15 matches found
human-connection-ctf
Human Connection Challenge: CTF Writeup Platform: Immersi...
EUVD-2026-14479
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the API plugin exposes a decryptString action without any authentication. Anyone can submit ciphertext and receive plaintext. Ciphertext is issued publicly e.g., view/url2Embed.json.php, so any user can recover...
CVE-2026-28475
OpenClaw versions prior to 2026.2.13 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network access to the hooks endpoint can exploit timing side-channels across multiple requests to gradually...
CVE-2026-28475
OpenClaw is affected in versions before 2026.2.13 where hook token validation uses non-constant-time string comparison, enabling remote attackers to infer tokens via timing side-channels across multiple requests. This can gradually compromise authentication tokens, impacting confidentiality and i...
CVE-2025-14148
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...
CVE-2025-14148
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...
CVE-2025-14148 IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...
PT-2025-51280
Name of the Vulnerable Software and Affected Versions IBM DevOps Deploy versions 8.1 through 8.1.2.3 Description An authenticated user with LLM integration configuration privileges may be able to recover a previously saved LLM API Token. Recommendations Update to a version later than 8.1.2.3...
IBM DevOps Deploy 安全漏洞
IBM DevOps Deploy is an application release solution from International Business Machines IBM, Inc. Standardizes and simplifies the process of deploying software components to each environment during the development cycle. A security vulnerability exists in IBM DevOps Deploy versions 8.1 through...
EUVD-2019-5823
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-14666
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery ...
In FxERC20RootTunnel, there is no option to get bridged tokens back in case the transaction can not be executed on L2
Lines of code Vulnerability details Impact If the transaction on L2 fails to be executed the tokens deposited on L1 will be lost since there is no way to recover them Proof of Concept When calling FxERC20RootTunnel:: withdraw the users deposits a certain amount of tokens to the bridge that he wan...
CVE-2019-14666
GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any use...
CVE-2019-14666
GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any use...
Design/Logic Flaw
GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any use...