CVE-2026-3783 token leak with redirect and netrc

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with eithe...

CVE-2025-34314

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SRC, DST, and COMMENT parameters when creating a time constraint rule. When a user adds a time constraint rul...

CVE-2023-20046

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this...

OpenStack Nova Live migration fails to update persistent domain XML

An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths ...

irc-info NSE Script

Gathers information from an IRC server. It uses STATS, LUSERS, and other queries to obtain this information. Example Usage nmap -sV -sC Script Output 6665/tcp open irc | irc-info: | server: asimov.freenode.net | version: ircd-seven-1.1.320111112-b71671d1e846,charybdis-3.4-dev. asimov.freenode.net...

Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service Exploit

No description provided by source. // / / / nhrp-dos - Copyright by Martin Kluge, [email protected] / / /...