CVE-2023-53799 crypto: api - Use work queue in crypto_destroy_instance

In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...

EUVD-2006-1717

Malware in sbrugna...

EUVD-2024-46728

Malicious code in bioql PyPI...

EUVD-2025-11354

Malicious code in bioql PyPI...

CVE-2021-29459

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible to persistently inject scripts in XWiki versions prior to 12.6.3 and 12.8. Unregistred users can fill simple text fields. Registered users can fill in their personal information...

CVE-2025-32783 XWiki allows unregistered users to see "public" messages from a closed wiki via notifications from a different wiki

XWiki Platform is a generic wiki platform. A vulnerability in versions from 5.0 to 16.7.1 affects users with Message Stream enabled and a wiki configured as closed from selecting "Prevent unregistered users to view pages" in the Administrations Rights. The vulnerability is that any message sent i...

CVE-2025-32783 XWiki allows unregistered users to see "public" messages from a closed wiki via notifications from a different wiki

XWiki Platform is a generic wiki platform. A vulnerability in versions from 5.0 to 16.7.1 affects users with Message Stream enabled and a wiki configured as closed from selecting "Prevent unregistered users to view pages" in the Administrations Rights. The vulnerability is that any message sent i...

Unregistered users can see "public" messages from a closed wiki via notifications from a different wiki

Impact This vulnerability impacts users of a subwiki of XWiki where Message Stream is enabled and use, if they configured their wiki to be closed by selecting "Prevent unregistered users to view pages" in the Administrations Rights. The vulnerability is that any message sent in a subwiki to...

GHSA-42FH-PVVH-999X Unregistered users can see "public" messages from a closed wiki via notifications from a different wiki

Impact This vulnerability impacts users of a subwiki of XWiki where Message Stream is enabled and use, if they configured their wiki to be closed by selecting "Prevent unregistered users to view pages" in the Administrations Rights. The vulnerability is that any message sent in a subwiki to...

CVE-2025-29925 XWiki allows unregistered users to access private pages information through REST endpoint

XWiki Platform is a generic wiki platform. Prior to 15.10.14, 16.4.6, and 16.10.0-rc-1, protected pages are listed when requesting the REST endpoints /rest/wikis/wikiName/pages even if the user doesn't have view rights on them. It's particularly true if the entire wiki is protected with "Prevent...

CVE-2024-5524

Information exposure vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability allows unregistered users to access all internal links of the application without providing any credentials...

CVE-2024-5524 Information exposure vulnerability in Astrotalks

Information exposure vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability allows unregistered users to access all internal links of the application without providing any credentials...

CVE-2024-5524 Information exposure vulnerability in Astrotalks

Information exposure vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability allows unregistered users to access all internal links of the application without providing any credentials...

CVE-2024-5524

CVE-2024-5524 is an information-exposure vulnerability in Astrotalks affecting version 10/03/2023, where unregistered users can access internal links without credentials. Reported base metrics: CVSS v3.1, 5.3 (Medium), confidentiality impact Low; exploit status not indicated. Connected sources al...

faulty users can abuse the function delegate in NFTBoostVault.sol

Lines of code Vulnerability details Impact The contract NFTBoostVault.sol lets users to register their tokens/optional NFT's in exchange of voting power. in this contract its mandatory for users to be registered in order to lock their tokens and claim voting power, as its mentioned in the code...

Cross site scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is a cross site scripting XSS vector in the registerinline.vm template related to the xredirect hidden field. This template is only used in the following conditions:...

CVE-2022-23622 Cross site scripting in registration template in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is a cross site scripting XSS vector in the registerinline.vm template related to the xredirect hidden field. This template is only used in the following conditions:...

CVE-2021-29459

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible to persistently inject scripts in XWiki versions prior to 12.6.3 and 12.8. Unregistred users can fill simple text fields. Registered users can fill in their personal information...

Design/Logic Flaw

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible to persistently inject scripts in XWiki versions prior to 12.6.3 and 12.8. Unregistred users can fill simple text fields. Registered users can fill in their personal information...

OXID eShop Community Edition Unauthorized Access Vulnerability

This host is installed with OXID eShop and is prone to unauthorized access vulnerability. OpenVAS Vulnerability Test $Id: secpodoxideshopunauthaccessvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ OXID eShop Community Edition Unauthorized Access Vulnerability Authors: Nikita MR Copyright: Copyright ...