CVE-2026-23624 GLPI is vulnerable to session stealing on externally authenticated user change

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

CVE-2026-23624 GLPI is vulnerable to session stealing on externally authenticated user change

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

CVE-2026-23624

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

EUVD-2019-19253

Malware in sbrugna...

CVE-2025-46511

Server-Side Request Forgery SSRF vulnerability in Derek Springer BeerXML Shortcode beerxml-shortcode allows Server Side Request Forgery.This issue affects BeerXML Shortcode: from n/a through = 0.7.1...

CVE-2025-46511

Server-Side Request Forgery SSRF vulnerability in Derek Springer BeerXML Shortcode beerxml-shortcode allows Server Side Request Forgery.This issue affects BeerXML Shortcode: from n/a through = 0.7.1...

CVE-2025-46511 WordPress BeerXML Shortcode plugin <= 0.7.1 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Derek Springer BeerXML Shortcode beerxml-shortcode allows Server Side Request Forgery.This issue affects BeerXML Shortcode: from n/a through = 0.7.1...

CVE-2025-21626 GLPI vulnerable to exposure of sensitive information in the `status.php` endpoint

GLPI is a free asset and IT management software package. Starting in version 0.71 and prior to version 10.0.18, an anonymous user can fetch sensitive information from the status.php endpoint. Version 10.0.18 contains a fix for the issue. Some workarounds are available. One may delete the status.p...

Modesty Pdf2json 代码问题漏洞

PDF2JSON is a Java-based code library that allows PDF files to interact with Json files. PDF2JSON has a code problem vulnerability that stems from the discovery that pdf2json v0.71 contains a null pointer dereference in the component ObjectStream::getObject. No detailed vulnerability details are...

CVE-2019-9897

Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71...

DEBIAN-CVE-2019-9895

In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding...

CVE-2019-9894

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification...

PuTTY memory overwrite vulnerability

PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms and an xterm terminal emulator. A memory overwrite vulnerability exists in PuTTY versions prior to 0.71. A remote attacker can exploit this vulnerability to overwrite memory...

Denial Of Service (DoS) Through A Null Pointer Dereference

libpng is vulnerable to denial of service DoS attacks via null pointer dereference. The vulnerability has existed in libpng since version 0.71. To be vulnerable, an application has to load a text chunk into the png structure, then delete all text, then add another text chunk to the same png...

Debian Security Advisory DSA 559-1 (net-acct)

The remote host is missing an update to net-acct announced via advisory DSA 559-1. OpenVAS Vulnerability Test $Id: deb5591.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 559-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

[AP] Owl Intranet Engine CSS Bug

-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 05/21/2003 homepage: http://sec.angrypacket.com advisory id: 0x0005...

Owl_Intranet_Engine.txt

-------------------------------------------------- Owl Intranet Engine - File Disclosure Vulnerabilty -------------------------------------------------- Date: 5-12-03 Advisory Url: http://sec.angrypacket.com/advisories.phtml Vendor Home Page: http://owl.sourceforge.net/ Vendor Project Page:...