EUVD-2020-18842

Malware in sbrugna...

EUVD-2022-1975

Malicious code in bioql PyPI...

EUVD-2025-13505

Malicious code in bioql PyPI...

Benchmarking Fraud Detectors on Private Graph Data

We introduce the novel problem of benchmarking fraud detectors on private graph-structured data. Currently, many types of fraud are managed in part by automated detection algorithms that operate over graphs. We consider the scenario where a data holder wishes to outsource development of fraud...

CVE-2021-32750

MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL...

CVE-2025-46340

Misskey CSS style injection vulnerability (CVE-2025-46340) affects 12.0.0 up to 2025.4.0 due to inadequate validation in UrlPreviewService and MkUrlPreview, enabling arbitrary CSS in MkUrlPreview and potential de-anonymization/related client attacks. UrlPreviewService.wrap avoids non-http/https U...

PT-2025-19769 · Misskey · Misskey

Name of the Vulnerable Software and Affected Versions: Misskey versions 12.0.0 through 2025.4.0 Description: The issue arises from an oversight in validation performed in UrlPreviewService and MkUrlPreview, allowing an attacker to inject arbitrary CSS into the MkUrlPreview component. This can lea...

GHSA-69M9-RPRC-2X7G Moodle reveals student identities through assignment submissions search on anonymous submissions

A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities...

Moodle reveals student identities through assignment submissions search on anonymous submissions

A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities...

CVE-2025-3628

A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities...

CVE-2025-3628

A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities...

CVE-2025-3628

A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities...

Moodle 信息泄露漏洞

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the fact that anonymous assignment submissions can...

PT-2025-17910

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities. Recommendations At the moment, there is no information about a...

CVE-2020-26230

Radar COVID is the official COVID-19 exposure notification app for Spain. In affected versions of Radar COVID, identification and de-anonymization of COVID-19 positive users that upload Radar COVID TEKs to the Radar COVID server is possible. This vulnerability enables the identification and...

CVE-2023-36325

i2p before 2.3.0 Java allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden services aka eepsites via a correlation attack across the IPv4 and IPv6 addresses that occurs when a tunneled, replayed message has a behavior discrepancy it may be dropped, or may result in a Wrong...

Tor anonymity compromised by law enforcement. Is it still safe to use?

Despite people generally considering the Tor network as an essential tool for anonymous browsing, german law enforcement agencies have managed to de-anonymize Tor users after putting surveillance on Tor servers for months. Before we go into the what the agencies did, let's take a look at some...

CVE-2022-24403 De-anonymization attack in TETRA

The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK Class 2 networks or CCK Class 3 networks. The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an adversary to encrypt or decrypt arbitrary identities given on...

Clario VPN client security vulnerability

Clario VPN client is a VPN client for Mac from Clario. A security vulnerability exists in Clario VPN client macOS version 5.9.1.1662, which originates when the VPN client insecurely configures the operating system so that all IP traffic that gets to the VPN server's IP address is sent outside the...

Dominion Voting Systems ImageCast X 安全特征问题漏洞

Dominion Voting Systems ImageCast X is an intuitive and configurable face-to-face voting solution from Dominion Voting Systems. A security vulnerability exists in Dominion Voting Systems ImageCast Precinct and ImageCast Evolution, which stems from a flaw in the pseudo-random number generator that...