7043 matches found
Chamilo LMS security vulnerabilities
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Version 1.11.2 of Chamilo LMS contains a security vulnerability. This vulnerability stems from insufficient...
CVE-2025-69581
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personaldata endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to...
CVE-2026-21911
An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...
CVE-2026-21911
An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...
CVE-2026-21911
CVE-2026-21911 affects Juniper Networks Junos OS Evolved via an Incorrect Calculation in the Layer 2 Control Protocol Daemon (l2cpd). An unauthenticated, network-adjacent attacker can flap the management interface to disrupt MAC learning over label-switched interfaces (LSI). Impact described in t...
CVE-2026-21911 Junos OS Evolved: Flapping management interface causes MAC learning on label-switched interfaces to stop
An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...
CVE-2026-21911 Junos OS Evolved: Flapping management interface causes MAC learning on label-switched interfaces to stop
An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...
CVE-2026-21911
An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...
EUVD-2026-2699
An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...
cve-pocs
CVE Proof of Concepts cve-pocs A collection of Proof of C...
PT-2026-3125
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 21.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.2 through 22.2R3-S4-EVO Juniper Networks Junos OS Evolved versions 22.3 through 22.3R3-S3-EVO Juniper Networks Junos OS Evolved...
CVE-2026-23497
Frappe Learning Management System LMS is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages...
CVE-2026-23497 Frappe LMS has a Stored XSS via Unsanitized Image Filename in Course and Jobs Pages
Frappe Learning Management System LMS is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages...
EUVD-2026-2666
Frappe Learning Management System LMS is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages...
CVE-2026-23497
CVE-2026-23497 affects Frappe Learning Management System (LMS) up to and including version 2.44.0, where a stored XSS vulnerability arises from unsanitized image filenames rendered on course and jobs pages. The root cause is image filename handling that allows malicious JavaScript execution. The ...
PT-2026-2948
Name of the Vulnerable Software and Affected Versions Frappe Learning Management System versions prior to 2.44.0 Description Frappe Learning Management System LMS contains a stored cross-site scripting XSS issue. A crafted image filename can trigger malicious JavaScript execution when displayed o...
Frappe Learning Management System 跨站脚本漏洞
Frappe Learning Management System is an easy-to-use open source learning management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe Learning Management System version 2.44.0 and prior versions, which stems from a specially crafted image file name that could...
CVE-2026-22705
RustCrypto: Signatures offers support for digital signatures, which provide authentication of data using public-key cryptography. Prior to version 0.1.0-rc.2, a timing side-channel was discovered in the Decompose algorithm which is used during ML-DSA signing to generate hints for the signature...
EUVD-2026-1867
RustCrypto: Signatures has timing side-channel in ML-DSA decomposition...
WordPress WPLMS plugin <= 1.9.9.5.4 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WPLMS versions = 1.9.9.5.4...