Aggregator

A vulnerability classified as critical was found in Mozilla Firefox and Thunderbird up to 20.0/17.0.5. This vulnerability affects the function _cairo_xlib_surface_add_glyph of the component Chrome Object Wrappers. The manipulation leads to improper access controls. This vulnerability was named CVE-2013-1670. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Wireshark up to 1.12.8/2.0.0. Affected is the function dissect_zcl_pwr_prof_pwrprofstatersp of the file epan/dissectors/packet-zbee-zcl-general.c of the component ZigBee ZCL Dissector. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2015-8732. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Is the Quest for Stability an Uphill Battle in Cybersecurity? In the vast landscape of data management and cybersecurity, professionals constantly grapple with threats that lurk in the shadows, invisible and unpredictable. The elusive nature of these threats often leaves CISOs, SOC teams, and other cybersecurity professionals wondering: how can stability be achieved in a […]

The post Achieving Stability with Enhanced Secret Detection appeared first on Entro.

The post Achieving Stability with Enhanced Secret Detection appeared first on Security Boulevard.

A vulnerability classified as problematic has been found in DiscusWare Discus Freeware 3.10.4/3.10.5. Affected is an unknown function of the component Error Message Handler. The manipulation leads to basic cross site scripting. This vulnerability is traded as CVE-2006-0073. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Linux Kernel up to 5.14.9. It has been rated as critical. This issue affects the function qeth_do_reset of the component s390. The manipulation leads to deadlock. The identification of this vulnerability is CVE-2021-47382. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.4.150/5.10.70/5.14.9. This issue affects the function devm_i2c_new_dummy_device of the component hwmon. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2021-47385. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Cybozu Garoon and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument uid leads to sql injection. This vulnerability is known as CVE-2006-4444. The attack can be launched remotely. Furthermore, there is an exploit available.

X0Frankenstein Claims to have Leaked the Data of Vibrant Gujarat Industrial Directory

A Threat Actor is Allegedly Selling XSniffer - A Universal Sniffer Tool

A vulnerability, which was classified as problematic, has been found in Loan Comparison Plugin up to 2.0 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-12814. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in WP Datepicker Plugin up to 2.1.4 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-12468. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Export Customers Data Plugin up to 1.2.3 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-12405. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in NinjaTeam Chat for Telegram Plugin up to 1.0 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-11885. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in WP-Appbox Plugin up to 4.5.3 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-12710. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Optio Dentistry Plugin up to 2.1 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-12507. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Teplitsa shMapper Plugin up to 1.4.18 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-12518. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Text Prompter Plugin up to 1.0.7 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-11896. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in All in One Custom Login Page Plugin up to 7.1.1 on WordPress. This affects an unknown part. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2024-12594. It is possible to initiate the attack remotely. There is no exploit available.