EUVD-2008-6564

Malware in sbrugna...

EUVD-2024-22147

Malicious code in bioql PyPI...

CVE-2025-29868

CVE-2025-29868 affects Apache Answer up to version 1.4.2. A public method returns a private data structure, enabling potential disclosure of a user’s IP address when external images are accessed. The issue is mitigated in version 1.4.5, which adds a configurable setting to control whether externa...

CVE-2024-47061

Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM attributes to any element or leaf using the attributes property. These attributes are passed to the...

Mozilla: Information disclosure on password cancel endpoint

The password reset cancellation process disclosed the user's IP address in the email sent to the user upon cancellation. This information disclosure vulnerability was exploited to obtain the IP address of a user by tricking them into submitting the password reset cancellation request...

OTRS Security Vulnerabilities

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS prior to 7.0.47, versions prior to 8.0.37, and OTRS Community Edition versions 6.0.X through 6.0.34, which stems from a vulnerability that does not prevent an external IMAGE from being...

GHSA-97M3-W2CP-4XX6 Embedded Malicious Code in node-ipc

The package node-ipc versions 10.1.1 and 10.1.2 are vulnerable to embedded malicious code that was introduced by the maintainer. The malicious code was intended to overwrite arbitrary files dependent upon the geo-location of the user IP address. The maintainer removed the malicious code in versio...

GitLab Information Disclosure Vulnerability (CNVD-2020-19581)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...

FreeBSD : Gitlab -- Multiple Vulnerabilities (62f2182c-5f7a-11ea-abb7-001b217b3468)

Gitlab reports : Directory Traversal to Arbitrary File Read Account Takeover Through Expired Link Server Side Request Forgery Through Deprecated Service Group Two-Factor Authentication Requirement Bypass Stored XSS in Merge Request Pages Stored XSS in Merge Request Submission Form Stored XSS in...

smf105.txt

Simple Machine Forum 1-0-5 possibly prior versions user IP address / information disclosure software: site: http://www.simplemachines.org/ information disclosure: a user can choose an sumbit an avatar url like this: http://evilsite/image.php where image.php is a file like this: When forum users...

GAIM information leak

IRC plugins registers user's IP and accoun...