CVE Alert: CVE-2025-25992
Vulnerability Summary: CVE-2025-25992 SQL Injection vulnerability in FeMiner wms 1.0 allows a remote attacker to obtain sensitive information via the...
CVE Alert: CVE-2025-25990
Vulnerability Summary: CVE-2025-25990 Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the...
CVE Alert: CVE-2025-25991
Vulnerability Summary: CVE-2025-25991 SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php...
CVE Alert: CVE-2025-25988
Vulnerability Summary: CVE-2025-25988 Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service...
[ABYSS] – Ransomware Victim: halex[.]com
Ransomware Group: ABYSS VICTIM NAME: halexcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-26157
Vulnerability Summary: CVE-2025-26157 A SQL Injection vulnerability was found in /bpms/index.php in Source Code and Project Beauty Parlour Management System...
CVE Alert: CVE-2025-26156
Vulnerability Summary: CVE-2025-26156 A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote...
CVE Alert: CVE-2025-25997
Vulnerability Summary: CVE-2025-25997 Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain sensitive information via the...
CVE Alert: CVE-2025-26158
Vulnerability Summary: CVE-2025-26158 A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management...
CVE Alert: CVE-2025-0503
Vulnerability Summary: CVE-2025-0503 Mattermost versions 9.11.x
CVE Alert: CVE-2025-25288
Vulnerability Summary: CVE-2025-25288 @octokit/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and...
CVE Alert: CVE-2025-25285
Vulnerability Summary: CVE-2025-25285 @octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version...
CVE Alert: CVE-2025-25290
Vulnerability Summary: CVE-2025-25290 @octokit/request sends parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node. Starting in version...
CVE Alert: CVE-2025-25297
Vulnerability Summary: CVE-2025-25297 Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's S3 storage...
CVE Alert: CVE-2025-25289
Vulnerability Summary: CVE-2025-25289 @octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version...
CVE Alert: CVE-2022-28693
Vulnerability Summary: CVE-2022-28693 Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user...
CVE Alert: CVE-2025-25296
Vulnerability Summary: CVE-2025-25296 Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's `/projects/upload-example` endpoint...
CVE Alert: CVE-2025-0593
Vulnerability Summary: CVE-2025-0593 The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level...
CVE Alert: CVE-2022-26083
Vulnerability Summary: CVE-2022-26083 Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow...
CVE Alert: CVE-2025-0592
Vulnerability Summary: CVE-2025-0592 The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the...
CISA: Microsoft Releases January 2025 Security Updates
Microsoft Releases January 2025 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...
