CVE-2023-5545 Moodle: auto-populated h5p author name causes a potential information leak

H5P metadata automatically populated the author with the user's username, which could be sensitive information...

Logical flaws in the Ruyi management system

Ruoyi management system is a SpringBoot2.0 based on the use of Spring, MyBatis, Shiro rights management system . A logic flaw vulnerability exists in Ruoyi Management System. An attacker can use auto-populated account passwords to log in to the backend and obtain sensitive information...

Apple iOS and Safari Information Disclosure Vulnerability

Apple iOS and Safari are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems.Safari is one of the specialized components used in the Safari browser. A...

NextCloud Server Cross-Site Scripting Vulnerability (CNVD-2018-17647)

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany.Nextcloud Server is one of the server version. A cross-site scripting vulnerability exists in versions of NextCloud Server prior to 13.0.5, which stems from the...