15 matches found
PT-2026-25397
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, in multi-user mode, AnythingLLM blocks suspended users on the normal JWT-backed session path, but it does not block them on the browser extension API...
CVE-2026-23961
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961 Mastodon may allow a remote suspension bypass
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961
Summary of CVE-2026-23961 (Mastodon): A logic flaw in how suspended remote users are handled allows old posts from those users to appear in timelines, and under some circumstances, newly created posts from suspended users can be processed and surfaced. Affected releases span multiple lines: v4.5....
EUVD-2026-4207
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2026-23961 Mastodon may allow a remote suspension bypass
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...
CVE-2016-10834
cPanel before 55.9999.141 allows account-suspension bypass via ftp SEC-105...
EUVD-2019-11035
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user...
PT-2021-16982 · Cpanel · Cpanel
Name of the Vulnerable Software and Affected Versions: cPanel versions prior to 92.0.9 Description: The issue allows a MySQL user with an old-style password hash to bypass suspension. Recommendations: For versions prior to 92.0.9, update to version 92.0.9 or later to resolve the issue...
CVE-2019-20491
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...
Design/Logic Flaw
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...
CVE-2016-10834
cPanel before 55.9999.141 allows account-suspension bypass via ftp SEC-105...
CVE-2016-10834
CVE-2016-10834 affects cPanel versions before 55.9999.141, where an account-suspension could be bypassed via FTP (SEC-105). Concrete details across sources confirm the vulnerability exists in cPanel and that remediation is to upgrade to 55.9999.141 or later. The Red Hat/NVD entries corroborate th...
CVE-2017-1000135
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended...