Lucene search
K

15 matches found

Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.4 views

PT-2026-25397

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, in multi-user mode, AnythingLLM blocks suspended users on the normal JWT-backed session path, but it does not block them on the browser extension API...

2.7CVSS5.8AI score0.00231EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/01/22 1:47 a.m.5 views

CVE-2026-23961

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS5.4AI score0.00402EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/01/22 1:47 a.m.33 views

CVE-2026-23961 Mastodon may allow a remote suspension bypass

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS0.00402EPSS
Exploits0References4
CVE
CVE
added 2026/01/22 1:47 a.m.28 views

CVE-2026-23961

Summary of CVE-2026-23961 (Mastodon): A logic flaw in how suspended remote users are handled allows old posts from those users to appear in timelines, and under some circumstances, newly created posts from suspended users can be processed and surfaced. Affected releases span multiple lines: v4.5....

5.3CVSS5.6AI score0.00402EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/01/22 1:47 a.m.5 views

EUVD-2026-4207

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS5.6AI score0.00402EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/22 1:47 a.m.3 views

CVE-2026-23961 Mastodon may allow a remote suspension bypass

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS5.6AI score0.00402EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 11:13 a.m.11 views

CVE-2016-10834

cPanel before 55.9999.141 allows account-suspension bypass via ftp SEC-105...

8.8CVSS7AI score0.01356EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-11035

Malware in sbrugna...

5.5CVSS5.6AI score0.00713EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-1082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user...

8.1CVSS7.4AI score0.02135EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/01/26 12:0 a.m.8 views

PT-2021-16982 · Cpanel · Cpanel

Name of the Vulnerable Software and Affected Versions: cPanel versions prior to 92.0.9 Description: The issue allows a MySQL user with an old-style password hash to bypass suspension. Recommendations: For versions prior to 92.0.9, update to version 92.0.9 or later to resolve the issue...

7.5CVSS7.6AI score0.00919EPSS
Exploits0References3
OSV
OSV
added 2020/03/16 9:15 p.m.4 views

CVE-2019-20491

cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...

5.4CVSS5.8AI score0.00713EPSS
Exploits0References1
Prion
Prion
added 2020/03/16 9:15 p.m.17 views

Design/Logic Flaw

cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...

5.5CVSS5.5AI score0.00713EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/08/01 5:15 p.m.4 views

CVE-2016-10834

cPanel before 55.9999.141 allows account-suspension bypass via ftp SEC-105...

8.8CVSS5.8AI score0.01356EPSS
Exploits0References1
CVE
CVE
added 2019/08/01 4:7 p.m.44 views

CVE-2016-10834

CVE-2016-10834 affects cPanel versions before 55.9999.141, where an account-suspension could be bypassed via FTP (SEC-105). Concrete details across sources confirm the vulnerability exists in cPanel and that remediation is to upgrade to 55.9999.141 or later. The Red Hat/NVD entries corroborate th...

8.8CVSS8.6AI score0.01356EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/11/03 6:29 p.m.17 views

CVE-2017-1000135

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended...

6.5CVSS6.5AI score0.00619EPSS
Exploits1References1
Rows per page
Query Builder