183 matches found
CVE-2015-1313
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request...
CVE-2024-53359
An issue in Zalo v23.09.01 allows attackers to obtain sensitive user information via a crafted GET request...
Cross-site Scripting (XSS)
Overview org.webjars.npm:bootstrap-multiselect is a JQuery multiselect plugin based on Twitter Bootstrap. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the post.php script. An attacker can execute scripts in the context of the user's browser session by sendi...
DEBIAN-CVE-2024-13009
In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests...
Configure the SELinux Policy Correctly
SELinux policies are classified into basic policies and user-defined policies. Basic policies: policies defined in the basic policy package, including selinux-policy, selinux-policy-targeted, and selinux-policy-mls. User-defined policies: policies modified or added by users. SELinux can implement...
Publicly Verifiable Secret Sharing: Generic Constructions and Lattice-Based Instantiations in the Standard Model
Publicly verifiable secret sharing PVSS allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813 Proof-of-Concept Standalone This repository...
CVE-2024-42208
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...
CVE-2024-42208
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...
CVE-2024-42208
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...
CVE-2024-42208
Technical details about CVE-2024-42208 are not publicly available in the provided documents; monitor for updates.
CVE-2024-42208 HCL Connections is vulnerable to an information disclosure vulnerability
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...
HCL Connections 安全漏洞
HCL Connections is a suite of enterprise collaboration platforms from HCL India. HCL Connections has a security vulnerability that stems from mishandling of request data, which could lead to information leakage...
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.13 and prior versions, which stems from improper access control in the Temporary...
CVE-2025-1259
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available...
CVE-2024-23563
HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...
CVE-2024-23563 HCL Connections Docs is vulnerable to a sensitive information disclosure
HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...
CVE-2024-23563
CVE-2024-23563 affects HCL Connections Docs. The issue is a sensitive information disclosure caused by improper handling of request data, allowing an attacker to access information they should not be entitled to. Connected sources corroborate the vulnerability and describe the root cause as misha...
HCL Connections 安全漏洞
HCL Connections is a suite of enterprise collaboration platforms from HCL Corporation, USA. A security vulnerability exists in HCL Connections version 2.0.2, which stems from mishandling of request data and can lead to disclosure of sensitive information...
PT-2025-6171 · Unknown · Octopus Deploy
Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: In affected versions of Octopus Deploy where customers are using Active Directory for authentication, it was possible for an unauthenticated user to make an API request against two...