NAME__________Vehicle Service Management System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Vehicle Service Management System is vulnerable to cross-site scripting, caused by...
NAME__________Vehicle Service Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Vehicle Service Management System is vulnerable to SQL injection. A remote...
NAME__________Guzzle PSR-7 weak securityPlatforms Affected:Guzzle PSR-7 2.0.0 Guzzle PSR-7 1.9.0 Guzzle PSR-7 2.4.4Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Guzzle PSR-7 could provide weaker...
NAME__________Kylin Software youker-assistant command executionPlatforms Affected:Risk Level:5.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Kylin Software youker-assistant could allow a local authenticated attacker to...
NAME__________Apache Superset server-side request forgeryPlatforms Affected:Apache Superset 2.0.1Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Superset is vulnerable to server-side request forgery, caused by...
NAME__________DREAM TRAIN INTERNET TONE Family security bypassPlatforms Affected:DREAM TRAIN INTERNET TONE FamilyRisk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________DREAM TRAIN INTERNET TONE Family could...
NAME__________Chatwoot cross-site scriptingPlatforms Affected:Risk Level:5.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Chatwoot is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
NAME__________Apache IoTDB security bypassPlatforms Affected:Apache IoTDB 0.13.0 Apache IoTDB 0.13.1 Apache IoTDB 0.13.2 Apache IoTDB 0.13.3Risk Level:10Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache IoTDB...
NAME__________NETGEAR RAX30 buffer overflowPlatforms Affected:NETGEAR RAX30Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NETGEAR RAX30 is vulnerable to a stack-based buffer overflow, caused by improper...
NAME__________ASUSTOR Data Master (ADM) buffer overflowPlatforms Affected:ASUSTOR Data Master 4.0 ASUSTOR Data Master 4.1 ASUSTOR Data Master 4.2Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access...
NAME__________Sourcecodester Judging Management System SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Judging Management System is vulnerable to SQL injection. A remote...
NAME__________Apache Superset information disclosurePlatforms Affected:Apache Superset 2.0.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Superset could allow a remote authenticate attacker to obtain sensitive...
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Threat actors behind the LockBit ransomware operation have developed new artifacts that can encrypt files on devices running Apple's macOS...
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding,...
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-45789A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution...
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 11, 2023. These...
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
Fortinet Releases April 2023 Vulnerability Advisories Fortinet has released its April 2023 Vulnerability Advisories(link is external) to address vulnerabilities affecting multiple...
Juniper Networks Releases Security Updates Juniper Networks has released security updates to address vulnerabilities affecting Junos OS(link is external), Paragon...
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles...
CISA Releases Sixteen Industrial Control Systems Advisories CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These...
Microsoft Releases Guidance for the BlackLotus Campaign Microsoft has released Guidance for investigating attacks using CVE-2022-21894: The BlackLotus Campaign(link is...
