CVE-2023-4478

Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts...

CVE-2025-43506

Summary (CVE-2025-43506) A logic error affecting macOS Tahoe 26.1 related to iCloud Private Relay activation when multiple user accounts are logged in. The issue was resolved in macOS Tahoe 26.1 with improved error handling. The Red Hat and NVD entries corroborate the same vulnerability descripti...

EUVD-2018-19652

Malware in sbrugna...

EUVD-2023-54453

Malicious code in bioql PyPI...

EUVD-2021-7722

Malicious code in bioql PyPI...

CVE-2025-38131 coresight: prevent deactivate active config while enabling the config

In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfgcsdevenableactiveconfig, active config could be deactivated via configfs' sysfs interface. This could make UAF issue in bel...

CVE-2025-48481 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email invitation containing invitehash, can exploit this vulnerability to self-activate their account, despite it being blocked or deleted, by leveraging the invitation link fro...

RLSA-2024:11111 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

PT-2023-29786 · WordPress · Affiliatewp

Name of the Vulnerable Software and Affected Versions: AffiliateWP for WordPress versions up to, and including, 2.14.0 Description: The issue allows authenticated attackers with subscriber-level access and above to modify data without authorization due to a missing capability check on the affwp...

CVE-2022-4700 Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Theme Activation

The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpractivaterequiredtheme' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to activate the...

January 5, 2022—KB5010195 (OS Build 14393.4827) Out-of-band

January 5, 2022—KB5010195 OS Build 14393.4827 Out-of-band 11/19/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1607, see its update history page. Highlights Update...

Incorrect disclaimer is displayed in the Product Activation wizard in the Polish version of Windows 7 SP1 and Windows Server 2008 R2 SP1

Incorrect disclaimer is displayed in the Product Activation wizard in the Polish version of Windows 7 SP1 and Windows Server 2008 R2 SP1 Symptoms Consider the following scenario: You try to activate Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1 by using the Product Activation wizard...

Activation doesn't work if the sppsvc.exe process doesn't start automatically in Windows 8 or Windows Server 2012

Activation doesn't work if the sppsvc.exe process doesn't start automatically in Windows 8 or Windows Server 2012 This issue occurs because the Task Scheduler does not correctly trigger certain events, including the rescheduling of events, when the computer is started after an overdue task...

KMS is not Activating Windows on PVS 7.1

PVS: 7.1 : KMS is not activating Windows...

App Layering/Unidesk: If user logs in before Office activation script runs, Office licensing will break

When a user logs in and runs an Office component, they may immediately see "Please wait while setup configures microsoft office", which will run a repair function, which will fail. If they have Lync installed, then that Office component might run immediately without any interaction from them. Or...

Windows / Office is not activating on App Layering images - "runipkato" file not present

Windows and Office can show as not having activated or not genuine copies of Windows after booting up an image created by Citrix App Layering...