Cobalt Strike Beacon Detected – 8[.]152[.]194[.]88:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-32240
Vulnerability Summary: CVE-2025-32240 Missing Authorization vulnerability in NotFound Site Notify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-32227
Vulnerability Summary: CVE-2025-32227 Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing. This issue affects Asgaros Forum:...
CVE Alert: CVE-2025-32230
Vulnerability Summary: CVE-2025-32230 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Themeum Tutor LMS....
CVE Alert: CVE-2025-32228
Vulnerability Summary: CVE-2025-32228 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Messiah Ai Image Alt...
CVE Alert: CVE-2025-32236
Vulnerability Summary: CVE-2025-32236 Missing Authorization vulnerability in Vagonic Woocommerce Products Reorder Drag Drop Multiple Sort – Sortable, Rearrange Products Vagonic....
CVE Alert: CVE-2025-32221
Vulnerability Summary: CVE-2025-32221 Missing Authorization vulnerability in Spider Themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-32275
Vulnerability Summary: CVE-2025-32275 Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing. This issue affects Survey...
CVE Alert: CVE-2025-32259
Vulnerability Summary: CVE-2025-32259 Missing Authorization vulnerability in Alimir WP ULike. This issue affects WP ULike: from n/a through 4.7.9.1. Affected...
CVE Alert: CVE-2025-32260
Vulnerability Summary: CVE-2025-32260 Missing Authorization vulnerability in Detheme DethemeKit For Elementor. This issue affects DethemeKit For Elementor: from n/a through...
CVE Alert: CVE-2025-32244
Vulnerability Summary: CVE-2025-32244 Missing Authorization vulnerability in QuantumCloud SEO Help allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-32242
Vulnerability Summary: CVE-2025-32242 Missing Authorization vulnerability in Hive Support Hive Support allows Accessing Functionality Not Properly Constrained by ACLs. This...
CVE Alert: CVE-2025-32243
Vulnerability Summary: CVE-2025-32243 Missing Authorization vulnerability in Toast Plugins Internal Link Optimiser allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-32282
Vulnerability Summary: CVE-2025-32282 Cross-Site Request Forgery (CSRF) vulnerability in ShareThis ShareThis Dashboard for Google Analytics. This issue affects ShareThis Dashboard...
CVE Alert: CVE-2025-32687
Vulnerability Summary: CVE-2025-32687 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magnigenie Review Stars...
CVE Alert: CVE-2025-32668
Vulnerability Summary: CVE-2025-32668 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez...
CVE Alert: CVE-2025-27350
Vulnerability Summary: CVE-2025-27350 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hugh Mungus Vice Versa allows...
CVE Alert: CVE-2025-23386
Vulnerability Summary: CVE-2025-23386 A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to...
CVE Alert: CVE-2025-27081
Vulnerability Summary: CVE-2025-27081 A potential security vulnerability in HPE NonStop OSM Service Connection Suite could potentially be exploited to allow...
CVE Alert: CVE-2025-22279
Vulnerability Summary: CVE-2025-22279 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock...
CVE Alert: CVE-2025-31411
Vulnerability Summary: CVE-2025-31411 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Aribhour Linet ERP-Woocommerce Integration...
HackerOne Bug Bounty Disclosure: direct-ip-access-to-website-ryomenshuvro
Company Name: Lichess Company HackerOne URL: https://hackerone.com/lichess Submitted By:ryomenshuvroLink to Submitters Profile:https://hackerone.com/ryomenshuvro Report Title:Direct IP Access to WebsiteReport Link:https://hackerone.com/reports/3068485Date Submitted:11...
CVE Alert: CVE-2025-1073
Vulnerability Summary: CVE-2025-1073 Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access...
CVE Alert: CVE-2025-32754
Vulnerability Summary: CVE-2025-32754 In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images...
