10 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-59028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 da...
EUVD-2026-16569
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...
CVE-2025-59028
When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes hea...
UBUNTU-CVE-2025-59028
When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes hea...
CVE-2025-3625 Moodle: user dos and name disclosure via idor in moodle mfa email factor revoke action
A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication 2FA...
AREAL Topkapi Trust Management Issue Vulnerability
AREAL Topkapi, a multi-sector solution from AREAL France, is an innovative software platform that provides functionality far beyond the traditional capabilities of SCADA software. AREAL Topkapi 6.2.4718 and prior versions suffer from a Trust Management Issue vulnerability that stems from an...
PT-2022-10706 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.2.1 and earlier Liferay DXP versions 7.0 through 7.0 before fix pack 90 Liferay DXP versions 7.1 through 7.1 before fix pack 17 Liferay DXP versions 7.2 through 7.2 before fix pack 5 Description: The issue concerns t...
RANGER Studio Directus License Issue Vulnerability
RANGER Studio Directus is a set of open source headless CMS and API for managing custom databases from RANGER Studio, U.S.A. The Directus API is one of the components that can add a RESTful API layer to new or existing SQL databases. An authorization issue vulnerability exists in the Directus 7...
IBM MQ Console REST API Denial of Service Vulnerability
IBM MQ formerly known as IBM WebSphere MQ is a messaging middleware product from IBM in the United States. It provides a reliable and proven messaging backbone for Service Oriented Architecture SOA.Console REST AP is one of the console REST application program interface components. A security...
Code injection
One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service login disruption or spoof votes or comments by selecting a conflicting e-mail address...