CVE-2025-4614

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

CVE-2025-4614

CVE-2025-4614 describes an information-disclosure flaw in Palo Alto Networks PAN-OS software where an authenticated administrator can view other users’ session tokens in the firewall web UI, potentially allowing impersonation of those users. The risk is mitigated if CLI access is restricted to a ...

CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

[SECURITY] Fedora 41 Update: insight-13.0.50.20220502-27.fc41

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

Apache Kylin Authentication Bypass Vulnerability

Apache Kylin is an open source distributed analytics engine designed to provide SQL interfaces as well as support for multidimensional analytics for Hadoop and Alluxio for very large datasets. An authentication bypass vulnerability exists in the Apache Kylin /kylin/api/user/updateuser interface,...

PT-2025-41409

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 22.2R1 Patch V3 Juniper Networks Junos Space versions 23.1 before 23.1R1 Patch V3 Description An Uncontrolled Resource Consumption issue exists in the HTTP daemon httpd of Juniper Networks Junos...

PT-2025-41451

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue ...

Are Voters Willing to Collectively Secure Elections? Unraveling a Practical Blockchain Voting System

Ensuring ballot secrecy is critical for fair and trustworthy electronic voting systems, yet achieving strong secrecy guarantees in decentralized, large-scale elections remains challenging. This paper proposes the concept of collectively secure voting, in which voters themselves can opt in as secr...

Barco ClickShare Devices Cross-site Scripting (CVE-2017-12460)

An issue was discovered in Barco ClickShare CSM-1 firmware before v1.7.0.3 and CSC-1 firmware before v1.10.0.10. An authenticated user can manage the wallpaper collection in the webUI to be shown as background on the ClickShare product. By uploading a wallpaper with a specially crafted name, an...

Linux Distros Unpatched Vulnerability : CVE-2025-54286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-Site Request Forgery CSRF in LXD-UI in Canonical LXD versions = 5.0 on Linux allows an attacker to create and start container instances without user conse...

CVE-2025-43889

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory...

CVE-2025-43889

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory...

CVE-2025-43889

Dell PowerProtect Data Domain (DD OS) components are affected across Feature Release 7.7.1.0–8.4, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 by an Unauthenticated Path Traversal in the UI that can expose information via remote access. The issue is described as an improper limitati...

CVE-2025-1826

IBM Engineering Requirements Management DOORS Next IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in t...

CVE-2025-1826 IBM Jazz Foundation cross-site scripting

IBM Engineering Requirements Management DOORS Next IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in t...

CVE-2025-59159

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing...

EUVD-2017-12567

Malware in sbrugna...

EUVD-2014-2372

Malware in sbrugna...

EUVD-2018-1019

Malware in sbrugna...

EUVD-2018-11984

Malware in sbrugna...