CVE-2025-15624

Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext...

CVE-2025-15624

Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext...

EUVD-2005-4865

Malware in sbrugna...

Ransomware Phishing Emails Sneak Through SEGs

Secure email gateway SEG protections aren’t necessarily enough to stop phishing emails from delivering ransomware to employees, especially if the cybercrooks are using legitimate cloud services to host malicious pages. Researchers are raising the alarm over a phishing email kicking off a...

Arbitrary UNC file read in IE 8

Internet Explorer is vulnerable to a drive-by arbitrary UNC file read, with the usual consequences local account password disclosure, etc. as in IE6 before SP1. It is in ICMFilter, which is accessible via the CSS filter property. Sample exploit code: div...

CVE-2005-4874

The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain 1 proxy authentication passwords via a request with a "Max-Forwards: 0" header or 2 arbitrary local passwords on the web server that hosts this object...