Aggregator

A vulnerability, which was classified as problematic, was found in Tony Cook Imager up to 0.49. Affected is an unknown function. The manipulation leads to improper resource management. This vulnerability is traded as CVE-2006-0053. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims’ Wallets       Threat Bulletin: Weaponized Software Targets Chinese-Speaking Organizations  Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai   Sophos MDR […]

SECURITY AFFAIRS MALWARE NEWSLETTE

#Laravel-RCE #TRP00F权限提升 #audit服务日志权限提升 #composer权限提升

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Subaru Starlink flaw allowed experts to remotely hack cars Participants in the Pwn2Own Automotive 2025 earned $886,250 U.S. […]

SECURITY AFFAIRS MALWARE NEWSLETTE

A vulnerability was found in Eventum up to 2.3.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file htdocs/setup/index.php. The manipulation of the argument hostname as part of Parameter leads to permission issues. This vulnerability is handled as CVE-2014-1632. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Web缓存漏洞是指由于缓存机制配置或实现不当，导致攻击者可通过操纵缓存内容获取敏感信息、篡改数据或破坏服务安全性的安全风险。

A vulnerability was found in Apple Mac OS X up to 10.11.3 and classified as critical. This issue affects some unknown processing of the component Intel Graphics Driver. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-1743. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Pandora FMS 7.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SNMP. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2020-11749. The attack can be launched remotely. Furthermore, there is an exploit available.

Cary, North Carolina, 26th January 2025, CyberNewsWire

The post INE Security Alert: Expediting CMMC 2.0 Compliance appeared first on Security Boulevard.

Cary, North Carolina, January

A vulnerability classified as critical has been found in Wilson Steven MangosWeb Enhanced 3.0.3. This affects an unknown part of the file index.php of the component Login. The manipulation of the argument login leads to sql injection. This vulnerability is uniquely identified as CVE-2012-5348. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in BGSvetionik BGS CMS 2.2.1. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument search leads to cross site scripting. This vulnerability is uniquely identified as CVE-2010-0675. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Apple Mac OS X up to 10.11.3. It has been classified as critical. Affected is an unknown function of the component Intel Graphics Driver. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2016-1744. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in WikkaWiki 1.3.1/1.3.2. It has been classified as critical. Affected is an unknown function. The manipulation of the argument default_comment_display leads to sql injection. This vulnerability is traded as CVE-2011-4448. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Apache Struts 1.2.7 and classified as problematic. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2005-3745. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.