200 matches found
EUVD-2010-0674
Malware in sbrugna...
EUVD-2006-3421
Malware in sbrugna...
EUVD-2006-2783
Malware in sbrugna...
EUVD-2015-1370
Malware in sbrugna...
CVE-2025-58584 Plain Text Transmission of Username and Password in the URL
In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally...
EUVD-2025-23314
Malicious code in bioql PyPI...
EUVD-2024-38546
Malicious code in bioql PyPI...
NVIDIA Omniverse Launcher < 1.9.19 Information Disclosure
The version of NVIDIA Omniverse Launcher installed on the remote host is prior to 1.9.19. It is, therefore, affected by a vulnerability. NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to t...
CVE-2025-23289
NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to the log files through proxy servers. A successful exploit of this vulnerability might lead to information disclosure...
CVE-2025-23289
NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to the log files through proxy servers. A successful exploit of this vulnerability might lead to information disclosure...
PT-2025-31586 · Nvidia · Nvidia Omniverse Launcher
Name of the Vulnerable Software and Affected Versions: NVIDIA Omniverse Launcher for Windows and Linux affected versions not specified Description: NVIDIA Omniverse Launcher for Windows and Linux contains an issue in the launcher logs. A user can cause sensitive information to be written to log...
Creating Scripts to Identify Vulnerable Proxy Servers
This whitepaper covers how to create Nmap scripts to identify banners and versions of proxy servers. It also covers methods to mitigate the public visibility of banners and version information on proxy servers. Written in Portuguese...
PT-2025-11679 · Openresty +1 · Lua-Nginx-Module +2
Name of the Vulnerable Software and Affected Versions: OpenResty/lua-nginx-module affected versions not specified Description: The issue concerns HTTP Request Smuggling in HEAD requests. When handling HTTP/1.1 requests, the lua-nginx-module incorrectly parses HEAD requests with a body, treating t...
BIT-ZOOKEEPER-2024-51504 Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which...
CVE-2024-51504
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which...
CVE-2024-51504
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which...
CVE-2024-51504
CVE-2024-51504 affects ZooKeeper Admin Server via IPAuthenticationProvider. Default IP detection uses HTTP headers (X-Forwarded-For) and can be spoofed, leading to authentication bypass for IP-based auth. Admin commands like snapshot/restore may be exploited after bypass. Impact: potential inform...
CVE-2024-51504 Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which...
CVE-2024-40620
CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashboard without encryption, which can be seen in the logs of proxy servers, potentially impacting the...
CVE-2024-40620
CVE-2024-40620 affects Rockwell Automation Pavilion8, specifically version 5.20 (and later). The root cause is missing encryption of sensitive data exchanged between the Console and the Dashboard, which can be observed in proxy-server logs, potentially compromising confidentiality. Rockwell Autom...