GO-2025-4236 Finality Provider vulnerable to anti-slashing bypassing due to misconfiguration in github.com/babylonlabs-io/finality-provider

Finality Provider vulnerable to anti-slashing bypassing due to misconfiguration in github.com/babylonlabs-io/finality-provider...

EUVD-2007-5638

Malware in sbrugna...

BIT-MOODLE-2022-45152

A blind Server-Side Request Forgery SSRF vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a...

Moodle 3.9.x < 3.9.18 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...

Moodle 3.11.x < 3.11.11 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...

Moodle 4.0.x < 4.0.5 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...

The vulnerability of the Moodle course management system lies in the insufficient verification of data entered by users in the LTI provider’s library, allowing attackers to perform SSRF attacks.

The vulnerability of the Moodle course management system is related to insufficient verification of the data entered by users in the LTI provider’s library. Exploiting this vulnerability could allow a malicious actor to perform SSRF attacks remotely...

UBUNTU-CVE-2022-45152

A blind Server-Side Request Forgery SSRF vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a...

CVE-2022-45152

CVE-2022-45152 corresponds to a blind Server-Side Request Forgery (SSRF) in Moodle. The issue arises from insufficient validation of user-supplied input in the LTI provider library, which does not use Moodle’s inbuilt cURL helper, enabling an attacker to craft requests that force the application ...

CVE-2022-45152

A blind Server-Side Request Forgery SSRF vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a...

Microsoft Application Verifier DoubleAgent Antivirus Hijacking Vulnerability

Microsoft Application Verifier is a code dynamic detection tool that comes with Microsoft Windows versions. Microsoft Application Verifier has a DoubleAgent vulnerability in the application code detection workaround. The vulnerability exists in the "verifier provider DLL" file. An attacker can...

acroread JavaScript Insecure Libary Search Path

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655...

Adobe Acrobat和Reader多个安全漏洞

BUGTRAQ ID: 27641 CVECAN ID: CVE-2007-5659,CVE-2007-5663,CVE-2007-5666,CVE-2008-0655,CVE-2008-0667,CVE-2008-0726 Adobe Acrobat和Reader都是流行的PDF文件阅读器。 Adobe Reader/Acrobat中的多个安全漏洞可能允许攻击者导致拒绝服务或完全入侵用户系统。 1 一些JavaScript方式中的多个栈溢出漏洞允许用户通过特制的.PDF文件导致执行任意指令。目前这个漏洞正在被积极的利用。 2...

CVE-2007-5666

Adobe Acrobat/Reader (Windows, older than 8.1.2) is affected by an untrusted search path vulnerability where a malicious Security Provider library placed in the reader’s working directory can cause arbitrary code execution with local access. Publicly noted CVEs include CVE-2007-5666, with related...