CVE-2024-3931

A vulnerability was found in Totara LMS up to 18.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component User Selector. The manipulation of the argument ID Number leads to cross site scripting. The attack may be...

Relate Cross Site Scripting

Exploit Title: Relate Learning And Teaching system Version before 2024.1 Stored XSS Date: 18/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

Totara LMS 代码注入漏洞

Totara LMS is a learning management system from Totara. A cross-site scripting vulnerability exists in Totara LMS version 18.0.1 Build 20231128.01, which stems from the fact that admin/roles/check.php in the component Profile Handler contains some unknown functions that lead to cross-site scripti...

AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now...

CVE-2024-30403

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process,...

CVE-2024-30403

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process,...

CVE-2024-30402

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...

CVE-2024-30386

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service DoS. In an EVPN-VXLAN scenario, when state updates are received and...

CVE-2024-30403 Junos OS Evolved: When MAC learning happens, and an interface gets flapped, the PFE crashes

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process,...

CVE-2024-30403

Summary of CVE-2024-30403 (Junos OS Evolved): A NULL pointer dereference in the Packet Forwarding Engine (PFE) allows an unauthenticated, adjacent attacker to cause a Denial of Service when MAC learning occurs on a logical interface and the interface flaps, triggering an evo-aftmand-bt core crash...

CVE-2024-30403 Junos OS Evolved: When MAC learning happens, and an interface gets flapped, the PFE crashes

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process,...

CVE-2024-30402

Summary of CVE-2024-30402 (Juniper Junos OS / Junos OS Evolved): The vulnerability stems from an improper check for unusual or exceptional conditions in the Layer 2 Address Learning Daemon (l2ald). When telemetry requests are received and the Dynamic Rendering Daemon (drend) is suspended, l2ald c...

CVE-2024-30386

CVE-2024-30386 is a Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved. In EVPN-VXLAN deployments, state updates processed by adjacent systems may flow in an unsafe order, causing l2ald to crash and restart, leading to a D...

GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

Exploit Title: GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload Date: 2024-02-04 Exploit Author: Georgios Tsimpidas Vendor Homepage: https://www.openeclass.org/ Software Link: https://download.openeclass.org/files/3.15/ Version: 3.15 2024 Tested on: Debian Kali...

Qualys Endpoint Detection & Response Validated by Top Independent Testing Labs

Qualys is proud to announce that our Endpoint Detection & Response solution has earned top certifications from two of the most respected independent anti-virus testing organizations - SE Labs and AV-Test. These prestigious validations underscore Qualys mission to deliver best-in-class malware...

Exploit for Unrestricted Upload of File with Dangerous Type in Openeclass

CVE-2024-31777 | GUnet OpenEclass E-learning platform Unrestri...

GUnet OpenEclass E-learning 3.15 File Upload / Command Execution Exploit

GUnet OpenEclass E-learning platform version 3.15 suffers from an unrestricted file upload vulnerability in certbadge.php that allows for remote command execution. import requests import argparse import zipfile import os import sys RED = '\03391m' GREEN = '\03392m' YELLOW = '\03393m' RESET =...

Juniper Junos OS Vulnerability (JSA79180)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79180 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows...

PT-2024-4771 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 23.2R1-S1-EVO Juniper Networks Junos OS Evolved version 23.2R2-EVO Description: A NULL Pointer Dereference issue in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allo...

WordPress Plugin MasterStudy LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...