Freeciv buffer overflow | CVE-2022-39047
NAME Freeciv buffer overflow Platforms Affected:Freeciv Freeciv 2.6.6 Freeciv Freeciv 3.0.2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Freeciv is vulnerable to a buffer...
Node.js hwzpgf module code execution |
NAME Node.js hwzpgf module code execution Platforms Affected:Node.js hwzpgfRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js hwzpgf module could allow a remote attacker...
Node.js wm-publish-statuses module code execution |
NAME Node.js wm-publish-statuses module code execution Platforms Affected:Node.js wm-publish-statusesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-publish-statuses module could allow a remote attacker...
Fuji Electric D300win information disclosure | CVE-2022-1738
NAME Fuji Electric D300win information disclosure Platforms Affected:Fuji Electric D300win 3.7.1.16 Fuji Electric D300win 3.7.1.15Risk Level:8.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Fuji Electric...
Hgiga OAKlouds Portal website SQL injection | CVE-2022-38118
NAME Hgiga OAKlouds Portal website SQL injection Platforms Affected:HGiga OAKlouds Portal 3.0-2 HGiga OAKlouds Portal 2.0-2Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Hgiga...
Node.js wm-cookies-api module code execution |
NAME Node.js wm-cookies-api module code execution Platforms Affected:Node.js wm-cookies-apiRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-cookies-api module could allow a remote attacker...
Node.js api-discord.js module code execution |
NAME Node.js api-discord.js module code execution Platforms Affected:Node.js api-discord.jsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js api-discord.js module could allow a remote attacker...
PTC Kepware KEPServerEX buffer overflow | CVE-2022-2848
NAME PTC Kepware KEPServerEX buffer overflow Platforms Affected:PTC Kepware KEPServerEX 6.11 PTC ThingWorkx Kepware Server 6.11 PTC ThingWorkx Industrial Connectivity...
Watchguard Firebox buffer overflow | CVE-2022-31789
NAME Watchguard Firebox buffer overflow Platforms Affected:WatchGuard WatchGuard FireboxRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Watchguard Firebox is vulnerable to a buffer overflow,...
PTC Kepware KEPServerEX buffer overflow | CVE-2022-2825
NAME PTC Kepware KEPServerEX buffer overflow Platforms Affected:PTC Kepware KEPServerEX 6.11 PTC ThingWorkx Kepware Server 6.11 PTC ThingWorkx Industrial Connectivity...
WordPress Core Link SQL injection |
NAME WordPress Core Link SQL injection Platforms Affected:WordPress WordPress 2.0.9 WordPress WordPress 2.0.11 WordPress WordPress 2.3.2 WordPress WordPress 2.3.3 WordPress...
A flaw in TikTok Android app could have allowed the hijacking of users’ accounts
Microsoft discovered a vulnerability in the TikTok app for Android that could lead to one-click account hijacking. Microsoft researchers discovered...
Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report
This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail...
Threat actors breached the network of the Italian oil company ENI
Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to...
GO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope image
A malware campaign tracked as GO#WEBBFUSCATOR used an image taken from NASA’s James Webb Space Telescope (JWST) as a lure....
HackerOne Bug Bounty Disclosure: enable-2fa-verification-without-verifying-email-leads-account-takeoverbymotu-vai
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by motu-vai motu-vai Report Enable 2Fa verification without verifying...
HackerOne Bug Bounty Disclosure: cve-2022-35252:-control-code-in-cookie-denial-of-servicebyhaxatron1
Programme HackerOne curl curl Submitted by haxatron1 haxatron1 Report CVE-2022-35252: control code in cookie denial of service Full Report A...
HackerOne Bug Bounty Disclosure: blind-ssrf-on-platform-dash-cloudflare-com-due-to-sentry-misconfigurationbylohigowda
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by lohigowda lohigowda Report Blind SSRF on platform.dash.cloudflare.com Due...
Experts spotted five malicious Google Chrome extensions used by 1.4M users
Researchers spotted 5 malicious Google Chrome extensions used to track users’ browsing activity and profit of retail affiliate programs. McAfee...
China-linked APT40 used ScanBox Framework in a long-running espionage campaign
Experts uncovered a cyber espionage campaign conducted by a China-linked APT group and aimed at several entities in the South...
Awesome-Password-Cracking – A Curated List Of Awesome Tools, Research, Papers And Other Projects Related To Password Cracking And Password Security
A curated list of awesome tools, research, papers and other projects related to password cracking and password security. Read the...
Cobalt Stike Beacon Detected – 98[.]142[.]142[.]229:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]70[.]116[.]20:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]204[.]198:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
