EUVD-2005-0120

Malware in sbrugna...

EUVD-2022-33521

Malicious code in bioql PyPI...

EUVD-2021-29297

Malicious code in bioql PyPI...

EUVD-2021-29295

Malicious code in bioql PyPI...

CVE-2019-14530

An issue was discovered in custom/ajaxdownload.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file that is readable by the user www-data from server storage. If the requested file is writable for the www-data user and the directory...

Permission Dialog Overlapping

Firefox and Thunderbird are vulnerable to Permission Dialog Overlapping. The vulnerability is due to portions of a large custom cursor set by a website potentially overlapping with the permission dialog in Firefox and Thunderbird. This could lead to user confusion and unexpected granted permissio...

CVE-2023-46249 authentik potential installation takeover when default admin user is deleted

authentik is an open-source Identity Provider. Prior to versions 2023.8.4 and 2023.10.2, when the default admin user has been deleted, it is potentially possible for an attacker to set the password of the default admin user without any authentication. authentik uses a blueprint to create the...

PT-2022-8036 · Kirby · Kirby

Name of the Vulnerable Software and Affected Versions: Kirby version 2.5.12 Description: The issue allows malicious HTTP requests to be sent, which can trick a user into adding web pages. Recommendations: For Kirby version 2.5.12, at the moment, there is no information about a newer version that...

CVE-2004-1270

lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers...