Aggregator

A Threat Actor Claims to be Selling the Data of Ardyss Digital and ArdyssLife

Нулевое детектирование на VirusTotal подчёркивает масштаб угрозы.

A vulnerability classified as problematic has been found in IBM Engineering Test Management 7.0.2/7.0.3. This affects an unknown part of the component Web UI. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-43054. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

miyako Claims to be Selling Access to an Unidentifiied Private College Intranet in California

A vulnerability, which was classified as problematic, was found in JM Twitter Cards Plugin on WordPress. Affected is an unknown function of the component Meta Description Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-1769. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Linux Kernel up to 5.13.5. It has been rated as critical. Affected by this issue is the function io_init_wq_offload in the library include/linux/slab.h. The manipulation leads to memory leak. This vulnerability is handled as CVE-2021-47292. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.53/5.13.5. Affected is the function skb_linearize of the component sockmap. The manipulation leads to memory leak. This vulnerability is traded as CVE-2021-47298. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

MIT раскрывает секрет формы электронов.

The vulnerabilities, now patched, posed significant risks, including unauthorized file uploads, privilege escalation and SQL injection attacks

US healthcare giant Ascension revealed that 5.6 million individuals have had their personal, medical and financial information breached in a ransomware attack

Two WordPress plugins required by the premium WordPress WPLMS theme, which has over 28,000 sales, are vulnerable to more than a dozen critical-severity vulnerabilities. [...]

miyako is Allegedly Selling the Data of GoSuite Enterprise

Научатся ли мемристоры думать как живые люди?

A vulnerability was found in shuchkin simplexlsx 1.1.12. It has been rated as problematic. Affected by this issue is the function toHTMLEx. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-56364. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A U.S. federal judge has ruled that Israeli spyware maker NSO Group violated U.S. hacking laws by using WhatsApp zero-days to deploy Pegasus spyware on at least 1,400 devices. [...]

A vulnerability was found in rizinorg rizin up to 0.7.3. It has been declared as critical. Affected by this vulnerability is the function rz_core_cmdf of the file rizin.c of the component m Command Handler. The manipulation leads to os command injection. This vulnerability is known as CVE-2024-53256. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Gogs up to 0.13.0. It has been classified as critical. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2024-55947. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.