Aggregator

A vulnerability classified as problematic has been found in WPAdverts Plugin up to 2.1.6 on WordPress. This affects the function adverts_add of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-10108. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Web and Print Design AR for Woocommerce Plugin up to 6.2 on WordPress. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2024-50510. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Deryck Oñate User Toolkit Plugin up to 1.2.3 on WordPress. Affected is an unknown function. The manipulation leads to authentication bypass using alternate channel. This vulnerability is traded as CVE-2024-50503. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Azexo Marketing Automation Plugin up to 1.27.80 on WordPress and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to incorrect privilege assignment. This vulnerability is handled as CVE-2024-50506. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Daniel Schmitzer DS.DownloadList Plugin up to 1.3 on WordPress. It has been classified as critical. This affects an unknown part. The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2024-50507. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Download Manager Plugin up to 3.2.x on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-8444. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Matt Whiteman Bulk Change Role Plugin up to 1.1 on WordPress. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to incorrect privilege assignment. The identification of this vulnerability is CVE-2024-50504. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Chetan Khandla Woocommerce Product Design Plugin up to 1.0.0 on WordPress. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2024-50508. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Chetan Khandla Woocommerce Product Design Plugin up to 1.0.0 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2024-50509. The attack can be launched remotely. There is no exploit available.

CHOROLOGY.ai this week added an Automated Compliance Engine (ACE) to its data security posture management (DSPM) platform that makes use of multiple types of artificial intelligence (AI) to rapidly classify sensitive data at scale.

The post CHOROLOGY.ai Extends AI Reach to Classify Sensitive Data appeared first on Security Boulevard.

Cybersecurity firm Proofpoint, which is eyeing an IPO in the next 18 months, is buying startup Normalyze to improve its data protection capabilities and mitigate the threat humans present in an increasingly fast-paced, interconnected, and AI-focus world.

The post Proofpoint Boosting Data Security with Normalyze Acquisition appeared first on Security Boulevard.

A vulnerability was found in Mozilla Firefox and classified as problematic. This issue affects some unknown processing of the component History Interface Attribute Handler. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-10464. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox up to 131. Affected by this issue is some unknown functionality of the component Video Frame Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-10463. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Thunderbird up to 131. This affects an unknown part of the component Video Frame Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-10463. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Firefox up to 131. Affected is an unknown function of the component Permission Prompt Handler. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2024-10462. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Thunderbird up to 131. Affected by this vulnerability is an unknown functionality of the component Permission Prompt Handler. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is known as CVE-2024-10462. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 131. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Response Header Handler. The manipulation of the argument Content-Disposition leads to cross site scripting. This vulnerability is known as CVE-2024-10461. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 131. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Response Header Handler. The manipulation of the argument Content-Disposition leads to cross site scripting. This vulnerability is handled as CVE-2024-10461. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

In this article, we’ll explore the most common types of protectors—packers and crypters—along with simple ways to detect and remove them.   We’ll also introduce some useful tools to simplify the process and improve your malware analysis skills.  What Are Protectors and What Types Are There?  Protectors are tools designed to complicate code analysis, making […]

The post Packers and Crypters in Malware <br>and How to Remove Them appeared first on ANY.RUN's Cybersecurity Blog.

Почему телеком скрывал взлом и какой масштаб атаки на самом деле?