EUVD-2019-14835

Malware in sbrugna...

CVE-2024-47165

Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to CORS origin validation accepting a null origin. When a Gradio server is deployed locally, the localhostaliases variable includes "null" as a valid origin. This allows attackers to make unauthoriz...

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

Advisory ROSA-SA-2025-2653

software: libbacktrace 1.0 WASP: ROSA-CHROME packageevrstring: libbacktrace-1.0-1.gitcdb64b.3 CVE-ID: CVE-2023-28198 BDU-ID: 2023-04538 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the macOS operating system WebKit web page display module is associated with a post-release exploit error...

DEBIAN-CVE-2024-56169

A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties such as Fort are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently...

ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66420)

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

CVE-2022-46328

Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...

UBUNTU-CVE-2021-43114

FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation...

CVE-2021-30817

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access data about the accounts the user is using Family Sharing with...

CVE-2020-26868

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit...

PT-2020-16522 · Arc Informatique · Pcvue +1

Name of the Vulnerable Software and Affected Versions: ARC Informatique PcVue versions prior to 12.0.17 Description: The issue allows an unauthorized user to modify information used to validate messages sent by legitimate web clients, leading to a denial-of-service attack. This problem also affec...

CVE-2020-10898

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

OWOX, Inc.: Reflected XSS

Hi team, I have found an XSS at https://bi.owox.com/ui/6177527534dc114eb07fa829e4ce4d28/dashboard/?trial=activated Because the input is not properly filtered, resulting in XSS being executed Vulnerable area: ----- 6177527534dc114eb07fa829e4ce4d28 The URL will now be:...

MGASA-2018-0297 Updated librsvg packages fix a security vulnerability

Updated librsvg package fixes security vulnerability: It was discovered that there was an input validation vulnerability in the librsvg renderer library that could result in data being leaked to remote attackers via a specially-crafted file CVE-2018-1000041...

Newsscript 1.0 - Administrative Privilege Escalation

source: https://www.securityfocus.com/bid/7705/info A vulnerability has been reported that could enable a member of the news system to create and access an administrative account. This is due to insufficient validation of data supplied to account editing input fields of Newsscript. Peter2...