2078 matches found
EUVD-2025-150360
Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is...
CVE-2025-64707
Summary : CVE-2025-64707 affects Frappe Learning (LMS). From versions 2.0.0 up to and including 2.41.0, revoking a user’s role could be delayed in effect due to caching, meaning revoked permissions could persist briefly. This behavior has been fixed in version 2.41.0 by ensuring the cache is clea...
CVE-2025-64707 Frappe LMS revoking access did not show immediate effect as roles were cached
Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is...
Frappe Learning 安全漏洞
Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. A security vulnerability exists in Frappe Learning version 2.0.0 up to and including version 2.41.0, which stems from improper cache cleanup and may result in a delayed role revocation taking effect...
[SECURITY] Fedora 42 Update: openbao-2.4.3-1.fc42
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
[SECURITY] Fedora 41 Update: openbao-2.4.3-1.fc41
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
[SECURITY] Fedora 43 Update: openbao-2.4.3-1.fc43
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
ROS-20251022-03
ProFTPD FTP server vulnerability is related to a null pointer dereferencing error in the function tlsverifycrl in ProFTPD when processing data returned by OpenSSL function skX509REVOKEDvalue when detecting an empty certificate revocation list set by the system administrator. Exploitation of the...
CVE-2025-62174
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
The Trump Administration’s Increased Use of Social Media Surveillance
This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US: The administration has also adapted its methods of social media surveillance. Though agencies like the State Department have gathered millions of handles and monitored political...
CVE-2025-62174
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
CVE-2025-62174 Mastodon allows continued access after password reset via CLI
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
CVE-2025-62174 Mastodon allows continued access after password reset via CLI
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
Mastodon 代码问题漏洞
Mastodon is an open source social networking server based on ActivityPub by Mastodon Open Source. A code issue vulnerability exists in Mastodon versions prior to 4.4.6, prior to 4.3.14, and prior to 4.2.27, which stems from an administrator failing to revoke active sessions and access tokens when...
JLSEC-2025-25 curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insu...
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
EUVD-2018-4431
Malware in sbrugna...
EUVD-2008-2415
Malware in sbrugna...
EUVD-2014-0025
Malware in sbrugna...
EUVD-2005-1271
Malware in sbrugna...
EUVD-2012-1219
Malware in sbrugna...