EUVD-2025-176596

Malicious code in root-fire-user-hash-static npm...

Cerberus Helpdesk User Hash Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cerberus Helpdesk User Hash Disclosure', 'Description' = %q This module extracts usernames and password hashes from the Cerberus Helpdesk through...

ipa security update

An update is available for ipa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Identity Management IdM is a centralized...

CVE-2024-32407

creationtimestamp| type| source ---|---|--- 2024-04-23 17:43:30+00:00| seen| https://t.me/arpsyndicate/4750...

Sysaid Technologies SysAid 代码问题漏洞

Sysaid Technologies SysAid is a suite of IT service management solutions from Sysaid Technologies, Israel. A code issue vulnerability exists in Sysaid Technologies SysAid versions prior to 23.2.14 b18, which stems from the presence of server-side request forgery SSRF, which could allow exposing t...

CVE-2014-3875

creationtimestamp| type| source ---|---|--- 2024-02-28 17:07:36+00:00| seen| https://t.me/ctinow/195669...

CVE-2023-48350

creationtimestamp| type| source ---|---|--- 2024-02-12 10:11:44+00:00| seen| https://t.me/ctinow/182976...

CVE-2019-18667

creationtimestamp| type| source ---|---|--- 2024-02-01 17:41:37+00:00| seen| https://t.me/ctinow/177703...

CVE-2023-49241

creationtimestamp| type| source ---|---|--- 2023-12-30 09:06:41+00:00| seen| https://t.me/ctinow/160815...

CVE-2023-45049

creationtimestamp| type| source ---|---|--- 2023-10-18 12:49:48+00:00| seen| https://t.me/cibsecurity/72500...

CVE-2022-20571

creationtimestamp| type| source ---|---|--- 2022-12-16 18:30:38+00:00| seen| https://t.me/cibsecurity/54694 2025-04-18 14:59:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12455...

CVE-2022-36036

creationtimestamp| type| source ---|---|--- 2022-08-29 22:34:26+00:00| seen| https://t.me/cibsecurity/49003...

CVE-2022-35820

creationtimestamp| type| source ---|---|--- 2022-08-10 00:25:13+00:00| seen| https://t.me/cibsecurity/47809...

DRUPAL-CONTRIB-2021-030

This module enables you to create an individual hash for each user. These hashes can be used for authentication instead of the user's password, e.g. for views exporters. The module doesn't sufficiently invalidate page output when the page\cache module is used. This vulnerability is mitigated by t...

User hash - Moderately critical - Cache poisoning - SA-CONTRIB-2021-030

This module enables you to create an individual hash for each user. These hashes can be used for authentication instead of the user's password, e.g. for views exporters. The module doesn't sufficiently invalidate page output when the pagecache module is used. This vulnerability is mitigated by th...

CVE-2020-22284

creationtimestamp| type| source ---|---|--- 2021-07-23 00:36:51+00:00| seen| https://t.me/cibsecurity/26426...

CVE-2020-35197

creationtimestamp| type| source ---|---|--- 2020-12-17 07:42:19+00:00| seen| https://t.me/cibsecurity/20971...

OpenText Documentum Administrator / Webtop XXE Injection Vulnerability

OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from XML external entity injection vulnerabilities. Title: OpenText Documentum Administrator and Webtop - XML External Entity Injection Author: Jakub Palaczynski, Pawel Gocyla Date: 24...

OpenText Documentum Administrator XML External Entity Injection Vulnerability

OpenText Documentum Administrator is Canada's OpenText company's Web-based set of development tools used to perform Documentum system management tasks. An XML external entity injection vulnerability exists in OpenText Documentum Administrator version 7.2.0180.0055. A remote attacker could use thi...

NewStatPress <= 1.0.4 - SQL Injection

The Search functionality is susceptible to a SQL Injection attack due to usage of user input without sanitation. In particular, at line 98 of 'includes/nspsearch.php'. Utilising a specially crafted SQL query, we can trigger disclosure of user hashes through an IMG tag as the data channel. PoC The...