CVE-2026-5081

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId added in version 1.54 uses the value of the UNIQUEID environment variable for the session id. The UNIQUEID variable is set by the Apache moduniqueid...

CVE-2025-0289

CVE-2025-0289 affects Paragon Software BioNTdrv.sys in the Hard Disk Manager product line. The driver does not validate the MappedSystemVa pointer before passing it to HalReturnToFirmware, enabling a local attacker to compromise the service and escalate privileges (potential SYSTEM-level access)....

Beauty Parlour Management System Insecure Direct Object Reference Vulnerability

Beauty Parlour Management System is an application system. The Beauty Parlour Management System suffers from an insecure direct object reference vulnerability that could be exploited by an attacker to gain access to personally identifiable information of other customers...

GHSA-M2HP-5X78-74MG Insecure Unserialize Vulnerability in FLOW3

Due to a missing signature HMAC for a request argument, an attacker could unserialize arbitrary objects within FLOW3. To our knowledge it is neither possible to inject code through this vulnerability, nor are there exploitable objects within the FLOW3 Base Distribution. However, there might be...

CVE-2019-18849

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup...

Maian Cart 1.1 Insecure Cookie Handling Vulnerability

No description provided by source. Author: Saime Date: July 12, 2008 Script: Maian Cart v1.1 Insecure Cookie Handling Vulnerability URL: http://www.maianscriptworld.co.uk Dork: Powered by Maian Cart v1.1 Description: Maian Car v1.1 is suffering from insecure cookie handling, the /admin/index.php...