CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

OSV•added 2026/04/21 6:16 p.m.•6 views

PYSEC-2026-125

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted prox...

4.8CVSS5.8AI score0.00011EPSS

Exploits1References1

Vulnrichment•added 2026/04/21 5:14 p.m.•2 views

CVE-2026-40594 pyLoad: Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)

4.8CVSS5.8AI score0.00011EPSS

Exploits1References1

OSV•added 2026/04/16 1:20 a.m.•3 views

GHSA-MP82-FMJ6-F22V pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)

Summary The setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted proxy, then mutates the global Flask configuration SESSIONCOOKIESECURE on every request...

4.8CVSS5.8AI score0.00011EPSS

Exploits1References3

Positive Technologies•added 2025/12/09 12:0 a.m.•3 views

PT-2025-49823

An XSS vulnerability in pxc portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS6.3AI score0.00125EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-3647

Malware in sbrugna...

5CVSS6AI score0.01803EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-3648

Malware in sbrugna...

5CVSS6.1AI score0.00874EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-3113

Malware in sbrugna...

5CVSS6.4AI score0.00225EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2009-1472

Malware in sbrugna...

7.6CVSS6.4AI score0.00837EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2009-5008

Malware in sbrugna...

5CVSS6.4AI score0.0025EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-4611

Malware in sbrugna...

4.3CVSS6.4AI score0.00072EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-1114

Malware in sbrugna...

8.8CVSS8.8AI score0.00219EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-15658

Malware in sbrugna...

9.8CVSS9.3AI score0.032EPSS

Exploits3References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-19270

Malware in sbrugna...

7.5CVSS7.6AI score0.0021EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-26027

Malware in sbrugna...

5.3CVSS4.8AI score0.0012EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-28960