptobox external sharing feature
Vulnerability on the external sharing feature in Cryptobox allows an attacker knowing a sharing link URL to retrieve information from the server allowing an offline brute-force attack of the access code associated to this sharing link...
CVE-2025-10503
The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious JavaScript payloads, enabling reflected cross-site scripting. An attacker can leverage this...
CVE-2024-4867 Cross-Site Scripting via Developer Portal in WSO2 API Manager Enables UI Modification and Information Retrieval
The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious actor to inject script content that is executed within the context of a user's browser. By leveraging this cross-site...
EUVD-2026-15194
SHARP routers do not perform authentication for some web APIs. The device information may be retrieved without authentication. If the administrative password of the device is left as the initial one, the device may be taken over...
SHARP多款产品 访问控制错误漏洞
Sharp HR02 is a product of Japanese company Sharp. The Sharp HR02 is a home router. The Sharp SH-52B is a wireless local area network connection station. The Sharp SH-54C is also a wireless local area network connection station. Several Sharp products have vulnerabilities related to access contro...
GHSA-HMQR-WJMJ-376C Netmaker has Insufficient Authorization in Host Token Verification
The Authorise middleware in Netmaker incorrectly validates host JWT tokens. When a route permits host authentication hostAllowed=true, a valid host token bypasses all subsequent authorisation checks without verifying that the host is authorised to access the specific requested resource. Any entit...
CVE-2026-29194
Netmaker makes networks with WireGuard. Prior to version 1.5.0, the Authorize middleware in Netmaker incorrectly validates host JWT tokens. When a route permits host authentication hostAllowed=true, a valid host token bypasses all subsequent authorization checks without verifying that the host is...
CVE-2023-40771
SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function...
CVE-2018-10189
An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as each...
CVE-2022-26317
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.29. When returning the result of a completed Microflow execution call the affected framework does not correctly verify, if the request was initially made by the user requesting the result. Together with...
CVE-2022-35228
SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successfu...
PT-2025-50241
Name of the Vulnerable Software and Affected Versions IntelliChoice eFORCE Software Suite version 2.5.9 Description The software contains a flaw that allows attackers to identify valid usernames. This is achieved by exploiting the ctl00$MainContent$UserName POST parameter. By sending requests wit...
Sift or Get off the PoC: Applying Information Retrieval to Vulnerability Research with SiftRank
Security research is fundamentally a problem of resource constraint and consequent prioritization. There is simply too much attack surface and too little time and energy to spend analyzing it all. The most effective security researchers are often those who are most skilled at intuitively deciding...
The Star Product of Uniformly Random Codes
We consider the problem of determining the expected dimension of the star product of two uniformly random linear codes that are not necessarily of the same dimension. We achieve this by establishing a correspondence between the star product and the evaluation of bilinear forms, which we use to...
EUVD-2020-7777
Malware in sbrugna...
EUVD-2019-14926
Malware in sbrugna...
EUVD-2021-26238
Malware in sbrugna...
EUVD-2020-19347
Malware in sbrugna...
EUVD-2010-2239
Malware in sbrugna...
EUVD-2017-12291
Malware in sbrugna...