Lucene search
K

8 matches found

OSV
OSV
added 2026/06/03 1:0 p.m.9 views

UBUNTU-CVE-2026-6873

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation concatenating the cookie name and salt argument, which allows a remote attacker to use a cookie in a context different from the one wher...

4.3CVSS5.3AI score0.00245EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.9 views

CVE-2026-44114 OpenClaw < 2026.4.20 - Environment Variable Namespace Collision via Workspace dotenv

OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables. Malicious workspaces can set variables like OPENCLAWGITDIR to manipulate trusted OpenClaw runtime behavior...

8.5CVSS5.8AI score0.00129EPSS
Exploits0References3
Krebs on Security
Krebs on Security
added 2024/08/23 2:12 p.m.13 views

Local Networks Go Global When Domain Names Collide

The proliferation of new top-level domains TLDs has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didnt exist at the time. Meaning, they are continuously sending their Windows usernam...

7.2AI score
Exploits0
Veracode
Veracode
added 2020/11/05 3:10 a.m.24 views

Namespace Collision

sqlite is vulnerable to namespace collision vulnerability. The vulnerability is possible because sqlite allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c...

5.5CVSS2.5AI score0.0062EPSS
Exploits0References26Affected Software1
FreeBSD Advisory
FreeBSD Advisory
added 2020/08/05 12:0 a.m.28 views

FreeBSD-SA-20:22.sqlite

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:22.sqlite Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in sqlite3 Category: contrib Module: sqlite3 Announced: 2020-08-05 Affects:...

9.8CVSS7AI score0.07407EPSS
Exploits3
Schneier on Security
Schneier on Security
added 2020/04/09 11:45 a.m.43 views

Microsoft Buys Corp.com

A few months ago, Brian Krebs told the story of the domain corp.com, and how it is basically a security nightmare: At issue is a problem known as "namespace collision," a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains th...

1.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/02/08 5:32 p.m.122 views

Dangerous Domain Corp.com Goes Up for Sale

As an early domain name investor, Mike O'Connor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com. Some he sold over the years, but for the past 26 years O'Connor refused to auction perhaps the most sensitive...

6.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/07/21 12:0 a.m.113 views

Drupal 8.x < 8.1.7 PHP HTTP_PROXY Environment Variable Namespace Collision Vulnerability (httpoxy)

The version of Drupal running on the remote web server is 8.x prior to 8.1.7. It is, therefore, affected by a man-in-the-middle vulnerability known as 'httpoxy' due to a failure to properly resolve namespace conflicts in accordance with RFC 3875 section 4.1.18. The HTTPPROXY environment variable ...

8.1CVSS7.1AI score0.50427EPSS
Exploits0References4
Rows per page
Query Builder