NAME__________YugabyteDB Anywhere information disclosurePlatforms Affected:Yugabyte YugabyteDB Anywhere 2.0.0.0 Yugabyte YugabyteDB Anywhere 2.18.3.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________YugabyteDB Anywhere could allow a remote...
NAME__________Amazonify Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Amazonify Plugin for WordPress 0.8.1Risk Level:4.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Amazonify Plugin Plugin for WordPress is...
NAME__________Tongda OA SQL injectionPlatforms Affected:Beijing Tongda Xinke Technology Tongda OA 11.10Risk Level:5.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Tongda OA is vulnerable to SQL injection....
NAME__________Go filepath directory traversalPlatforms Affected:Golang Go 1.20.10 Golang Go 1.21.3Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Golang Go could allow a remote attacker to...
NAME__________EC-CUBE 3 series and 4 series code executionPlatforms Affected:EC-CUBE EC-CUBE 4.2.2 EC-CUBE EC-CUBE 3.0.18-p6Risk Level:10Exploitability:Consequences:Gain Access DESCRIPTION__________EC-CUBE 3 series and...
NAME__________Golang Go weak securityPlatforms Affected:Golang Go 1.20.10 Golang Go 1.21.3Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Golang Go could provide weaker than expected security,...
NAME__________FreeBSD security bypassPlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________FreeBSD could allow a local attacker to bypass security restrictions, caused by a flaw...
NAME__________UpdraftPlus plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress UpdraftPlus Plugin for WordPress 1.23.10Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UpdraftPlus plugin for WordPress is...
NAME__________IBM AIX denial of servicePlatforms Affected:IBM AIX 7.3Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM AIX's 7.3 Python implementation could allow a non-privileged...
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization....
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of...
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October...
A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate...
OpenAI has been addressing "periodic outages" due to DDoS attacks targeting its API and ChatGPT services within the last 24...
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the...
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and...
Image: Adrian Grycuk/CC BY-SA 3.0 PL The Industrial & Commercial Bank of China (ICBC) is restoring systems and services following...
Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a...
A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the...
CISA Published When to Issue VEX Information Today, CISA published When to Issue Vulnerability Exploitability eXchange (VEX) Information, developed by...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Cisco Releases Security Advisories for Multiple Products Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat...
CISA Releases Guidance for Addressing Citrix NetScaler ADC and Gateway Vulnerability CVE-2023-4966, Citrix Bleed Today, CISA, in response to active,...
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on November 7, 2023. This...
