CVE-2025-66488

Discourse is an open source discussion platform. A vulnerability present in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 affects anyone who uses S3 for uploads. While scripts may be executed, they will only be run in the context of the S3/CDN domain, with no site credentials...

Linux Distros Unpatched Vulnerability : CVE-2017-7783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a long user name is used in a username/password combination in a site URL such as http://UserName:[email protected], the resulting modal prompt will hang ...

PYSEC-2023-157

jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on /files/ URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via "Open image in new tab". This issue has been addressed in commit 87a49272728 which h...

Jupyter Server 访问控制错误漏洞

Jupyter Server is an application from the Jupyter organization used to provide back-end services for Jupyter Web applications. An access control error vulnerability exists in versions of Jupyter Server prior to 2.7.2 that stems from incorrect cross-site credential checking of URLs, which could le...

UBUNTU-CVE-2017-7783

If a long user name is used in a username/password combination in a site URL such as " http://UserName:[email protected]", the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox 55...

Magento E-Commerce Platform Magmi Plugin Information Disclosure

An information disclosure vulnerability has been discovered in Magento e-commerce platform Magmi Plugin. Successful exploitation results in access to Magento site credentials and database encryption key...