RO0T.COM

A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme’s secure layout, meaning students could navigate out …

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within assignment submission comments would open directly (in the same window). Although links themselves may be …

An issue was discovered in Kentico before 12.0.15. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass …

A vulnerability was found in moodle before version 3.6.3. The get_with_capability_join and get_users_by_capability functions were not taking context freezing into account when checking user capabilities Source: NIST CVE-2019-3852 (moodle)

A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user …

It was found that cockpit before version 184 used glib’s base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request …

The potential exists for exposure of the product’s password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration …

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private …

Don’t expect to read about any of the classics, like ‘War Games’ or ‘Sneakers,’ which have appeared on so many lists before. Rather, we’ve broadened our horizons with this great …