Author: Cyberthreat Blog

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the “number of courses displayed in the course overview block” configuration setting.

Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops via unspecified vectors.

Multiple cross-site request forgery (CSRF) vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can (1) create new administrator user accounts and take...

mailcow 0.14, as used in “mailcow: dockerized” and other products, has CSRF.

The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a...