How to Prevent ChatGPT From Stealing Your Content & Traffic
ChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer...
China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users
Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy...
Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild,...
Malicious npm Packages Aim to Target Developers for Source Code Theft
An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and...
MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature
A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June...
Posh C2 Detected – 18[.]169[.]33[.]186:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Sourcecodester Inventory Management System SQL injection | CVE-2023-4557
NAME__________Sourcecodester Inventory Management System SQL injectionPlatforms Affected:Sourcecodester Inventory Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Inventory Management System is vulnerable to...
FRRouting FRR denial of service | CVE-2023-41358
NAME__________FRRouting FRR denial of servicePlatforms Affected:FRRouting FRRouting 9.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________FRRouting FRR is vulnerable to a denial of service,...
FreeImage denial of service | CVE-2021-40264
NAME__________FreeImage denial of servicePlatforms Affected:FreeImage Project FreeImage 1.18.0Risk Level:6.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________FreeImage is vulnerable to a denial of...
Pylons Pyramid directory traversal | CVE-2023-40587
NAME__________Pylons Pyramid directory traversalPlatforms Affected:Pylons Pyramid 2.0.0 Pylons Pyramid 2.0.1Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Pylons Pyramid could allow a remote attacker to...
PHPJabbers Callback Widget preview.php cross-site scripting | CVE-2023-40755
NAME__________PHPJabbers Callback Widget preview.php cross-site scriptingPlatforms Affected:PHPJabbers Callback Widget 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Callback Widget is vulnerable to cross-site scripting,...
PHPJabbers Make an Offer Widget index.php cross-site scripting | CVE-2023-40752
NAME__________PHPJabbers Make an Offer Widget index.php cross-site scriptingPlatforms Affected:PHPJabbers Make an Offer Widget 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Make an Offer...
PHPJabbers Fundraising Script index.php cross-site scripting | CVE-2023-40751
NAME__________PHPJabbers Fundraising Script index.php cross-site scriptingPlatforms Affected:PHPJabbers Fundraising Script 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Fundraising Script is vulnerable to cross-site scripting,...
Sourcecodester Online Graduate Tracer System SQL injection | CVE-2023-4556
NAME__________Sourcecodester Online Graduate Tracer System SQL injectionPlatforms Affected:Sourcecodester Online Graduate Tracer System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Online Graduate Tracer System...
PHPJabbers Yacht Listing Script index.php cross-site scripting | CVE-2023-40750
NAME__________PHPJabbers Yacht Listing Script index.php cross-site scriptingPlatforms Affected:PHPJabbers Yacht Listing Script 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Yacht Listing Script is vulnerable...
PHPJabbers Ticket Support Script index.php cross-site scripting | CVE-2023-40753
NAME__________PHPJabbers Ticket Support Script index.php cross-site scriptingPlatforms Affected:PHPJabbers Ticket Support Script 3.2Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Ticket Support Script is vulnerable...
FreeImage denial of service | CVE-2021-40266
NAME__________FreeImage denial of servicePlatforms Affected:FreeImage Project FreeImage 1.18.0Risk Level:6.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________FreeImage is vulnerable to a denial of...
GitPython code execution | CVE-2023-40590
NAME__________GitPython code executionPlatforms Affected:GitPython GitPython 3.1.32Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________GitPython could allow a remote attacker to execute arbitrary code on the...
Tenda AX3 denial of service | CVE-2023-40915
NAME__________Tenda AX3 denial of servicePlatforms Affected:Tenda AX3 16.03.12.11Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Tenda AX3 is vulnerable to a denial...
Sourcecodester Inventory Management System SQL injection | CVE-2023-4558
NAME__________Sourcecodester Inventory Management System SQL injectionPlatforms Affected:Sourcecodester Inventory Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Inventory Management System is vulnerable to...
Linux Kernel information disclosure | CVE-2023-4569
NAME__________Linux Kernel information disclosurePlatforms Affected:Linux KernelRisk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Linux Kernel could allow a local authenticated attacker to obtain sensitive information,...
SPA-Cart eCommerce CMS SQL injection | CVE-2023-4548
NAME__________SPA-Cart eCommerce CMS SQL injectionPlatforms Affected:SPA-Cart eCommerce CMS 1.9.0.3Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SPA-Cart eCommerce CMS is vulnerable to SQL injection. A...
Busybox code execution | CVE-2023-39810
NAME__________Busybox code executionPlatforms Affected:Busybox BusyboxRisk Level:6.1Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Busybox could allow a local attacker to traverse directories on the system. An...
GPAC denial of service | CVE-2023-39562
NAME__________GPAC denial of servicePlatforms Affected:GPAC GPAC 2.3-DEV-rev381-g817a848f6-masterRisk Level:5.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________GPAC is vulnerable to a denial of service,...
