NAME__________Nextcloud Server information disclosurePlatforms Affected:Nextcloud Nextcloud Server 25.0.0 Nextcloud Nextcloud Enterprise Server 23.0.0 Nextcloud Nextcloud Enterprise Server 24.0.0 Nextcloud Nextcloud...
NAME__________Nextcloud Server information disclosurePlatforms Affected:Nextcloud Nextcloud Server 25.0.0 Nextcloud Nextcloud Enterprise Server 25.0.0 Nextcloud Nextcloud Server 26.0.0 Nextcloud Nextcloud Enterprise...
NAME__________Nextcloud Talk Android directory traversalPlatforms Affected:Nextcloud Talk Android 16.0.1Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nextcloud Talk Android could allow a local authenticated attacker...
NAME__________Nextcloud user_oidc security bypassPlatforms Affected:Nextcloud user_oidc 1.0.0 Nextcloud user_oidc 1.3.2Risk Level:3.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nextcloud user_oidc could allow a remote authenticated attacker...
NAME__________Nextcloud user_oidc man-in-the-middlePlatforms Affected:Nextcloud user_oidc 1.0.0 Nextcloud user_oidc 1.3.2Risk Level:4.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nextcloud user_oidc is vulnerable to a man-in-the-middle attack, caused...
NAME__________Logitec network devices OS command executionPlatforms Affected:Logitec LAN-WH300N/RERisk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Logitec network devices could allow a remote authenticated attacker to...
European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which...
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain...
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-38180.NET and Visual Studio Denial of Service VulnerabilityCVE-2023-36911Microsoft Message Queuing Remote Code...
The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to...
The Department of Homeland Security's Cyber Safety Review Board (CSRB) has announced plans to conduct an in-depth review of cloud...
Update 8/11/23: Updated with information from DOJ about alleged Netwalker Ransomware involvement. Police have taken down the Lolek bulletproof hosting provider,...
Amazon AWS has withdrawn its association with open source project Moq after the project drew sharp criticism for its quiet...
Millions of PLC (programmable logic controllers) used in industrial environments worldwide are at risk to 15 vulnerabilities in the CODESYS...
While some ransomware operations claim not to target hospitals, one relatively new ransomware gang named Rhysida doesn't seem to care....
The security and privacy concerns around the use of generative AI today could be just the tip of a forming...
The technology secretary has drawn the ire of encryption experts by repeating false claims and half-truths about the Online Safety...
Researchers at Glasgow University have identified 15 ways users and manufacturers could reduce the risk of thermal attacks to boost...
Security researchers have discovered a third novel backdoor that was used in attacks on users of Barracuda ESG appliances recently.The...
The US Cyber Safety Review Board (CSRB) has issued a comprehensive report shedding light on the operations of the notorious...
A new variant of the SystemBC malware, paired with Cobalt Strike beacons, has been identified in a recent cyber-attack targeting...
The US Department of Homeland Security (DHS) has announced it will investigate Microsoft’s security practices in relation to the recent...
Multiple vulnerabilities have been identified in the widely used Avada theme and its accompanying Avada Builder plugin. These security flaws, uncovered...
Microsoft Releases August 2023 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...
