CVE-2025-41106

creationtimestamp| type| source ---|---|--- 2025-11-11 13:37:46+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5eaygf7rbi2...

CVE-2025-41106 Multiple vulnerabilities in Fairsketch's RISE CRM Framework

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'firstname' in '/clients/savecontact/'...

MAL-2025-41106 Malicious code in zucchini-gorilla-hpot (npm)

The package zucchini-gorilla-hpot was found to contain malicious code...

CVE-2023-41106

An issue was discovered in Zimbra Collaboration ZCS before 10.0.3. An attacker can gain access to a Zimbra account. This is also fixed in 9.0.0 Patch 35 and 8.8.15 Patch 42...

CVE-2023-41106

creationtimestamp| type| source ---|---|--- 2023-12-30 12:01:15+00:00| seen| https://t.me/ctinow/160859...

CVE-2023-41106

An issue was discovered in Zimbra Collaboration ZCS before 10.0.3. An attacker can gain access to a Zimbra account. This is also fixed in 9.0.0 Patch 35 and 8.8.15 Patch 42...

CVE-2023-41106

CVE-2023-41106 affects Zimbra Collaboration (ZCS) prior to 10.0.3. An unauthenticated attacker could gain access to a Zimbra account. The issue is fixed in 10.0.3 and also in 9.0.0 Patch 35 and 8.8.15 Patch 42. Remediation is to upgrade to a fixed release (10.0.3+ or corresponding patched lines)....

Microsoft Office class attribute double-free vulnerability

Talos Vulnerability Report TALOS-2022-1591 Microsoft Office class attribute double-free vulnerability November 15, 2022 CVE Number CVE-2022-41106 SUMMARY A double-free vulnerability exists in the class attribute functionality of Microsoft Office Excel 2019 x86 - version 2207 build 15427.20210 and...

CVE-2022-41106

creationtimestamp| type| source ---|---|--- 2022-11-10 00:46:17+00:00| seen| https://t.me/cibsecurity/52765 2022-11-18 11:20:07+00:00| seen| https://t.me/truesecator/3723...

CVE-2022-41106

Microsoft Excel Remote Code Execution Vulnerability...

CVE-2022-41106

CVE-2022-41106 is a Microsoft Excel Remote Code Execution vulnerability. Public details in connected docs describe Excel/Office components as affected and indicate that security updates exist. Remediation in public docs includes security updates: KB5002253 for Excel 2016 (and related Office insta...

Description of the security update for Excel 2013: November 8, 2022 (KB5002275)

Description of the security update for Excel 2013: November 8, 2022 KB5002275 Summary This security update resolves a Microsoft Excel remote code execution vulnerability and Microsoft Excel security feature bypass vulnerability. To learn more about the vulnerabilities, see the following security...

CVE-2021-41106

creationtimestamp| type| source ---|---|--- 2021-09-29 00:36:13+00:00| seen| https://t.me/cibsecurity/29605...

CVE-2021-41106

The CVE-2021-41106 issue affects the LCobucci JWT library. Before versions 3.4.6, 4.0.4, and 4.1.5, when using HMAC-based algorithms (HS256/384/512) with LocalFileReference as the key, tokens were issued/validated using the file path instead of the file contents. This effectively means the key ma...

CVE-2021-41106 File reference keys leads to incorrect hashes on HMAC algorithms

JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as...

CVE-2021-41106: File reference keys leads to incorrect hashes on HMAC algorithms

Description Impact Users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as hashing key - instead of the contents. The HMAC hashing functions take any string as input and,...

CVE-2021-41106: File reference keys leads to incorrect hashes on HMAC algorithms

Impact Users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as hashing key - instead of the contents. The HMAC hashing functions take any string as input and, since users...