Langflow Origin Validation Error Vulnerability

Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh...

EUVD-2022-52262

Malicious code in bioql PyPI...

CVE-2025-41715

The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it...

USN-7611-2 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-3793...

RARLabs WinRAR Multiple Vulnerabilities (Mar 2025) - Windows

WinRAR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rarlab:winrar"; ifdescription...

Malicious code in hedgedoc-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da3beadfe66abf674d7b17ba8619980aaa9f69e6bc510dbe8966e0a7c1902ab2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-20566

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity...

CVE-2020-25719

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result cou...

CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

CVE-2020-16938

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on ...

Unmanarc Remote Control Server (URCS) Detection

This host appears to be running Unmanarc Remote Control Server URCS. While it does have some legitimate uses, URCS may also have been installed silently as a backdoor, which may allow an intruder to gain remote access to files on the remote system. If this program was not installed for remote...

Security Update for Windows Server 2003 (KB931374)

A security issue has been identified in Active Directory that could allow an attacker to compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...