ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Today, CISA—in partnership with...
CISA Releases New Public Version of CDM Data Model Document Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an...
Adobe Releases Security Updates for Multiple Products Adobe released security updates to address vulnerabilities in multiple Adobe software products including...
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 10, 2024. These...
Microsoft Releases December 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 5, 2024. These...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Apple Releases Security Updates for Multiple Products Apple released security updates to address vulnerabilities in multiple Apple products. A cyber...
Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti...
CISA Releases Ten Industrial Control Systems Advisories CISA released ten Industrial Control Systems (ICS) advisories on December 12, 2024. These...
CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector Today, CISA and the Environmental...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Vulnerability Summary: CVE-2024-11873 The glomex oEmbed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'glomex_integration' shortcode...
Vulnerability Summary: CVE-2024-11869 The Buk for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buk'...
Vulnerability Summary: CVE-2024-11888 The IDer Login for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Vulnerability Summary: CVE-2024-11867 The Companion Portfolio – Responsive Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Vulnerability Summary: CVE-2024-11865 The Tabs Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and...
Vulnerability Summary: CVE-2024-11884 The Wp photo text slider 50 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Vulnerability Summary: CVE-2024-11879 The Stripe Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'stripe_donation' shortcode...
Vulnerability Summary: CVE-2024-11877 The Cricket Live Score plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cricket_score'...
Vulnerability Summary: CVE-2024-11883 The Connatix Video Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cnx_script_code'...
Vulnerability Summary: CVE-2024-12448 The Posts and Products Views for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:rullzerLink to Submitters Profile:https://hackerone.com/rullzer Report Title:Nextcloud mail does not respect download permissions...
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:pulsejetLink to Submitters Profile:https://hackerone.com/pulsejet Report Title:Incomplete sanitization in SVG preview providerReport Link:https://hackerone.com/reports/2484499Date...
