📄 crypto/x509 TLS Certificate Parsing

This Go program demonstrates a theoretical denial of service risk associated with handling unusually large X.509 certificates in TLS connections. It programmatically generates a self-signed certificate containing a very large number of Subject Alternative Names SANs and configures an HTTP client ...

CVE-2023-53878

Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request...

CVE-2025-58065

Flask-AppBuilder is an application development framework. Prior to version 4.8.1, when Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface...

CVE-2025-58065

Flask-AppBuilder is an application development framework. Prior to version 4.8.1, when Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface...

GHSA-765J-9R45-W2Q2 Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods

Impact When Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create...

CVE-2024-9844

Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions...

Microsoft SharePoint Server 远程代码执行漏洞(CVE-2021-28474)

In May of 2021, Microsoft released a patch to correct CVE-2021-28474, a remote code execution bug in supported versions of Microsoft SharePoint Server. This bug was reported to ZDI by an anonymous researcher and is also known as ZDI-21-574. This blog takes a deeper look at the root cause of this...

Circumvention of file size limits in ActiveStorage

There is a vulnerability in ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user. Versions Affected: rails = 5.2.4.3, rails = 6.0.3.1 Impact ------ Utilizing this vulnerability, an attacker can control the Content-Length of an S3 direct...

wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default

It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...

File upload vulnerability in H-ui.admin

H-ui front-end framework is a lightweight front-end framework. A file upload vulnerability exists in H-ui.admin, which can be exploited by attackers to gain control of a web server...

wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default

It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...

CVE-2005-2552

CVE-2005-2552 concerns HP ProLiant DL585 servers with Integrated Lights Out (ILO) firmware prior to 1.81. The issue is described as an unknown vulnerability that allows an attacker to access server controls when the server is powered down. Public details indicate a CVSS v2 base score of 7.5 (HIGH...

CVE-2005-2552

Unknown vulnerability in HP ProLiant DL585 servers running Integrated Lights Out ILO firmware before 1.81 allows attackers to access server controls when the server is "powered down."...

CVE-2005-2552

Unknown vulnerability in HP ProLiant DL585 servers running Integrated Lights Out ILO firmware before 1.81 allows attackers to access server controls when the server is "powered down."...