1365 matches found
DRUPAL-CONTRIB-2025-063
This module enables you to allow users to include a second authentication method in addition to password authentication. The module doesn't sufficiently prevent the same TFA token within a 30 second window. This vulnerability is mitigated by the fact that an attacker must obtain a valid...
DRUPAL-CONTRIB-2025-062
This module enables you to allow users to include a second authentication method in addition to password authentication. The module doesn't sufficiently prevent TFA from being bypassed when using the REST login routes. A new requirements check has been added to the status report so other...
One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-062
This module enables you to allow users to include a second authentication method in addition to password authentication. The module doesn't sufficiently prevent TFA from being bypassed when using the REST login routes. A new requirements check has been added to the status report so other...
One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-063
This module enables you to allow users to include a second authentication method in addition to password authentication. The module doesn't sufficiently prevent the same TFA token within a 30 second window. This vulnerability is mitigated by the fact that an attacker must obtain a valid...
Real-Time Bit-Level Encryption of Full High-Definition Video without Diffusion
Despite the widespread adoption of Shannon's confusion-diffusion architecture in image encryption, the implementation of diffusion to sequentially establish inter-pixel dependencies for attaining plaintext sensitivity constrains algorithmic parallelism, while the execution of multiple rounds of...
DRUPAL-CONTRIB-2025-055
The module enables you to add second-factor authentication in addition to the default Drupal login. The module doesn't sufficiently protect certain sensitive routes, allowing an attacker to view or modify various TFA-related settings...
Enterprise MFA - TFA for Drupal - Moderately critical - Access bypass - SA-CONTRIB-2025-053
The module enables you to add second-factor authentication in addition to the default Drupal login. The module doesn't invoke two factor authentication 2FA for the password reset option. This vulnerability is mitigated by the fact that an attacker must have access to the password reset link...
CVE-2025-37797 net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
CVE-2025-0427
creationtimestamp| type| source ---|---|--- 2025-05-02 10:16:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14466 2025-05-02 12:00:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo6rn64jr72l 2025-05-02 13:26:06+00:00| seen| https://t.me/cvedetector/24340 2025-05-02...
CVE-2025-3707
creationtimestamp| type| source ---|---|--- 2025-05-02 04:15:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14441 2025-05-02 07:34:35+00:00| seen| https://t.me/cvedetector/24312 2025-05-02 08:00:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo6e7oog5g22...
CVE-2024-13420
creationtimestamp| type| source ---|---|--- 2025-05-02 04:15:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14432 2025-05-02 07:34:42+00:00| seen| https://t.me/cvedetector/24317 2025-05-02 08:00:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo6e7ptwoy2e...
CVE-2025-27556
creationtimestamp| type| source ---|---|--- 2025-04-02 13:33:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10064 2025-04-02 16:17:08+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lltry3r6n72a 2025-04-02 16:39:23+00:00| seen| https://t.me/cvedetector/21865 2025-04-02...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file...
CVE-2024-8763
A Regular Expression Denial of Service ReDoS vulnerability exists in the lunary-ai/lunary repository, specifically in the compileTextTemplate function. The affected version is git be54057. An attacker can exploit this vulnerability by manipulating the regular expression /.?/g, causing the server ...
Malicious code in github.com/shallowmulti/hypert (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 25d0e55a48f82ab8ddd5e90d258c133505fa7fea03b775c1987e0dd7f9453f08 Malcious typosquatting Go packages targeting Linux and macOS systems used to as a loader to download and run another malicious payload...
[SECURITY] [DLA 4085-1] tzdata new timezone database
------------------------------------------------------------------------- Debian LTS Advisory DLA-4085-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 18, 2025 https://wiki.debian.org/LTS -...
CVE-2025-25450
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to escalate privileges via the deactivation of the activated second factor to the /session endpoint...
SUSE CVE-2024-58072
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused checkbuddypriv Commit 2461c7d60f9f "rtlwifi: Update header file" introduced a global list of private data structures. Later on, commit 26634c4b1868 "rtlwifi Modify existing bits to match vendor versio...
CVE-2025-25450
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to escalate privileges via the deactivation of the activated second factor to the /session endpoint...
CVE-2025-25450
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to escalate privileges via the deactivation of the activated second factor to the /session endpoint...