NAME__________Trane Thermostats command executionPlatforms Affected:Trane Technologies XL824 Thermostat Firmware 5.9.8 Trane Technologies XL850 Thermostat Firmware 5.9.8 Trane Technologies XL1050 Thermostat...
NAME__________EnterpriseDB Postgres Advanced Server accesshistory() information disclosurePlatforms Affected:EnterpriseDB Postgres Advanced Server 11.21 EnterpriseDB Postgres Advanced Server 12.16 EnterpriseDB Postgres Advanced...
NAME__________Devolutions Remote Desktop Manager security bypassPlatforms Affected:Devolutions Remote Desktop Manager 2023.2.19Risk Level:5.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Devolutions Remote Desktop Manager could allow a...
NAME__________Danfoss AK-SM800A information disclosurePlatforms Affected:Danfoss AK-SM800A 3.3Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Danfoss AK-SM800A could allow a remote authetnicated attacker to obtain sensitive...
NAME__________Red Hat Openshift Logging security bypassPlatforms Affected:Red Hat OpenShift LoggingRisk Level:7.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Red Hat Openshift Logging could allow a remote...
NAME__________Apache Batik server-side request forgeryPlatforms Affected:Apache Batik 1.0 Apache Batik 1.16Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Batik is vulnerable to server-side request...
NAME__________Apache Batik server-side request forgeryPlatforms Affected:Apache Batik 1.0 Apache Batik 1.16Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Batik is vulnerable to server-side request...
NAME__________openSUSE Welcome privilege escalationPlatforms Affected:openSUSE WelcomeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________openSUSE Welcome could allow a local authenticated attacker to gain elevated privileges...
More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023...
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on August 17, 2023. These...
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber...
CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan Today, CISA released the Remote Monitoring and Management (RMM)...
Atlassian Releases Security Update for Confluence Server and Data Center Atlassian has released its security bulletin for August 2023 to...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on August 22, 2023. These...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS Juniper has released a security advisory to address vulnerabilities in...
CISA, NSA, and NIST Publish Factsheet on Quantum Readiness Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency...
There's mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate...
The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted...
In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in...
Image: Midjourney A previously unidentified APT hacking group named 'Carderbee' was observed attacking organizations in Hong Kong and other regions...
HIBP In April 2021, "Japan's largest e-mail friend search site" Atmeltomo suffered a data breach that was later sold on...
