BIT-NGINX-INGRESS-CONTROLLER-2026-24513 ingress-nginx auth-url protection bypass

A security issue was discovered in ingress-nginx where the protection afforded by the auth-url Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors...

CVE-2026-24513

A security issue was discovered in ingress-nginx where the protection afforded by the auth-url Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the auth-url annotation when a specific misconfiguration occurs involving a custom-errors configuration that includes HTTP errors 401 or 403, and the configured default custom-erro...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the auth-url annotation when a specific misconfiguration occurs involving a custom-errors configuration that includes HTTP errors 401 or 403, and the configured default custom-erro...

CVE-2026-24513

A security issue was discovered in ingress-nginx where the protection afforded by the auth-url Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors...

CVE-2026-24513 ingress-nginx auth-url protection bypass

A security issue was discovered in ingress-nginx where the protection afforded by the auth-url Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors...

CVE-2026-24513

Ingress-NGINX contains a vulnerability where the protection of the auth-url Ingress annotation can be bypassed if a default custom-errors backend is configured with HTTP 401/403 and that backend incorrectly ignores the X-Code header. The built-in custom-errors backend functions correctly, but tri...

CVE-2026-24513 ingress-nginx auth-url protection bypass

A security issue was discovered in ingress-nginx where the protection afforded by the auth-url Ingress annotation may not be effective in the presence of a specific misconfiguration. If the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors...

EUVD-2005-3697

Malware in sbrugna...

EUVD-2015-1289

Malware in sbrugna...

EUVD-2016-2222

Malware in sbrugna...

EUVD-2005-2744

Malware in sbrugna...

LibreOffice Improper Validation of Array Index vulnerability (May 2025) - Mac OS X

LibreOffice is prone to an improper validation of array index vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-4022 web-arena-x webarena evaluators.py HTMLContentEvaluator code injection

A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical. This vulnerability affects the function HTMLContentEvaluator of the file webarena/evaluationharness/evaluators.py. The manipulation of the argument target"url" leads to code injection. The attack can ...

PT-2025-18070 · Unknown · Web-Arena-X

Name of the Vulnerable Software and Affected Versions: web-arena-x webarena version 0.2.0 Description: A critical vulnerability was found in the web-arena-x webarena software. This issue affects the HTMLContentEvaluator function of the file webarena/evaluation harness/evaluators.py. The...

File Upload Vulnerability in DedeCMSV6

DedeCMSV6 is based on PHP 7.x development, is scalable and fully open source. A file upload vulnerability exists in DedeCMSV6, which can be exploited by an attacker to cause arbitrary code execution...

CVE-2020-7065 mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mbstrtolower function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution...

Inject Custom Code Into PE File: InfectPE

Inject Custom Code Into PE File Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files. Why you need InjectPE? You can test your security products. Use in a phishing campaign. Learn how PE injection works. …and so on. In the project, there i...

EUVD-2016-2171

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...

joomla component mosmedialite451 - Remote File Inclusion Vulnerability

No description provided by source. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Scripts : MOSMediaLite451 Discovered By : k1n9k0ng Scripts site : http://www.djoomla.com/component/option,comremository/Itemid,2/func,fileinfo/id,104/ Thanks To :...