15 matches found
EUVD-2021-25602
Malware in sbrugna...
EUVD-2020-12884
Malware in sbrugna...
EUVD-2007-0161
Malware in sbrugna...
EUVD-2020-12885
Malware in sbrugna...
EUVD-2024-3114
Malicious code in bioql PyPI...
CVE-2024-34711
GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...
CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...
BIT-ENVOY-2025-46821 Envoy vulnerable to bypass of RBAC uri_template permission
Envoy is a cloud-native edge/middle/service proxy. Prior to versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8, Envoy's URI template matcher incorrectly excludes the character from a set of valid characters in the URI path. As a result URI path containing the character will not match a URI template...
CVE-2025-46821
Envoy is a cloud-native edge/middle/service proxy. Prior to versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8, Envoy's URI template matcher incorrectly excludes the character from a set of valid characters in the URI path. As a result URI path containing the character will not match a URI template...
PT-2025-20297 · Envoy · Envoy
Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.34.1 Envoy versions prior to 1.33.3 Envoy versions prior to 1.32.6 Envoy versions prior to 1.31.8 Description: The issue arises from Envoy's URI template matcher incorrectly excluding the character from a set of vali...
PT-2025-18019 · Ververica · Ververica Platform
Name of the Vulnerable Software and Affected Versions: Ververica Platform version 2.14.0 Description: The issue is a Reflected XSS vulnerability. It can be exploited via a "namespaces/default/formats" URI. Recommendations: For Ververica Platform version 2.14.0, consider restricting access to the...
CVE-2021-27515
url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path...
CVE-2018-18935
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account...
Webserver4everyone < 1.30 URI Overflow
Binary data 1448.prm...
Foundry Networks ServerIron don't decode URIs
Date : 13/03/2002 . By : Frank DENIS [email protected] Vendor : Foundry Networks http://www.foundrynet.com . Product: ServerIron web switches. Summary: Vulnerability in URI parsing code allows to bypass rules. ------------------- DESCRIPTION ------------------- Foundry Networks' ServerIron Family...