Human Vulnerability Assessment in Cybersecurity: A Systematic Literature Review of Methods, Models, and Instruments

In cybersecurity, vulnerability assessment has typically focused on identifying and measuring vulnerabilities within digital assets and technical infrastructures. However, there is growing recognition that this approach alone is inadequate without a structured examination of the human factor, whi...

EUVD-2019-2687

Malware in sbrugna...

EUVD-2021-16341

Malware in sbrugna...

EUVD-2020-30560

Malware in sbrugna...

EUVD-2022-37381

Malicious code in bioql PyPI...

EUVD-2024-47211

Malicious code in bioql PyPI...

EUVD-2024-2826

Malicious code in bioql PyPI...

A Systematic Survey of Empirical User Studies of Unintentional Information Disclosure in Everyday Digital Interaction

The exchange of personal information in digital environments poses significant risks, including identity theft, privacy breaches, and data misuse. Addressing these challenges requires a deep understanding of user behavior and mental models in diverse contexts. This paper presents a systematic...

The Rich Get Richer in Bitcoin Mining Induced by Blockchain Forks

Bitcoin is a representative decentralized currency system. For the security of Bitcoin, fairness in the distribution of mining rewards plays a crucial role in preventing the concentration of computational power in a few miners. Here, fairness refers to the distribution of block rewards in...

CVE-2025-49385

Trend Micro Security 17.8 Consumer is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own...

CVE-2019-10973

Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface...

BIT-MOODLE-2024-43427 Moodle: admin presets export tool includes some secrets that should not be exported

A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party...

Linux Distros Unpatched Vulnerability : CVE-2018-8780

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods...

GHSA-7WMP-2XMX-G6H8 Moodle authorization headers preserved between "emulated redirects"

A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs...

Moodle admin presets export tool includes some secrets that should not be exported

A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party...

CVE-2024-43427

CVE-2024-43427 affects Moodle via the admin presets export tool. A flaw lets sensitive secrets and keys be exported unintentionally when exporting site administration presets, risking leakage if presets are shared. Root cause: sensitive data not excluded from the export. Impact is limited to leak...

CVE-2024-8775 Ansible-core: exposure of sensitive information in ansible vault files due to improper logging

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...

CVE-2024-8775 Ansible-core: exposure of sensitive information in ansible vault files due to improper logging

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...

CVE-2024-6053

Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting...

CVE-2024-6053 Improper access control in the clipboard synchronization feature

Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting...