IServ Schoolserver User Enumeration

IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...

CVE-2026-9096

Casdoor versions 2.362.0 and earlier do not enforce SAML assertion time bounds. The gosaml2 library reports all time-validation results, including NotOnOrAfter and NotBefore, in the assertionInfo.WarningInfo field. However, ParseSamlResponse never reads this field, meaning that time bounds are...

Malicious code in qaq-core-util-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41cf368bbc06ee2a9e0d2a9b2030d7604a41af7ed5fed253d48a0d9ff41f92f6 lib/memcached.js exports getCacheRedis, getCacheDataRedis, and setCacheRedis. Each function's signature accepts a cachedUrl parameter, but the...

CVE-2025-11935

With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing pskdheke without a keyshare extension...

PT-2025-47812

Name of the Vulnerable Software and Affected Versions TLS 1.3 affected versions not specified Description A server utilizing TLS 1.3 pre-shared key PSK may disregard a client’s request for perfect forward secrecy PFS. This occurs when a server responds to a ClientHello containing psk dhe ke witho...

PT-2024-34474 · Unknown · Ferozo Webmail

Name of the Vulnerable Software and Affected Versions: Ferozo Webmail version 1.1 Description: A critical issue has been identified in Ferozo Webmail, where the MX server disregards configuration settings. Recommendations: For Ferozo Webmail version 1.1, at the moment, there is no information abo...

Technitium DNS Server 安全漏洞

Technitium DNS Server is an open source authoritative and recursive DNS server from the Technitium team. It can be used to self-host DNS servers for privacy and security. A security vulnerability exists in Technitium DNS Server version 11.0.2, which stems from the resolver ignoring valid response...

samba: SMB clients can truncate files with read-only permissions

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

ShellSweep

ShellSweep ShellSweeping the evil Why ShellSweep "Shell...

SUSE CVE-2018-14348

libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information...

SUSE CVE-2022-29244

npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published...

Upgraded Q -> M from 463 [1666363539691]

Judge has assessed an item in Issue 463 as Medium risk. The relevant finding follows: Ignores return value of onERC721Received The try block should include a check to make sure the function returns its selector as specified by IERC721Receiver. While the function may have the same parameters as th...

WordPress VMag theme <= 1.2.7 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress VMag theme versions = 1.2.7. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...

WordPress Ripple theme <= 1.2.0 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress Ripple theme versions = 1.2.0. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...

WordPress StoreVilla theme <= 1.4.1 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress StoreVilla theme versions = 1.4.1. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...

WordPress The Launcher theme <= 1.3.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstask Red Team project in WordPress The Launcher theme versions = 1.3.2. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignore...

No, a Border Wall Won't Stop Coronavirus

Donald Trump's latest pitch for the wall ignores basic science—and might only make things worse...

Authentication Bypass

pysaml2 is vulnerable to authenticable bypass. The vulnerability exists as asserts are ignored when python is run with optimization options, -O, -OO, or with the PYTHONOPTIMIZE environment variable. This causes the UsernamePasswordMako class to accept any password for any valid user...

drinkme - Shellcode Testing Harness

drinkme is a shellcode test harness. It reads shellcode from stdin and executes it. This allows pentesters to quickly test their payloads before deployment. Formats drinkme can handle shellcode in the following formats: "0x" "\x" "x" "" For example, NOP could be represented as any of "0x90",...

SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2017:2356-1)

This update for postgresql96 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684 -...