Security Vulnerabilities
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access to the system. This can lead to information disclosure or other unauthorized actions by users who should be restricted.
CVSS Score
8.1
EPSS Score
0.001
Published
2026-02-03
Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced.
This issue affects pdfonline.foxit.com: before 2026‑02‑03.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-02-03
Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the file upload feature. A malicious username is embedded into the upload file list without proper escaping, allowing arbitrary JavaScript execution when the list is displayed.
This issue affects pdfonline.foxit.com: before 2026‑02‑03.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-02-03
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-02-03
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-02-03
OS command injection vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. A crafted request from a logged-in user may lead to an arbitrary OS command execution.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-02-03
OS command injection vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. A crafted request from a logged-in user may lead to an arbitrary OS command execution.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-02-03
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-02-03
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-02-03
A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-02-03