EUVD-2022-2034

Malicious code in bioql PyPI...

EUVD-2023-0773

Malicious code in bioql PyPI...

CVE-2023-24445

Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins...

CVE-2022-4055

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...

WordPress <= 3.0.1

wp-includes/comment.php does not properly whitelist trackbacks and pingbacks in the blogroll. In that way the attackers can bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match. Solution Update WordPress...

Microsoft Internet Explorer Cookie Hijacking Vulnerability

Internet Explorer is prone to cookie hijacking vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2002-1626

CVE-2002-1626 describes a directory traversal vulnerability in Mike Spice My Calendar before 1.5. An attacker can craft a URL containing .. sequences to write arbitrary files on the server. The issue arises from improper validation of path traversal in the web-facing handler, enabling verifying a...