PT-2026-51222

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A broken row level security RLS policy in the org users table allows authenticated users to elevate their privileges from admin to super admin. This insufficient RLS enforcement enables attackers to...

CVE-2026-45342

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains an Insecure Direct Object Reference vulnerability in the authorization policy layer that allows any authenticated user to modify resources owned by other users. The affected resource types are links, lists...

OESA-2026-2287 xdg-dbus-proxy security update

xdg-dbus-proxy is a filtering proxy for D-Bus connections. It was originally part of the flatpak project, but it has been broken out as a standalone module to facilitate using it in other contexts. Security Fixes: xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy...

PT-2026-31022

Name of the Vulnerable Software and Affected Versions xdg-dbus-proxy versions prior to 0.1.7 Description xdg-dbus-proxy is a filtering proxy for D-Bus connections. A policy parser issue allows bypassing eavesdrop restrictions. The proxy incorrectly handles variations in the 'eavesdrop' policy rul...

CVE-2025-63019

Insertion of Sensitive Information Into Sent Data vulnerability in Johan Jonk Stenström Cookies and Content Security Policy cookies-and-content-security-policy allows Retrieve Embedded Sensitive Data.This issue affects Cookies and Content Security Policy: from n/a through = 2.34...

PT-2025-42325

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.5.1.3 F5 BIG-IP versions prior to 17.1.3 F5 BIG-IP versions prior to 16.1.6.1 F5 BIG-IP versions prior to 15.1.10.8 Description An unauthenticated Remote Code Execution RCE exists in the F5 BIG-IP Access Policy...

EUVD-2017-16817

Malware in sbrugna...

EUVD-2013-4305

Malware in sbrugna...

EUVD-2011-4512

Malware in sbrugna...

EUVD-2021-14755

Malware in sbrugna...

EUVD-2021-2099

Malware in sbrugna...

EUVD-2021-7605

Malicious code in bioql PyPI...

EUVD-2024-51931

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-24612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled...

OESA-2025-1919 polkit security update

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. Security Fixes: A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggere...

CVE-2025-53600

Whale browser before 4.32.315.22 allow an attacker to bypass the Same-Origin Policy in a dual-tab environment...

CVE-2025-25264 Overly Permissive CORS Policy in WAGO Device Manager

An unauthenticated remote attacker can trick an admin to visit a website containing malicious java script code. The current overly permissive CORS policy allows the attacker to obtain any files from the file system...

CVE-2025-4922 Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job

Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...

CVE-2020-1317

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'...

CVE-2019-19916

In Midori Browser 0.5.11 on Windows 10, Content Security Policy CSP is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting XSS and other...