Weak Password Recovery Mechanism for Forgotten Password

Overview apostrophe is a content management system CMS for Node.js. It supports in-context editing, schema-driven content types, flexible widgets and a great deal more. This module contains everything necessary to build a website with ApostropheCMS. Affected versions of this package are vulnerabl...

CVE-2025-13826

Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a configuration reset request is made. The vulnerability is caused by inadequate validation of user-supplied input. An attacker can exploit this vulnerability by sending malicious requests. If the vulnerability is...

CVE-2025-13826 Incorrect input validation on the Zervit portable HTTP/Web server

Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a configuration reset request is made. The vulnerability is caused by inadequate validation of user-supplied input. An attacker can exploit this vulnerability by sending malicious requests. If the vulnerability is...

Timing Attack

Overview apostrophe is a content management system CMS for Node.js. It supports in-context editing, schema-driven content types, flexible widgets and a great deal more. This module contains everything necessary to build a website with ApostropheCMS. Affected versions of this package are vulnerabl...

EUVD-2019-13214

Malware in sbrugna...

CVE-2022-34158

A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attacker's account. Further examination of this issue established that it could also be used to modify the email associated...

CVE-2022-28731

A carefully crafted request on UserPreferences.jsp could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow the attacker to modify the email associated with the attacked account, and then a reset password request from the login page...

CVE-2023-26290

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud loginresetrequest.mhtml modules, Forcepoint Web Security Portal on Hybrid loginresetrequest.mhtml...

F5 BIG-IP AFM Memory Leak Vulnerability

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A memory leak vulnerability exists in the BIG-IP AFM HTTP version 13.1.3.4, which stems from a traffic management microkernel TMM leaking memory when a security profile is applied to a virtual server, a...

CVE-2020-24363

TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password...

CVE-2014-9702

system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information username and password via any request, such as a password reset request...

CVE-2014-9702

system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information username and password via any request, such as a password reset request...

pptp.revisited.txt

Date: Sat, 13 Feb 1999 11:28:40 -0800 From: [email protected] To: [email protected] Subject: PPTP Revisited The following text is in the "iso-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. Lots of people have aske...