CVE-2024-1524

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. There will...

EUVD-2025-15846

Malicious code in bioql PyPI...

CVE-2025-48015 Observable Response Discrepancy

Failed login response could be different depending on whether the username was local or central...

Malicious Package

loadyaml is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

Malicious Package

electorn is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

Malicious code in `loadyaml`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...

Malicious code in `electorn`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...

Zblast 1.2 - Local Username Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7836/info A vulnerability has been reported for zblast, an svgalib-based game. The problem occurs when copying data from a user-supplied environment variable into a static memory buffer. By storing excessive data within t...

CVE-2009-4073

The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a local pathname, and possibly a local username, by reading the dc:title element of a PDF document that was generated from a local web page...

CVE-2004-2398

Vulnerability summary (CVE-2004-2398): Netenberg Fantastico De Luxe 2.8 stores database file names that reveal usernames because file names in the database directory are readable. This enables local attackers to enumerate valid usernames by listing files under /var/lib/mysql, where permissions we...

DelphiTurk CodeBank 3.1 Local Username and Password Disclosure

Exploit for unknown platform in category local exploits ============================================================== DelphiTurk CodeBank 3.1 Local Username and Password Disclosure ============================================================== / DelphiTurk CodeBank Local Exploit Application:...

DelphiTurk CodeBank 3.1 Local Username and Password Disclosure

No description provided by source. / DelphiTurk CodeBank Local Exploit Application: DelphiTurk CodeBank 3.1 and previous versions Procuder: Delphiturk.com Vulnerable Description: Delhiturk CodeBank discloses username and password to local users. Coded by: Kozan Web: www.netmagister.com Mail:...