20 matches found
CVE-2025-34412
The CVE-2025-34412 entry, based on connected documents, concerns the Convercent Whistleblowing Platform (EQ S Group) with a browser/session handling protection mechanism failure. By default deployments omit critical HTTP security headers (Content-Security-Policy, Referrer-Policy, Permissions-Poli...
EUVD-2016-4848
Malware in sbrugna...
EUVD-2012-4583
Malware in sbrugna...
EUVD-2005-1023
Malware in sbrugna...
EUVD-2018-13542
Malware in sbrugna...
EUVD-2010-0055
Malware in sbrugna...
EUVD-2009-4205
Malware in sbrugna...
EUVD-2020-6136
Malware in sbrugna...
EUVD-2021-2036
Malware in sbrugna...
EUVD-2025-12214
Malicious code in bioql PyPI...
CVE-2023-1907
Summary: CVE-2023-1907 affects pgAdmin4. When logging in to pgAdmin in server mode with LDAP authentication, multiple simultaneous connection attempts may cause a user to be attached to another user’s session. The related open-source/OSV entries indicate a fix for this issue in pgAdmin4 (e.g., OS...
Mattermost Desktop 9.5.x < 9.5.9 / 9.11.x < 9.11.1 (MMSA-2024-00363)
The version of Mattermost Desktop installed on the remote host is prior to 9.5.9 or 9.11.1. It is, therefore, affected by a vulnerability as referenced in the MMSA-2024-00363 advisory. - Mattermost versions 9.11.X = 9.11.1, 9.5.x = 9.5.9 icorrectly issues two sessions when using desktop SSO - one...
Launch failures after upgrading to CWA 2402
Users on Citrix Workspace App for Windows 2402 and have Real-Time Media Engine RTME installed on endpoint devices older than 2.9.700 may encounter session launch failures...
MGASA-2024-0132 Updated php packages fix security vulnerabilities
Core: - Corrupted memory in destructor with weak references - GC does not scale well with a lot of objects created in destructor DOM: - Add some missing ZPP checks. - Fix potential memory leak in XPath evaluation results. FPM: - Fix incorrect check in fpmshmfree. Gettext: - Fixed sigabrt raised...
Some keyboard shortcuts may not work when external Windows keyboard is used along with CWA for iOS
When using external Windows keyboard attached to iOS device, you may not be able to use some keyboard shortcut combinations in Citrix session. Examples: Use of 'Windows key' may not give desired result. Cannot highlight multiple items files in explorer or cells in a spreadsheet by keeping 'Ctrl'...
OPENSUSE-SU-2022:10088-1 Security update for opera
This update for opera fixes the following issues: Opera was updated to 89.0.4447.71 - CHR-8957 Update chromium on desktop-stable-103-4447 to 103.0.5060.134 - DNA-100492 authPrivate.storeCredentials should work with running auth session - DNA-100649 “Sign out” from settings doesn’t also sign out...
CVE-2022-23601 CSRF token missing in Symfony
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the...
MGASA-2021-0186 Updated curl packages fix security vulnerabilities
libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. CVE-2021-22876 TLS 1.3 session ticket...
SUSE-SU-2016:2449-1 Security update for curl
This update for curl fixes the following issues: - CVE-2016-5419: TLS session resumption client cert bypass bsc991389 - CVE-2016-5420: Re-using connections with wrong client cert bsc991390 - CVE-2016-7141: Fixed incorrect reuse of client certificates bsc997420...
Xtreme Vulnerable Web Application: XVWA
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security. It’s not advisable to host this application online as it is designed to be “Xtremely Vulnerable”. It is recommended to host this application in local/controlled environment an...