Google addresses actively exploited Android flaw in the kernel
Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw....
CISA: Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox,...
CISA: Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software Cisco has released security updates to address multiple vulnerabilities in Enterprise...
HackerOne Bug Bounty Disclosure: github-account-takeover-which-is-used-as-gradle-vcs-in-“github-com/palantir/gradle-launch-config-plugin”bycodermak
Programme HackerOne Palantir Public Palantir Public Submitted by codermak codermak Report Github Account Takeover which is used as gradle vcs...
The $43 billion Business Email Compromise threat
The FBI has released a public service announcement regarding the ever-present threat of Business Email Compromise (BEC). This comes hot...
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla is a well-known data stealer written in .NET that has been active since 2014 and is perhaps one...
Cisco addresses three bugs in Enterprise NFVIS Software
Cisco addresses three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could allow the compromise of the hosts. Cisco...
Google fixes two critical Pixel vulnerabilities: Get your updates when you can!
Google has made updates available for Android 10, 11, 12 and 12L. The May Android Security Bulletin contains details of...
A couple of 10-Year-Old flaws affect Avast and AVG antivirus
Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne...
Graphql-Threat-Matrix – GraphQL Threat Framework Used By Security Professionals To Research Security Gaps In GraphQL Implementations
Why graphql-threat-matrix? graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple...
It’s business as usual for REvil ransomware
After the FBS arrested 14 of its members in January, and a subsequent lull in action, the REvil ransomware gang...
World Password Day: Brushing up on the basics
World Password Day is today, reminding us of the value of solid passwords, and good password practices generally. There are...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
F5 warns its customers of tens of flaws in its products
Cybersecurity provider F5 released security patches to address tens of vulnerabilities affecting its products. Security and application delivery solutions provider...
cURL security update-CVE-2022-27776
NAME cURL - cURL Platforms Affected:cURLRisk Level:lowCVE Type:Insufficiently protected credentials DESCRIPTION CVE-2022-27776 is an insufficiently protected credentials vulnerability impacting cURL...
Multiple Aruba switches buffer overflow | CVE-2022-23676
NAME Multiple Aruba switches buffer overflow Platforms Affected:Aruba 5400R Series Aruba 3810 Series Aruba 2920 Series Aruba 2930F Series Aruba...
Ruijie RG-EW Series Routers code execution | CVE-2021-43162
NAME Ruijie RG-EW Series Routers code execution Platforms Affected:Ruijie RG-EW EW_3.0(1)B11P55Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Ruijie RG-EW Series Routers could allow...
Multiple Avaya switches buffer overflow | CVE-2022-29860
NAME Multiple Avaya switches buffer overflow Platforms Affected:Avaya ERS3500 Series Avaya ERS3600 Series Avaya ERS4900 Series Avaya ERS5900 SeriesRisk Level:9.8Exploitability:UnprovenConsequences:Gain...
Ruijie RG-EW Series Routers code execution | CVE-2021-43159
NAME Ruijie RG-EW Series Routers code execution Platforms Affected:Ruijie RG-EW EW_3.0(1)B11P55Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Ruijie RG-EW Series Routers could allow...
Multiple Aruba switches code execution | CVE-2022-23677
NAME Multiple Aruba switches code execution Platforms Affected:Aruba 5400R Series Aruba 3810 Series Aruba 2920 Series Aruba 2930F Series Aruba...
Ruijie RG-EW Series Routers code execution | CVE-2021-43164
NAME Ruijie RG-EW Series Routers code execution Platforms Affected:Ruijie RG-EW EW_3.0(1)B11P55Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Ruijie RG-EW Series Routers could allow...
Cisco Enterprise NFV Infrastructure Software command execution | CVE-2022-20779
NAME Cisco Enterprise NFV Infrastructure Software command execution Platforms Affected:Cisco Enterprise NFV Infrastructure Software (NFVIS)Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco Enterprise...
Ruijie RG-EW Series Routers code execution | CVE-2021-43163
NAME Ruijie RG-EW Series Routers code execution Platforms Affected:Ruijie RG-EW EW_3.0(1)B11P55Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Ruijie RG-EW Series Routers could allow...
F5 BIG-IP (AFM, CGNAT, PEM) cross-site scripting | CVE-2022-28716
NAME F5 BIG-IP (AFM, CGNAT, PEM) cross-site scripting Platforms Affected:F5 BIG-IP (AFM) 15.1.0 F5 BIG-IP (PEM) 15.1.0 F5 BIG-IP (PEM)...
