9 matches found
CVE-2026-25222
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific email address is registered on the platform. By measuring the response time of the login endpoint...
CVE-2026-25222
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific email address is registered on the platform. By measuring the response time of the login endpoint...
CVE-2026-25222 PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific email address is registered on the platform. By measuring the response time of the login endpoint...
CVE-2026-25222 PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific email address is registered on the platform. By measuring the response time of the login endpoint...
CVE-2026-25222 PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific email address is registered on the platform. By measuring the response time of the login endpoint...
PT-2026-5730
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, a timing attack vulnerability in the sign-in process allows unauthenticated attackers to determine if a specific email address is registered on the platform. By measuring the response time of the login endpoint...
Oracle Linux 9 : php:8.3 (ELSA-2025-7418)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7418 advisory. php 8.3.19-1 - rebase to 8.3.19 8.3.15-1 - rebase to 8.3.15 8.3.12-1 - rebase to 8.3.12 RHEL-62189 - enable command history in phpdbg - backport Argon2...
php:8.3 security update
php 8.3.19-1 - rebase to 8.3.19 8.3.15-1 - rebase to 8.3.15 8.3.12-1 - rebase to 8.3.12 RHEL-62189 - enable command history in phpdbg - backport Argon2 password hashing in OpenSSL ext - build sockets extension statically - switch to nikic/php-parser version 5 - openssl: always warn about missing...
PT-2024-35954 · Rpgp · Rpgp
Name of the Vulnerable Software and Affected Versions: rPGP versions prior to 0.14.1 Description: The issue allows attackers to trigger resource exhaustion vulnerabilities in rPGP by providing crafted messages, affecting general message parsing and decryption with symmetric keys. This can cause...