CISA: CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers
CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers Today, CISA and the...
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is...
Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware
Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an...
The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules
The SEC isn't giving SaaS a free pass. Applicable public companies, known as "registrants," are now subject to cyber incident...
Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware
A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target...
Exclusive Addons for Elementor Plugin for WordPress cross-site scripting | CVE-2024-0824
NAME__________Exclusive Addons for Elementor Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Exclusive Addons for Elementor Plugin for WordPress 2.6.8Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting...
Meks Smart Social Widget Plugin for WordPress cross-site scripting | CVE-2024-0664
NAME__________Meks Smart Social Widget Plugin for WordPress cross-site scriptingPlatforms Affected: WordPress Meks Smart Social Widget plugin for WordPress 1.6.3Risk Level:4.4Exploitability:HighConsequences:Cross-Site...
Backuply Plugin for WordPress directory traversal | CVE-2024-0697
NAME__________Backuply Plugin for WordPress directory traversalPlatforms Affected:WordPress Backuply Plugin for WordPress 1.2.3Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Backuply Plugin for WordPress could allow...
TOTOLINK N200RE buffer overflow | CVE-2024-0999
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
NODERP information disclosure | CVE-2024-1005
NAME__________NODERP information disclosurePlatforms Affected:Shanxi Diankeyun Technology NODERP 6.0.2 Shanxi Diankeyun Technology NODERP 6.0.1Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________NODERP could allow a remote...
TOTOLINK N200RE buffer overflow | CVE-2024-0997
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
TOTOLINK N200RE buffer overflow | CVE-2024-1001
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
TOTOLINK N200RE buffer overflow | CVE-2024-0998
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
Tenda i6 buffer overflow | CVE-2024-0992
NAME__________Tenda i6 buffer overflowPlatforms Affected:Tenda i6 1.0.0.9(3857)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda i6 is vulnerable to a stack-based buffer overflow,...
Tenda W6 buffer overflow | CVE-2024-0994
NAME__________Tenda W6 buffer overflowPlatforms Affected:Tenda W6 1.0.0.9(4122)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda W6 is vulnerable to a stack-based buffer overflow,...
TOTOLINK N200RE buffer overflow | CVE-2024-1002
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
TOTOLINK N200RE buffer overflow | CVE-2024-1004
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
Mitsubishi Electric MELSEC WS Series Ethernet Interface Module security bypass | CVE-2023-6374
NAME__________Mitsubishi Electric MELSEC WS Series Ethernet Interface Module security bypassPlatforms Affected:Mitsubishi Electric WS0-GETH00200Risk Level:5.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mitsubishi Electric MELSEC WS Series...
TOTOLINK N200RE buffer overflow | CVE-2024-1000
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
SHARP Energy Management Controller with Cloud Service information disclosure | CVE-2024-23784
NAME__________SHARP Energy Management Controller with Cloud Service information disclosurePlatforms Affected:SHARP Energy Management Controller with Cloud Services B0.1.9.1Risk Level:4.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SHARP...
TOTOLINK N200RE buffer overflow | CVE-2024-1003
NAME__________TOTOLINK N200RE buffer overflowPlatforms Affected:TOTOLINK N200RE 9.3.5u.6139_B20201216Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK N200RE is vulnerable to a stack-based buffer overflow,...
GNU C Library (known as glibc) privilege escalation | CVE-2023-6246
NAME__________GNU C Library (known as glibc) privilege escalationPlatforms Affected:GNU glibc 2.37Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________GNU C Library (known as glibc) could...
Tenda i6 buffer overflow | CVE-2024-0993
NAME__________Tenda i6 buffer overflowPlatforms Affected:Tenda i6 1.0.0.9(3857)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda i6 is vulnerable to a stack-based buffer overflow,...
