11217 matches found
CVE-2025-59428 EspoCRM allows arbitrary user creation via stored SVG injection and CSRF
EspoCRM is an open source customer relationship management application. In versions before 9.1.9, a vulnerability allows arbitrary user creation, including administrative accounts, through a combination of stored SVG injection and lack of CSRF protection. An attacker with Knowledge Base edit...
CVE-2025-59428 EspoCRM allows arbitrary user creation via stored SVG injection and CSRF
EspoCRM is an open source customer relationship management application. In versions before 9.1.9, a vulnerability allows arbitrary user creation, including administrative accounts, through a combination of stored SVG injection and lack of CSRF protection. An attacker with Knowledge Base edit...
CVE-2025-59428
CVE-2025-59428 affects EspoCRM up to version 9.1.8. A combination of stored SVG injection and missing CSRF protection allows an attacker with Knowledge Base edit permissions to cause arbitrary user creation (including admin accounts) by luring an authenticated user to click a malicious SVG link t...
CVE-2025-59428 EspoCRM allows arbitrary user creation via stored SVG injection and CSRF
EspoCRM is an open source customer relationship management application. In versions before 9.1.9, a vulnerability allows arbitrary user creation, including administrative accounts, through a combination of stored SVG injection and lack of CSRF protection. An attacker with Knowledge Base edit...
Targeted Pooled Latent-Space Steganalysis Applied to Generative Steganography, with a Fix
Steganographic schemes dedicated to generated images modify the seed vector in the latent space to embed a message, whereas most steganalysis methods attempt to detect the embedding in the image space. This paper proposes to perform steganalysis in the latent space by modeling the statistical...
PT-2025-41935
Name of the Vulnerable Software and Affected Versions EspoCRM versions prior to 9.1.9 Description EspoCRM is a customer relationship management application. A flaw allows the creation of arbitrary user accounts, including those with administrative privileges. This is achieved through a combinatio...
ULTIMATE-CYBERSECURITY-MASTER-GUIDE
🛡️ ULTIMATE CYBERSECURITY MASTER GUIDE COLLECTION 📊 Comple...
CTIArena: Benchmarking LLM Knowledge and Reasoning across Heterogeneous Cyber Threat Intelligence
Cyber threat intelligence CTI is central to modern cybersecurity, providing critical insights for detecting and mitigating evolving threats. With the natural language understanding and reasoning capabilities of large language models LLMs, there is increasing interest in applying them to CTI, whic...
DITTO: A Spoofing Attack Framework on Watermarked LLMs Via Knowledge Distillation
The promise of LLM watermarking rests on a core assumption that a specific watermark proves authorship by a specific model. We demonstrate that this assumption is dangerously flawed. We introduce the threat of watermark spoofing, a sophisticated attack that allows a malicious model to generate te...
ExPrESSO: Zero-Knowledge Backed Extensive Privacy Preserving Single Sign-On
User authentication is one of the most important aspects for secure communication between services and end-users over the Internet. Service providers leverage Single-Sign On SSO to make it easier for their users to authenticate themselves. However, standardized systems for SSO, such as OIDC, do n...
Distilling Lightweight Language Models for C/C++ Vulnerabilities
The increasing complexity of modern software systems exacerbates the prevalence of security vulnerabilities, posing risks of severe breaches and substantial economic loss. Consequently, robust code vulnerability detection is essential for software security. While Large Language Models LLMs have...
EUVD-2020-3421
Malware in sbrugna...
EUVD-2018-14332
Malware in sbrugna...
EUVD-2017-12487
Malware in sbrugna...
EUVD-2006-6551
Malware in sbrugna...
EUVD-2008-0828
Malware in sbrugna...
EUVD-2007-1036
Malware in sbrugna...
EUVD-2020-22584
Malware in sbrugna...
EUVD-2018-18937
Malware in sbrugna...
EUVD-2005-1199
Malware in sbrugna...