Joomla RAXO All-Mode PRO 2.01 Cross Site Scripting Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : RAXO Group - raxo.org │ │ Softwa...

Joomla Rentalot Plus 19.05 Cross Site Scripting Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Les Arbres Design │ │ Software :...

Aruba Networks ArubaOS and Instant PAPI Protocol Buffer Overflow Vulnerability

ArubaOS is the network operating system for Aruba Mobility Controllers, Mobility Masters, and controller-managed access points APs. instantOS is an Arch Linux-based distribution. aruba networks ArubaOS and Instant PAPI The Aruba Networks ArubaOS and Instant PAPI protocols are vulnerable to a buff...

Veritas Desktop and Laptop Option Cross-Site Scripting Vulnerability

Veritas Desktop and Laptop Option is a software from Veritas, USA that provides data backup and endpoint protection features for Windows and Mac desktops and laptops. The software supports network-less protection, instant backup, customized failover, self-service restore, and other protection...

Aruba Networks ArubaOS 安全漏洞

ArubaOS is the network operating system for Aruba Mobility Controllers, Mobility Masters, and controller-managed access points APs. instantOS is an Arch Linux-based distribution. aruba networks ArubaOS and Instant PAPI The Aruba Networks ArubaOS and Instant PAPI protocols are vulnerable to a buff...

Vulnerabilities fixed in Oracle Communications Applications

Oracle has fixed vulnerabilities in the following products: Communications ASAP Communications Billing and Revenue Management Communications BRM - Elastic Charging Engine Communications Design Studio Communications Instant Messaging Server Communications Offline Mediation Controller Communication...

The vulnerability of the Disaster Recovery function in Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and the integrated Cisco Unity Connection messaging system allows a intruder to execute arbitrary commands with administrator privileges.

The vulnerability of the Disaster Recovery function in Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and the integrated Cisco Unity Connection messaging system is related to access control deficiencies. Exploiting this vulnerability could allow ...

Fedora: Security Advisory for matrix-synapse (FEDORA-2022-45bf6d4b88)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: matrix-synapse-1.61.1-1.fc35

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

Rug vector for admin of Lender.sol who can max approve all principal tokens for any market without waiting the 3 days to themselves

Lines of code Vulnerability details Impact The admin of Lender.sol is authorized to call the function approve which will grant any address max approval over the principal tokens of a particular market. I assume that this functionality is used to approve the respective redeemer contracts used in...

[M-01] Cannot set or change curve pool after initialization

Lines of code Vulnerability details Impact Inability to set or change curve pool after initialization will hurt the project liquidity and block the ability to instant unstake from curve. Approving the CURVEPOOL address is done only on initialize and only if non zero address supplied. When using...

instantUnstake function can be frontrunned with fee increase

Lines of code Vulnerability details Impact instantUnstake allows user to unstake their stakingToken for a fee paid to the liquidity providers. This fee could be changed up to 100% any moment by admin. Malicious admin could frontrun users instantUnstake transaction and set fee to any value using...

MAL-2022-2960 Malicious code in facebook-instant-articles-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc02fad01d5fe01830bef43af8b315de5fd60147c4672a02553c59534c93b2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in facebook-instant-articles-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc02fad01d5fe01830bef43af8b315de5fd60147c4672a02553c59534c93b2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @instant-api-hooks/assethub-campaigns (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3cd0ffbe2349da7aea9f042d99b1fc38ec727b62ded2bee52f82d613acfc9f1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

Is quantum teleportation the future of secure communications?

“Beam me up Scotty” will always remain my first association with teleportation. And as it stands now, we are still a long way from teleporting matter, but the teleportation of information has recently made a huge step forward. Researchers in Delft say they have succeeded in teleporting quantum...

Microsoft Skype for Business and Lync Spoofing Vulnerability

Microsoft Skype for Business Server is a secure, unified communications platform from Microsoft that provides instant messaging IM, audio and video calling, online conferencing, online status messaging, and sharing capabilities. A spoofing vulnerability exists in Microsoft Skype for Business and...

CVE-2021-41005

A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...

CVE-2021-41004

A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...