📄 Apache Roller 6.1.2 Cross Site Request Forgery

Apache Roller versions 6.1.2 and below contain a cross site request forgery vulnerability in endpoint /roller/roller-ui/profile!save.rol. This vulnerability allows attackers to arbitrarily update the victim user's profile information e.g., email, full name, locale, timezone via a crafted HTML pag...

MiracleLinux 8 : file-roller-3.28.1-4.el8 (AXSA:2021-2652:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2652:02 advisory. file-roller: directory traversal via directory symlink pointing outside of the target directory incomplete fix for CVE-2020-11736 CVE-2020-36314...

Apache Roller < 6.1.5 Insufficient Session Expiration on Password Change (CVE-2025-24859)

According to its self-reported version number, the instance of Apache Roller running on the remote host is prior to 6.1.5. It is, therefore, affected by a session management vulnerability where active user sessions are not properly invalidated after password changes. When a user's password is...

EUVD-2012-2368

Malware in sbrugna...

EUVD-2008-6839

Malware in sbrugna...

EUVD-2018-8962

Malware in sbrugna...

EUVD-2019-1007

Malware in sbrugna...

EUVD-2013-4095

Malware in sbrugna...

EUVD-2015-0271

Malware in sbrugna...

EUVD-2006-4843

Malware in sbrugna...

EUVD-2013-4521

Malware in sbrugna...

EUVD-2020-4078

Malware in sbrugna...

EUVD-2016-8030

Malware in sbrugna...

EUVD-2020-23856

Malware in sbrugna...

EUVD-2019-7241

Malware in sbrugna...

EUVD-2021-20266

Malware in sbrugna...

EUVD-2012-2369

Malware in sbrugna...

EUVD-2023-41466

Malicious code in bioql PyPI...

EUVD-2024-52474

Malicious code in bioql PyPI...

EUVD-2024-22452

Malicious code in bioql PyPI...