curl: Kerberos/SPNEGO Connection Reuse Vulnerability

Kerberos/SPNEGO Connection Reuse Vulnerability in curl Summary curl reuses HTTP connections across different users without checking Kerberos state. User B's request can inherit User A's GSS security context, allowing authentication bypass. Affected Versions All curl versions with Kerberos support...

EUVD-2026-10239

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

CVE-2026-3736

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

CVE-2026-3736

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

CVE-2026-3736 code-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injection

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

CVE-2026-3736 code-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injection

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

Code-Projects Simple Flight Ticket Booking System SQL注入漏洞

Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a SQL injection vulnerability. This vulnerability stems from the handling of the 'from' parameter in the...

EUVD-2020-1486

Malware in sbrugna...

EUVD-2021-2551

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-12290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in...

SUSE CVE-2024-39321

Traefik is an HTTP reverse proxy and load balancer. Versions prior to 2.11.6, 3.0.4, and 3.1.0-rc3 have a vulnerability that allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses. Versions 2.11.6, 3.0.4, and 3.1.0-rc3 contain a patc...

Improper Input Validation

libidn2.so is vulnerable to Improper Input Validation. The vulnerability is due to improper roundtrip checks while converting A-labels to U-labels. This makes it possible for an attacker to impersonate arbitrary domains...

PT-2023-35752 · Git +1 · Simdutf

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow write error. It occurs in the simdutf::haswell::implementation::convert utf8 to utf32 function, as indicat...

OSV-2023-272 Heap-buffer-overflow in unsigned long simdutf::haswell::convert_masked_utf8_to_utf16<

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57632 Crash type: Heap-buffer-overflow WRITE Crash state: unsigned long simdutf::haswell::convertmaskedutf8toutf16 simdutf::haswell::implementation::convertutf8toutf16le roundtrip.cc...

SUSE CVE-2019-12290

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

SUSE CVE-2020-26290

Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the underlying Go library...

Fedora: Security Advisory for golang-github-mattermost-xml-roundtrip-validator (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

ruby: XML round-trip vulnerability in REXML

A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using REXML and writing parsed data back to a new XML document results in creating a document with a different structure. This issue could affect the integrity of processed data in...

[SECURITY] [DSA 5066-1] ruby2.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5066-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 03, 2022 https://www.debian.org/security/faq -...

ALPINE-CVE-2021-28965

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing...