EUVD-2017-10171

Malware in sbrugna...

CVE-2025-49152

The affected products contain JSON Web Tokens JWT that do not expire, which could allow an attacker to gain access to the system...

CVE-2025-23421 Qardio iOS and Android applications Files or Directories Accessible to External Parties

An attacker could obtain firmware files and reverse engineer their intended use leading to loss of confidentiality and integrity of the hardware devices enabled by the Qardio iOS and Android applications...

PT-2022-26314 · Unknown · Open Source Sacco Management System

Name of the Vulnerable Software and Affected Versions: Open Source SACCO Management System version 1.0 Description: The issue concerns SQL Injection via the "/sacco shield/manage loan.php" API endpoint. This allows for potential unauthorized access and manipulation of data. No information is...

PT-2022-12242 · Delta Rm · Delta Rm

Name of the Vulnerable Software and Affected Versions: Delta RM version 1.2 Description: An issue was discovered that allows users to access risks of other companies. This is achieved by using the "/risque/risque/ajax-details" endpoint with a POST request, specifying the risk to access with the i...

NTLM credentials not-checked for proxy connection reuse

libcurl reuses NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. libcurl maintains a pool of connections after a transfer has completed. The pool of connections is then gone through when a ne...

Netscape 4.76 gif comment flaw

Product: Netscape Navigator/Communicator Tested on: 4.76 on Linux and Win98/NT Vendor Contact: Reported 2001-03-22 Problem -------------------------------------------------------- - Overview: The Netscape browser does not escape the gif file comment in the image information page. This allows...