Lucene search
K

2078 matches found

EUVD
EUVD
added 2025/11/12 10:27 p.m.6 views

EUVD-2025-150360

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is...

5.1CVSS6.2AI score0.00145EPSS
Exploits0References1
CVE
CVE
added 2025/11/12 10:27 p.m.11 views

CVE-2025-64707

Summary : CVE-2025-64707 affects Frappe Learning (LMS). From versions 2.0.0 up to and including 2.41.0, revoking a user’s role could be delayed in effect due to caching, meaning revoked permissions could persist briefly. This behavior has been fixed in version 2.41.0 by ensuring the cache is clea...

5.4CVSS6.4AI score0.00145EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/12 10:27 p.m.9 views

CVE-2025-64707 Frappe LMS revoking access did not show immediate effect as roles were cached

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is...

5.1CVSS6.7AI score0.00145EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.6 views

Frappe Learning 安全漏洞

Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. A security vulnerability exists in Frappe Learning version 2.0.0 up to and including version 2.41.0, which stems from improper cache cleanup and may result in a delayed role revocation taking effect...

5.4CVSS6.7AI score0.00145EPSS
Exploits0References2
Fedora
Fedora
added 2025/11/01 1:51 a.m.8 views

[SECURITY] Fedora 42 Update: openbao-2.4.3-1.fc42

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

7.5CVSS7AI score0.00286EPSS
Exploits0
Fedora
Fedora
added 2025/11/01 1:13 a.m.7 views

[SECURITY] Fedora 41 Update: openbao-2.4.3-1.fc41

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

7.5CVSS7AI score0.00286EPSS
Exploits0
Fedora
Fedora
added 2025/10/31 12:55 a.m.9 views

[SECURITY] Fedora 43 Update: openbao-2.4.3-1.fc43

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

7.5CVSS7AI score0.00286EPSS
Exploits0
Redos
Redos
added 2025/10/22 12:0 a.m.7 views

ROS-20251022-03

ProFTPD FTP server vulnerability is related to a null pointer dereferencing error in the function tlsverifycrl in ProFTPD when processing data returned by OpenSSL function skX509REVOKEDvalue when detecting an empty certificate revocation list set by the system administrator. Exploitation of the...

9CVSS6.7AI score0.10985EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.25 views

CVE-2025-62174

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...

3.5CVSS6.9AI score0.00193EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2025/10/14 11:9 a.m.3 views

The Trump Administration’s Increased Use of Social Media Surveillance

This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US: The administration has also adapted its methods of social media surveillance. Though agencies like the State Department have gathered millions of handles and monitored political...

6.9AI score
Exploits0
NVD
NVD
added 2025/10/13 9:15 p.m.6 views

CVE-2025-62174

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...

3.5CVSS0.00193EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/13 8:54 p.m.24 views

CVE-2025-62174 Mastodon allows continued access after password reset via CLI

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...

3.5CVSS0.00193EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/13 8:54 p.m.2 views

CVE-2025-62174 Mastodon allows continued access after password reset via CLI

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...

3.5CVSS6.6AI score0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.3 views

Mastodon 代码问题漏洞

Mastodon is an open source social networking server based on ActivityPub by Mastodon Open Source. A code issue vulnerability exists in Mastodon versions prior to 4.4.6, prior to 4.3.14, and prior to 4.2.27, which stems from an administrator failing to revoke active sessions and access tokens when...

3.5CVSS7AI score0.00193EPSS
Exploits0References3
OSV
OSV
added 2025/10/10 3:4 p.m.4 views

JLSEC-2025-25 curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insu...

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...

7.5CVSS7AI score0.04575EPSS
Exploits1References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-4431

Malware in sbrugna...

7.5CVSS6AI score0.00488EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-2415

Malware in sbrugna...

6.8CVSS6AI score0.01364EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-0025

Malware in sbrugna...

5CVSS6AI score0.01367EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1271

Malware in sbrugna...

5CVSS8.9AI score0.08388EPSS
Exploits0References35
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-1219

Malware in sbrugna...

6.4CVSS6.1AI score0.01899EPSS
Exploits2References2
Rows per page
Query Builder