eCPPT-Penetration-Testing-Reports

eCPPT Penetration Testing Reports Penetration testing lab rep...

WordPress plugin auto making JSON-LD 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress auto making JSON-LD plugin <= 4.5.3 - Cross-Site Request Forgery to Plugin Certification Settings vulnerability

Cross-Site Request Forgery to Plugin Certification Settings vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin auto making JSON-LD versions = 4.5.3...

Encrypted Neural Networks without Overflows

Fully homomorphic encryption FHE enables private inference by evaluating neural networks on encrypted data. In this way, we can delegate the computation to a third party server without ever revealing the user's data. Currently, the CKKS scheme is the backbone of most efficient FHE implementations...

Numerical Security Analysis for Practical Quantum Key Distribution

Quantum key distribution QKD promises information-theoretic security based on quantum mechanics and idealized device models. Practical implementations, however, deviate from these models due to unavoidable device imperfections, and existing security proofs fall short of capturing the complexity o...

Dell ECS 安全漏洞

Dell ECS is an enterprise-level object storage solution from the American company Dell. Versions 3.8.1.0 to 3.8.1.7 of Dell ECS, as well as versions prior to 4.3.0.0 of Dell ObjectScale, have security vulnerabilities. These vulnerabilities stem from a certification bypass in Geo replication, whic...

CVE-2025-13480

creationtimestamp| type| source ---|---|--- 2026-04-20 02:55:00+00:00| seen| https://cert.pl/en/posts/2026/04/CVE-2025-13480 2026-04-20 11:39:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjwezimq2l2e...

Description of the security update for SharePoint Server Subscription Edition: April 14, 2026 (KB5002853)

Description of the security update for SharePoint Server Subscription Edition: April 14, 2026 KB5002853 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If...

CVE-2025-13822

creationtimestamp| type| source ---|---|--- 2026-04-14 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/04/CVE-2025-13822 2026-04-15 09:42:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116408066492828654...

CVE-2026-4901

creationtimestamp| type| source ---|---|--- 2026-04-09 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/04/CVE-2026-4901/ 2026-04-09 11:16:38+00:00| seen| Telegram/nE1gVyn8jRxbZ-OhSUewb4fvVZDT-qjlGTvhk8YiMctdMk 2026-04-09 12:27:44+00:00| seen|...

CVE-2021-3200

creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...

certstrike

CertStrike ADCS exploitation and PKI attack framework with in...

Beyond the Badge: What Achieving Microsoft’s Certified Software Designation Means for Your Cloud Security

Verified by Microsoft. Built for Azure. Secured by Wiz...

CVE-2025-68795

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/ 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen|...

CVE-2023-53168

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

CVE-2022-50380

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

Quill 安全漏洞

Quill is an open-source application developed by Quill. It provides an application editor function. Versions of Quill prior to 0.7.1 contained security vulnerabilities. These vulnerabilities stemmed from the unlimited reading of HTTP response bodies during Apple certification processes, which cou...

Wiz Achieves CPSTIC Certification in Spain

Strengthening secure cloud modernization for Spain’s public sector through CPSTIC certification...

CLSA-2026-1772027218 Update of ca-certificates

update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "ePKI Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking"...

Exploit for Improper Certificate Validation in Microsoft

CVE-2022-26923 – Certifried Exploit AD CS Abuse Automatisat...