Configure the SELinux Policy Correctly

SELinux policies are classified into basic policies and user-defined policies. Basic policies: policies defined in the basic policy package, including selinux-policy, selinux-policy-targeted, and selinux-policy-mls. User-defined policies: policies modified or added by users. SELinux can implement...

Publicly Verifiable Secret Sharing: Generic Constructions and Lattice-Based Instantiations in the Standard Model

Publicly verifiable secret sharing PVSS allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813 Proof-of-Concept Standalone This repository...

CVE-2024-42208

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

CVE-2024-42208

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

CVE-2024-42208

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

CVE-2024-42208

Technical details about CVE-2024-42208 are not publicly available in the provided documents; monitor for updates.

CVE-2024-42208 HCL Connections is vulnerable to an information disclosure vulnerability

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

HCL Connections 安全漏洞

HCL Connections is a suite of enterprise collaboration platforms from HCL India. HCL Connections has a security vulnerability that stems from mishandling of request data, which could lead to information leakage...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.13 and prior versions, which stems from improper access control in the Temporary...

CVE-2025-1259

On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available...

CVE-2024-23563

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

CVE-2024-23563 HCL Connections Docs is vulnerable to a sensitive information disclosure

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...

CVE-2024-23563

CVE-2024-23563 affects HCL Connections Docs. The issue is a sensitive information disclosure caused by improper handling of request data, allowing an attacker to access information they should not be entitled to. Connected sources corroborate the vulnerability and describe the root cause as misha...

HCL Connections 安全漏洞

HCL Connections is a suite of enterprise collaboration platforms from HCL Corporation, USA. A security vulnerability exists in HCL Connections version 2.0.2, which stems from mishandling of request data and can lead to disclosure of sensitive information...

PT-2025-6171 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: In affected versions of Octopus Deploy where customers are using Active Directory for authentication, it was possible for an unauthenticated user to make an API request against two...

Silicon Gecko OS 安全漏洞

Silicon Gecko OS is a highly optimized but feature-rich IoT operating system from Silicon, Inc. A security vulnerability exists in Silicon Gecko OS that stems from a missing HTTP GET request data length validation...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS at the /admin/compass endpoint, which passes data from GET requests to the index function. This function can return unsanitized text in error message popups when it receives a file deletion request. As a result,...

WordPress plugin AI Scribe 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-1911 · WordPress · The Ai Scribe

Name of the Vulnerable Software and Affected Versions: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT GPT-4o 128K plugin for WordPress versions up to, and including, 2.3 Description: The issue is related to unauthorize...