Microsoft Windows 11 23H2 Pro SEoL

Microsoft Windows 11 23H2 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CVE-2026-6885

Borg SPM 2007 Sales Ended in 2008 developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2025-12296

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be...

EUVD-2025-36209

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be...

CVE-2025-9752

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgimain of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been...

Malicious code in @malware-test-cagot-heist-ended-total/test-mlw3-cagot-heist-ended-total (npm)

The package @malware-test-cagot-heist-ended-total/test-mlw3-cagot-heist-ended-total was found to contain malicious code...

Training RL Agents for Multi-Objective Network Defense Tasks

Open-ended learning OEL -- which emphasizes training agents that achieve broad capability over narrow competency -- is emerging as a paradigm to develop artificial intelligence AI agents to achieve robustness and generalization. However, despite promising results that demonstrate the benefits of...

CVE-2024-12907

Kentico CMS in version 7 is vulnerable to a Reflected XSS attacks through manipulation of a specific GET request parameter sent to /CMSMessages/AccessDenied.aspx endpoint. Notably, support for this version of Kentico ended in 2016. Version 8 was tested as well and does not contain this...

CVE-2024-12907

CVE-2024-12907 affects Kentico CMS 7, where a Reflected XSS can be triggered by manipulating a specific GET parameter sent to the /CMSMessages/AccessDenied.aspx endpoint. The description notes that Kentico 7 reached end of support in 2016, and Kentico 8 has been tested and does not contain this v...

PT-2024-38246 · Bolt Cms · Bolt Cms

Name of the Vulnerable Software and Affected Versions: Bolt CMS version 3.7.1 Description: A vulnerability was found in the Entry Preview Handler component, affecting the processing of the file /preview/page. The manipulation of the body argument leads to cross-site scripting. The attack can be...

CVE-2024-21780

Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service DoS condition. Note that the affected products are no longer supported...

ASUSTeK COMPUTER RT-AC87U vulnerable to improper access control

Overview RT-AC87U provided by ASUSTeK COMPUTER INC. contains an improper access control vulnerability CWE-284. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An attacker may read or write files that are not intended to be...

Upgraded Q -> 2 from #621 [1675724705438]

Judge has assessed an item in Issue 621 as 2 risk. The relevant finding follows: L2 - mintReceipt function lacks a check to verify if the quest has already ended mintReceipt function missing check for ended quest. This could result in a scenario where a receipt is minted after the quest has ended...

The buy() function on Last Price Dutch Auction Sale doesn't check if auction ended, may lead to user loss asset

Lines of code Vulnerability details Impact The buy function on Last Price Dutch Auction Sale doesn't check if auction is ended, may lead to user loss asset if user call with amount 0 with msg.value 0 Proof of Concept Ideally if the max id finalId is reached, then the auction will end, so no user...

Can't create another claim for user which his claim was revoked / ended

Lines of code Vulnerability details Impact The admin can accidentally create the wrong claim for a user and then revoke it, or he would like to renew a vesting for a user which his vesting was ended. However, this is not possible, because the current claim's fields are not zeroed when it is revok...

Design/Logic Flaw

Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...

CVE-2021-36799

KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

NFT can be minted for free after sale ended

Handle s1m0 Vulnerability details Impact The getPrice return 0 after the sale ended and SALELIMIT - numSales nft can be minted for free. Proof of Concept Tools Used Manual analysis Recommended Mitigation Steps Without documentation i'm not sure if it's the expected behaviour or not. If it's not y...

June 18, 2020—KB4567515 (OS Build 16299.1937)

June 18, 2020—KB4567515 OS Build 16299.1937 IMPORTANT We have been evaluating the public health situation, and we understand the impact this is having on you, our valued customers. To ease one of the many burdens you are currently facing, we have decided to delay the scheduled end of service date...

March 30, 2020—KB4554342 (OS Build 16299.1776)

March 30, 2020—KB4554342 OS Build 16299.1776 IMPORTANT We have been evaluating the public health situation, and we understand the impact this is having on you, our valued customers. To ease one of the many burdens you are currently facing, we have decided to delay the scheduled end of service dat...