29 matches found
EUVD-2003-0055
Malware in sbrugna...
EUVD-2015-6502
Malware in sbrugna...
EUVD-2011-4835
Malware in sbrugna...
EUVD-2012-2224
Malware in sbrugna...
EUVD-2016-8039
Malware in sbrugna...
EUVD-2024-41617
Malicious code in bioql PyPI...
EUVD-2025-6368
Malicious code in bioql PyPI...
EUVD-2025-13640
Malicious code in bioql PyPI...
EUVD-2022-34994
Malicious code in bioql PyPI...
EUVD-2023-45656
Malicious code in bioql PyPI...
EUVD-2022-30678
Malicious code in bioql PyPI...
@fedify/fedify has Improper Authentication and Incorrect Authorization
Summary An authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are processed before verifying the signing key belongs to the claimed actor, enabling complete actor...
CVE-2025-6942
The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine...
CVE-2025-6942
The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine...
CVE-2025-6942
The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine...
PT-2025-23856 · Freshrss · Freshrss
Name of the Vulnerable Software and Affected Versions: FreshRSS versions prior to 1.26.2 Description: FreshRSS is a self-hosted RSS feed aggregator. When the server is using HTTP auth via reverse proxy, it's possible to impersonate any user either via the Remote-User header or the X-WebAuth-User...
PT-2025-19969 · Auth0 · Passport-Wsfed-Saml2
Name of the Vulnerable Software and Affected Versions: passport-wsfed-saml2 versions 3.0.5 through 4.6.3 Description: A vulnerability in passport-wsfed-saml2 allows an attacker to impersonate any user in the Auth0 tenant during SAML authentication by crafting a SAMLResponse. This can be done by...
CVE-2025-2081
Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 are vulnerable to an attacker impersonating the web application service and mislead victim clients...
CVE-2025-27912
An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when 1 Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or 2 when username/password or Active Directory authentication is in use and a...
CVE-2025-24894
CVE-2025-24894 concerns SPID.AspNetCore.Authentication (AspNetCore Remote Authenticator for SPID). The vulnerability arises from insufficient validation of SAML response signatures in VerifySignature(), which may allow an attacker to impersonate any SPID/CIE user by injecting a valid signature in...