25 matches found
PT-2026-44132
Description X509Authenticator implements client-certificate mTLS authentication: the web server validates the client's certificate against a trusted CA, then passes the certificate's Subject DN Distinguished Name: a string like CN=Alice,O=Example,[email protected] to Symfony via $...
PT-2026-21335
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.18 Description The software handles Discord moderation actions timeout, kick, ban using information from request parameters instead of a secure source. This allows a user without administrative privileges to...
CVE-2018-4391
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofi...
EUVD-2021-2342
Malware in sbrugna...
EUVD-2019-18044
Malware in sbrugna...
EUVD-2018-16177
Malware in sbrugna...
EUVD-2025-15620
Malicious code in bioql PyPI...
webkitgtk: issue was addressed with improved UI handling
A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing...
CVE-2023-42438
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing...
CVE-2025-4858
A vulnerability was found in D-Link DAP-2695 120b36r137ALLen20210528. It has been declared as problematic. This vulnerability affects unknown code of the file /advarpspoofing.php of the component ARP Spoofing Prevention Page. The manipulation of the argument harpmac leads to cross site scripting...
CVE-2025-4858 D-Link DAP-2695 ARP Spoofing Prevention Page adv_arpspoofing.php cross site scripting
A vulnerability was found in D-Link DAP-2695 120b36r137ALLen20210528. It has been declared as problematic. This vulnerability affects unknown code of the file /advarpspoofing.php of the component ARP Spoofing Prevention Page. The manipulation of the argument harpmac leads to cross site scripting...
CVE-2025-4858 D-Link DAP-2695 ARP Spoofing Prevention Page adv_arpspoofing.php cross site scripting
A vulnerability was found in D-Link DAP-2695 120b36r137ALLen20210528. It has been declared as problematic. This vulnerability affects unknown code of the file /advarpspoofing.php of the component ARP Spoofing Prevention Page. The manipulation of the argument harpmac leads to cross site scripting...
CVE-2025-4858
The CVE-2025-4858 entry concerns D-Link DAP-2695 (ARP Spoofing Prevention Page) where the param harp_mac in /adv_arpspoofing.php is vulnerable to cross-site scripting. Multiple sources confirm remote exploitability and exploitation disclosed publicly, with affected products being out of maintenan...
Product Explained: Memcyco's Real-Time Defense Against Website Spoofing
Hands-On Review: Memcyco's Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing...
SUSE CVE-2020-6808
When a JavaScript URL javascript: is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL as reported by the document.location property, for example was the originating javascript: URL which could lead to...
CLSA-2022-1671481339 openssh: Fix of 2 CVEs
CVE-2019-6109: verify character encoding in progress display to avoid spoofing of scp client output - CVE-2016-10012: updated to fix server-side protocol errors observed during rekeying with compression enabled...
Login Block IPs <= 1.0.0 - IP Spoofing Bypass
The function checkisloginpage uses headers for the IP check, which can be easily spoofed. Set HTTPCLIENTIP to bypass blocks / use allowed IP addresses...
Anatomy of a DDoS amplification attack
Amplification attacks are one of the most common distributed denial of service DDoS attack vectors. These attacks are typically categorized as flooding or volumetric attacks, where the attacker succeeds in generating more traffic than the target can process, resulting in exhausting its resources...
SCUTUM - Linux Automatic ARP (TCP / UDP / ICMP) Firewall
SCUTUM - Linux Automatic ARP TCP / UDP / ICMP Firewall Current Version Change log: 1. Added Self-Upgrading Function, now users can execute self-upgrading with $ sudo scutum --upgrade 2. Added AVALON Framework Self-Upgrading function included when using "--upgrade" parameter Recent Changes: 1...
ARP Firewall: SCUTUM
SCUTUM is an ARP firewall that prevents your computer from being arp spoofed. Scutum controls “arptables” in your computer so it accepts ARP packets only from the gateway. This way, people with malicious intentions cannot spoof your arp table. Scutum also prevents other people from detecting your...