CVE-2026-10885

creationtimestamp| type| source ---|---|--- 2026-06-05 04:04:21+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116695508878732178 2026-06-05 13:23:24+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen|...

Quantum Secure Blind Decryption with Two Users

We propose two types of protocols for quantum secure blind decryption, involving two users and servers. User 1 holds the encrypted ciphertext. The servers store several indexed keys including the key encrypting the ciphertext. User 2 aims to obtain the decrypted text. The protocols are designed t...

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

CVE-2025-59103

CVE-2025-59103 concerns the Access Manager 92xx hardware revision K7. The Red Hat/NVD/CVE entries describe an SSH service exposed on port 22 with two users that have hardcoded and weak passwords, allowing SSH access. A key root-cause is that password randomization on first deployment is condition...

PT-2026-4753

Name of the Vulnerable Software and Affected Versions Access Manager 92xx hardware revision K7 affected versions not specified Description The Access Manager 92xx hardware revision K7 utilizes a Linux-based operating system, differing from older revisions that used Windows CE. An SSH service is...

CVE-2025-12419

Mattermost versions 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12, 11.0.x = 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via manipulation of...

EUVD-2025-37365

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...

CVE-2025-12508

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...

CVE-2025-26499

Under heavy system utilization a random race condition can occur during authentication or token refresh operation. This flaw allows one user to be granted a token intended for another user, resulting in impersonation until the session is ended. This flaw cannot be intentionally exploited due to t...

PT-2025-37193

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A race condition can occur during authentication or token refresh operations under heavy system utilization. This allows a user to be granted a token intended for another user, potentially leading ...

CVE-2021-35472

An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users...

CVE-2024-13672

creationtimestamp| type| source ---|---|--- 2025-02-21 04:19:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4848 2025-02-21 07:14:48+00:00| seen| https://t.me/cvedetector/18630 2025-02-21 08:03:23+00:00| seen| Telegram/fklnk37vYlTbY2h5HpRgLIxIJi57B45oAN7JTXY-qLlEYCB...

CVE-2024-27867

creationtimestamp| type| source ---|---|--- 2024-06-26 11:54:42+00:00| seen| https://t.me/thehackernews/5173 2024-06-26 13:07:09+00:00| seen| https://t.me/KomunitiSiber/2165 2024-06-26 13:27:11+00:00| seen| Telegram/nUusv8wAs3df-RSBbScbEiKoZR3ublMqAnpvOcQh5EQaA0 2024-06-26 14:23:40+00:00| seen|...

CVE-2024-25942

creationtimestamp| type| source ---|---|--- 2024-03-19 09:26:49+00:00| seen| https://t.me/ctinow/211280 2024-03-19 09:31:20+00:00| seen| https://t.me/ctinow/211282...

CVE-2024-25842

creationtimestamp| type| source ---|---|--- 2024-03-03 10:26:23+00:00| seen| https://t.me/ctinow/198655 2024-03-03 10:31:05+00:00| seen| https://t.me/ctinow/198659...

CVE-2024-24511

creationtimestamp| type| source ---|---|--- 2024-03-02 00:22:09+00:00| seen| https://t.me/ctinow/198153 2024-03-02 00:31:56+00:00| seen| https://t.me/ctinow/198162...

Cisco Secure Client Security Vulnerability

Cisco Secure Client is a piece of software from Cisco that is used to connect to virtual private networks. A security vulnerability exists in Cisco Secure Client, which can be exploited by an attacker by logging on to an affected device at the same time as another user accesses Cisco Secure Clien...

CVE-2022-20737

creationtimestamp| type| source ---|---|--- 2022-04-29 11:55:01+00:00| seen| https://t.me/ptswarm/122 2022-05-12 00:23:05+00:00| seen| https://t.me/cKure/9505 2022-05-25 15:38:43+00:00| seen| https://t.me/xakepru/12411...

Charm 加密问题漏洞

Charm is Charm is a framework for rapidly prototyping advanced cryptosystems. Charm version 0.43 is vulnerable to a cryptographic issue. Exploiting this vulnerability source any two users can conspire to gain the ability to decrypt YCT14 data...

PT-2021-21724 · Charm · Charm

Name of the Vulnerable Software and Affected Versions: Charm version 0.43 Description: The issue allows any two users to collude and gain the ability to decrypt YCT14 data. Recommendations: For Charm version 0.43, at the moment, there is no information about a newer version that contains a fix fo...