libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential...

CSS Parser: Improper Certificate Validation allows MITM injection of remote CSS content

Summary The CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle MITM attacker to inject or modify CSS content when stylesheets are loaded via HTTPS. The connection is established with OpenSSL::SSL::VERIFYNONE, meaning any HTTPS certificate—even entirely untrusted—will...

libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential...

OESA-2026-2027 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. When establishing HTTPS tunnels through a configur...

Transparent COM instrumentation for malware analysis

COM automation is a core Windows technology that allows code to access external functionality through well-defined interfaces. It is similar to traditionally loading a DLL, but is class-based rather than function-based. Many advanced Windows capabilities are exposed through COM, such as Windows...

CVE-2026-31960 DoS in Quill via unbounded read of HTTP response body during notarization

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 has unbounded reads of HTTP response bodies during the Apple notarization process. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not...

CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...

EUVD-2024-39607

Malicious code in bioql PyPI...

CVE-2024-42408

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

CVE-2024-12123 Unauthorized Modification of Ticket Requester

A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. When an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy. The ticket requester can be changed from the...

CVE-2024-12123 Unauthorized Modification of Ticket Requester

A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. When an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy. The ticket requester can be changed from the...

PT-2024-17449 · Issuetrak · Issuetrak

Name of the Vulnerable Software and Affected Versions: Issuetrak version 17.1 Description: A hidden field manipulation issue was identified that could be triggered by an authenticated user. When an authenticated user submits a ticket, the request can be intercepted and modified by using a proxy...

CVE-2024-42408

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

CVE-2024-42408 Dorsett Controls InfoScan Path Traversal

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

CVE-2024-25637

October is a self-hosted CMS platform based on the Laravel PHP Framework. The X-October-Request-Handler Header does not sanitize the AJAX handler name and allows unescaped HTML to be reflected back. There is no impact since this vulnerability cannot be exploited through normal browser interaction...

CVE-2024-25637 Reflected XSS via X-October-Request-Handler Header

October is a self-hosted CMS platform based on the Laravel PHP Framework. The X-October-Request-Handler Header does not sanitize the AJAX handler name and allows unescaped HTML to be reflected back. There is no impact since this vulnerability cannot be exploited through normal browser interaction...

Account Spoofing

phpMyFAQ is vulnerable to User Account Spoofing. The vulnerability is due to the user removal page lacking backend validation, allowing an attacker to manipulate form details by intercepting the request via a proxy, which can allow an attacker to trick an admin into removing the account...

Design/Logic Flaw

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an attacker to spoof another user's detail, and in turn make a compelling phishing case for removing another user's account. The front-end of this page doesn'...

Super Store Finder 3.7 Remote Command Execution

Vulnerability : Authenticated Arbitrary PHP Code Injection lead to Remote Code Execution Researcher : Etharus Vendor : Joe Iz, https://www.superstorefinder.net/ Demo Url : https://superstorefinder.net/products/superstorefinder/ Version Affected : 3.7 and below Date : 18 September 2023 FOFA Dork :...

TLS certificate common name validation bypass

The NATS official Rust clients are vulnerable to MitM when using TLS. The common name of the server's TLS certificate is validated against the hostname provided by the server's plaintext INFO message during the initial connection setup phase. A MitM proxy can tamper with the host field's value by...