NAME__________AXIS OS directory traversalPlatforms Affected:Risk Level:7.1Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________AXIS OS could allow a remote authenticated attacker to traverse directories on...
NAME__________AXIS OS directory traversalPlatforms Affected:Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AXIS OS could allow a remote authenticated attacker to traverse directories on the...
NAME__________Nextcloud Server security bypassPlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nextcloud Server could allow a remote authenticated attacker to bypass security restrictions, caused...
NAME__________Nextcloud Server cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Nextcloud Server is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NAME__________IBM Sterling B2B Integrator information disclosurePlatforms Affected:IBM Sterling B2B Integrator 6.0.0.0 IBM Sterling B2B Integrator 6.1.0.0 IBM Sterling B2B Integrator...
NAME__________Google XML Sitemap for Images Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Google XML Sitemap for Images Plugin for WordPress...
NAME__________Chameleon Power framework directory traversalPlatforms Affected:Chameleon Power Chameleon Power framework 1.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Chameleon Power framework could allow a remote...
NAME__________Apache Submarine SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Apache Submarine is vulnerable to SQL injection. A remote attacker could send specially...
NAME__________Zoho ManageEngine Recovery Manager Plus code executionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zoho ManageEngine Recovery Manager Plus could allow a remote authenticated...
NAME__________Zyxel SecuExtender SSL VPN Client privilege escalationPlatforms Affected:Zyxel SecuExtender SSL VPN Client 4.0.4.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Zyxel SecuExtender SSL VPN Client...
NAME__________Fortra Digital Guardian Agent security bypassPlatforms Affected:Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Fortra Digital Guardian Agent could allow a local authenticated attacker to...
NAME__________Dassault Systemes 3DSwymer cross-site scriptingPlatforms Affected:Dassault Systemes 3DSwymer 3DEXPERIENCE R2023xRisk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Dassault Systemes 3DSwymer is vulnerable to cross-site scripting,...
NAME__________Custom Options Plus Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Custom Options Plus Plugin for WordPress 1.8.1Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Custom...
NAME__________Dassault Systemes 3DSwymer cross-site scriptingPlatforms Affected:Dassault Systemes 3DSwymer 3DEXPERIENCE R2023xRisk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Dassault Systemes 3DSwymer is vulnerable to cross-site scripting,...
A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed...
Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started...
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies,...
Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus,...
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in...
The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole...
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers...
A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers...
Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks...
Successors to the QakBot malware have emerged despite the disruption to QakBot infrastructure by an international law enforcement operation led...
