EUVD-2019-17271

Malware in sbrugna...

CLSA-2025-1757501175 httpd: Fix of CVE-2025-49812

CVE-2025-49812: remove support for TLS upgrade to prevent HTTP desynchronisation attacks in modssl configurations...

CVE-2024-13967

This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT. This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8...

CVE-2024-47056 Mautic does not shield .env files from web traffic

SummaryThis advisory addresses a security vulnerability in Mautic where sensitive .env configuration files may be directly accessible via a web browser. This exposure could lead to the disclosure of sensitive information, including database credentials, API keys, and other critical system...

GHSA-H95J-H2RV-QRG4 Django Cross-Site Request Forgery vulnerability

The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page...

Buggy Domain Validation Forces GoDaddy to Revoke Certs

GoDaddy has revoked, and begun the process of re-issuing, new SSL certificates for more than 6,000 customers after a bug was discovered in the registrar’s domain validation process. The bug was introduced July 29 and impacted fewer than two percent of the certificates GoDaddy issued from that dat...