An information disclosure vulnerability exists in .NET Core when authentication information is …

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB serv…

cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a pre…

The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both …

The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12…

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Netwo…

REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session …

The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgi…

The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote att…

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 be…

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, …

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC606…

Request is an http client. If a request is made using ```multipart```, and the body type is a `…

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile p…

Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent …

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when in…

It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2…

libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provid…

Insertion of Sensitive Information into Log File vulnerability in Patrick Posner Simply Static.…

A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed…

Lightdash version 0.1024.6 allows users with the necessary permissions, such as Administrator o…

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed ba…

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile p…

A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specifi…

AnythingLLM is an application that turns pieces of content into context that any LLM can use as…

The participants table download in Moodle always included user emails, but should have only don…

Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but…

A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mai…

Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskS…

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile p…

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile p…

Support bundle generated files could contain sensitive information that might be unwanted to be…

Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authori…

KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 1…

An information disclosure vulnerability exists in the challenge functionality of instipod DuoUn…

A CSRF token visible in the URL may possibly lead to information disclosure vulnerability.

Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server versions pr…

Airflow versions before 2.10.3 have a vulnerability that allows authenticated users with audit …

Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-vis…

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba di…