Month: May 2025

HackerOne Bug Bounty Disclosure: netlify-authentication-token-exposed-in-public-mozilla-ci-logs-samirsec-x

May 13, 2025

Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:samirsec0x01Link to Submitters Profile:https://hackerone.com/samirsec0x01 Report Title:Netlify Authentication Token Exposed in Public Mozilla...

[AKIRA] – Ransomware Victim: Precision Tax Relief

May 13, 2025

Ransomware Group: AKIRA VICTIM NAME: Precision Tax Relief NOTE: No files or stolen information are by RedPacket Security. Any legal...

[AKIRA] – Ransomware Victim: Superior Steel

May 13, 2025

Ransomware Group: AKIRA VICTIM NAME: Superior Steel NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

CVE Alert: CVE-2025-46717

May 13, 2025

Vulnerability Summary: CVE-2025-46717 sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6,...

CVE Alert: CVE-2025-46718

May 13, 2025

Vulnerability Summary: CVE-2025-46718 sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6,...

CVE Alert: CVE-2025-26841

May 13, 2025

Vulnerability Summary: CVE-2025-26841 Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code...

CVE Alert: CVE-2025-26846

May 13, 2025

Vulnerability Summary: CVE-2025-26846 An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using the Generic...

CVE Alert: CVE-2024-56523

May 13, 2025

Vulnerability Summary: CVE-2024-56523 Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by placing...

CVE Alert: CVE-2025-46737

May 13, 2025

Vulnerability Summary: CVE-2025-46737 SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway...

CVE Alert: CVE-2025-46611

May 13, 2025

Vulnerability Summary: CVE-2025-46611 Cross Site Scripting vulnerability in ARTEC EMA Mail v6.92 allows an attacker to execute arbitrary code via...

CVE Alert: CVE-2025-47578

May 13, 2025

Vulnerability Summary: CVE-2025-47578 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edward Caissie BNS Twitter Follow...

CVE Alert: CVE-2025-46738

May 13, 2025

Vulnerability Summary: CVE-2025-46738 An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary...

CVE Alert: CVE-2025-46610

May 13, 2025

Vulnerability Summary: CVE-2025-46610 ARTEC EMA Mail 6.92 allows CSRF. Affected Endpoints: No affected endpoints listed. Published Date: 5/12/2025, 3:16:01 PM...