3038 matches found
CVE-2019-16957
SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account...
Employee Record System current_employees.php file cross-site scripting vulnerability
Employee Record System is an employee record system. Employee Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters employeedid/firstname/middlename/lastname in the file...
CVE-2004-2629
Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express when used with H.323 conferencing endpoints, Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 that stems from a database query where FrontendGroupRestriction is applied only to the first table, which could lead to a data leak. The following...
CLSA-2025-1747430081 Fix of 50 CVEs
CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length CVE-url: https://ubuntu.com/security/CVE-2024-46745 - Input: uinput - reject requests with unreasonable number of slots CVE-url: https://ubuntu.com/security/CVE-2024-44952 - driver core: Fix ueventsho...
Code-Projects Employee Record System 代码注入漏洞
Code-Projects Employee Record System is a Code-Projects open source employee record system. Code-Projects Employee Record System version 1.0 has a code injection vulnerability, the vulnerability stems from the parameter employeedid/firstname/middlename/lastname in the file...
AI-Generated Law
On April 14, Dubai's ruler, Sheikh Mohammed bin Rashid Al Maktoum, announced that the United Arab Emirates would begin using artificial intelligence to help write its laws. A new Regulatory Intelligence Office would use the technology to "regularly suggest updates" to the law and "accelerate the...
CVE-2025-44184
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the websiteimage, fname, lname, contact, username, and address parameters...
Exploit for Cross-site Scripting in Mayurik Best_Employee_Management_System
Vulnerabilities in SourceCodester Best Employee Management Sys...
Detecting Sybil Addresses in Blockchain Airdrops: a Subgraph-Based Feature Propagation and Fusion Approach
Sybil attacks pose a significant security threat to blockchain ecosystems, particularly in token airdrop events. This paper proposes a novel sybil address identification method based on subgraph feature extraction lightGBM. The method first constructs a two-layer deep transaction subgraph for eac...
SourceCodester Best Employee Management System 跨站脚本漏洞
SourceCodester Best Employee Management System is a SourceCodester open source employee management system. A security vulnerability exists in version 1.0 of the SourceCodester Best Employee Management System due to an improper cleanup of the input of the parameters websiteimage, fname, lname,...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
kernel: ext4: make sure the first directory block is not a hole
The syzbot constructs a directory that has no dirblock but is non-inline, i.e. the first directory block is a hole. And no errors are reported when creating files in this directory. Then, we get a directory block without '.' and '..' but with a valid dentry. This may cause some code that relies o...
kernel: dm cache: fix potential out-of-bounds access on the first resume
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast...
CVE-2025-47187
creationtimestamp| type| source ---|---|--- 2025-05-12 01:52:58+00:00| seen| https://t.me/CyberBulletin/3248 2025-07-23 18:34:36+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114903985408711756 2025-07-23 21:07:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lunwfk7st...
Fresh User layers hang/freeze on first logon
When logging on with a fresh profile/ user layer, the UL is created but logon process comes to a halt at a black screen force log off and log back fix the issue, the session is established and user desktop is shown...
Ensure That Users Are Required to Change Their Passwords Upon the First Login
If a password, such as one reset by an administrator, is not promptly changed in the service environment when it is not set by the user, it may lead to low-cost attacks. Therefore, it is necessary for users to change their password upon their initial login. However, the root user...
Large Language Models Are Autonomous Cyber Defenders
Fast and effective incident response is essential to prevent adversarial cyberattacks. Autonomous Cyber Defense ACD aims to automate incident response through Artificial Intelligence AI agents that plan and execute actions. Most ACD approaches focus on single-agent scenarios and leverage...
Directed Greybox Fuzzing Via Large Language Model
Directed greybox fuzzing DGF focuses on efficiently reaching specific program locations or triggering particular behaviors, making it essential for tasks like vulnerability detection and crash reproduction. However, existing methods often suffer from path explosion and randomness in input mutatio...
CVE-2025-32886
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...