PT-2026-21832

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire contact information for all users, organizations, and patients in the system to anyone who has the...

K000152049: F5 Access for Android vulnerability CVE-2025-54809

Security Advisory Description F5 Access for Android before version 3.1.2, which uses HTTPS, does not verify the remote endpoint identity. CVE-2025-54809 Impact An attacker with a network position that allows them to intercept network traffic may be able to read and/or modify data in transit. The...

[ASA-202109-4] element-desktop: information disclosure

Arch Linux Security Advisory ASA-202109-4 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-40823 Package : element-desktop Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2377 Summary ======= The package...

Security Bulletin: Vulnerability in IBM WebSphere Application Server affects Tivoli Workload Scheduler (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM embedded WebSphere Application Server that is used by Tivoli Workload Scheduler. Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION: A vulnerability in various IBM SSL/TLS...

Skype for business is also vulnerable to the autodiscovery issue

An issue in WPAD proxy automatic configuration was first discovered by Maxim Andreev back in 2015 at the MailRu group security meet-up and then was presented by Maxim Goncharov at BlackHat US 2016 slides. This year Ilya Nesterov and Maxim Goncharov presented a continuation of this research and...

D-Link DWL-G132 Wireless Driver Beacon Rates Overflow

D-Link DWL-G132 Wireless Driver Beacon Rates Overflow. CVE-2006-6055. Remote exploit for windows platform $Id: dlinkwifirates.rb 9670 2010-07-03 03:19:07Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the...

Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit (meta)

Exploit for unknown platform in category remote exploits ================================================================== Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit meta ================================================================== This file is part of the Metasploit...

Intel Centrino ipw2200BG - Wireless Driver Remote Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' module Msf class...

fetchmail/mutt/evolution/...: APOP password disclosure vulnerability

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)

No description provided by source. require 'msf/core' module Msf class Exploits::Windows::Driver::DLinkDWLG132WiFiRates Msf::Exploit::Remote include Exploit::Lorcon include Exploit::KernelMode def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DWL-G132 Wireless Driver Beacon Rates...

MSN Messenger PNG Image Buffer Overflow (linux compile)

No description provided by source. / Remember g++ k /str0ke / / MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit Bug discoveried by Core Security Technologies www.coresecurity.com Exploit coded By ATmaCA Copyright ©2002-2005 AtmacaSoft Inc. All Rights Reserved. Web:...

PHP-Nuke 6.0 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contai...