3635 matches found
Two-Dimensional XOR-Based Secret Sharing for Layered Multipath Communication
This paper introduces the first two-dimensional XOR-based secret sharing scheme for layered multipath communication networks. We present a construction that guarantees successful message recovery and perfect privacy when an adversary observes and disrupts any single path at each transmission laye...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE and CE versions 11.10 up to and...
CVE-2025-10976
A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high...
CVE-2017-20200
A vulnerability has been found in Coinomi up to 1.7.6. This issue affects some unknown processing. Such manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is assessed as...
Gitlab -- Vulnerabilities
Gitlab reports: Denial of Service issue when uploading specifically crafted JSON files impacts GitLab CE/EE Denial of Service issue bypassing query complexity limits impacts GitLab CE/EE Information disclosure issue in virtual registery configuration for low privileged users impacts GitLab CE/EE...
CVE-2025-10778
A vulnerability has been found in Smartstore up to 6.2.0. The affected element is an unknown function of the file /checkout/confirm/ of the component Gift Voucher Handler. The manipulation leads to race condition. The attack may be initiated remotely. The attack's complexity is rated as high. The...
CVE-2025-10776
A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high...
CVE-2017-20200
Coinomi CVE-2017-20200 affects versions up to 1.7.6 and involves cleartext transmission of sensitive information due to an unspecified processing issue. The vulnerability can be triggered remotely and is described with high attack complexity. Several connected sources reiterate the affected versi...
Security Bulletin: Vulnerability in Babel affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in Babel has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...
CVE-2025-10778
A vulnerability has been found in Smartstore up to 6.2.0. The affected element is an unknown function of the file /checkout/confirm/ of the component Gift Voucher Handler. The manipulation leads to race condition. The attack may be initiated remotely. The attack's complexity is rated as high. The...
CVE-2025-10778
Vulnerability summary (CVE-2025-10778) : A race condition exists in the Gift Voucher Handler component of Smartstore, located in the unknown function within the /checkout/confirm/ path, affecting Smartstore versions up to 6.2.0 (and addressed in later advisories recommending 6.2.1+). The issue ca...
CVE-2025-10778 Smartstore Gift Voucher confirm race condition
A vulnerability has been found in Smartstore up to 6.2.0. The affected element is an unknown function of the file /checkout/confirm/ of the component Gift Voucher Handler. The manipulation leads to race condition. The attack may be initiated remotely. The attack's complexity is rated as high. The...
CVE-2025-10776
A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high...
CVE-2025-10776 LionCoders SalePro POS Login cleartext transmission
A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high...
CVE-2025-10776 LionCoders SalePro POS Login cleartext transmission
A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high...
PT-2025-38677
Name of the Vulnerable Software and Affected Versions Smartstore versions prior to 6.2.1 Description A race condition exists in the Gift Voucher Handler component of Smartstore. The issue is located in an unknown function within the /checkout/confirm/ file. The attack can be initiated remotely an...
CVE-2025-10761
A vulnerability has been found in Harness 3.3.0. Affected is an unknown function of the file /api/v1/login of the component Login Endpoint. The manipulation leads to improper restriction of excessive authentication attempts. Remote exploitation of the attack is possible. The attack is considered ...
CVE-2025-10761 Harness Login Endpoint login excessive authentication
A vulnerability has been found in Harness 3.3.0. Affected is an unknown function of the file /api/v1/login of the component Login Endpoint. The manipulation leads to improper restriction of excessive authentication attempts. Remote exploitation of the attack is possible. The attack is considered ...
CVE-2025-10761
CVE-2025-10761 affects Harness 3.3.0, specifically the /api/v1/login endpoint in the Login Endpoint component. The issue is an improper restriction of excessive authentication attempts, enabling remote exploitation with high complexity and a low overall CVSS base, but a non-trivial attack path is...
CVE-2025-10761 Harness Login Endpoint login excessive authentication
A vulnerability has been found in Harness 3.3.0. Affected is an unknown function of the file /api/v1/login of the component Login Endpoint. The manipulation leads to improper restriction of excessive authentication attempts. Remote exploitation of the attack is possible. The attack is considered ...