Aggregator

A vulnerability was found in e2pdf Plugin up to 1.25.05 on WordPress. It has been rated as problematic. Affected is an unknown function. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2024-43318. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability categorized as problematic has been discovered in myCred Plugin up to 2.7.2 on WordPress. Affected by this vulnerability is an unknown functionality. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2024-43353. The attack can be executed remotely. There is not any exploit available.

A vulnerability identified as problematic has been detected in FormFacade Plugin up to 1.3.2 on WordPress. Affected by this issue is some unknown functionality. Performing a manipulation results in cross site scripting. This vulnerability is reported as CVE-2024-43313. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability described as problematic has been identified in Masteriyo LMS Plugin up to 1.11.4 on WordPress. The impacted element is an unknown function. Such manipulation leads to authorization bypass. This vulnerability is traded as CVE-2024-43239. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in WP Job Portal Plugin up to 2.1.6 on WordPress. This affects an unknown function. Performing a manipulation results in authorization bypass. This vulnerability is known as CVE-2024-43266. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability has been found in azzaroco Ultimate Membership Pro Plugin up to 12.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2024-43241. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in azzaroco Ultimate Membership Pro Plugin up to 12.6 on WordPress. This issue affects some unknown processing. Executing a manipulation can lead to deserialization. This vulnerability appears as CVE-2024-43242. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in azzaroco Ultimate Membership Pro Plugin up to 12.6 on WordPress. It has been rated as critical. This impacts an unknown function. Performing a manipulation results in improper privilege management. This vulnerability was named CVE-2024-43240. The attack may be initiated remotely. There is no available exploit.

Cisco has issued an urgent security warning regarding a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) platform. Enterprise organizations widely use this tool to manage their Cisco software licenses locally. Tracked as CVE-2026-20160, the flaw carries a near-perfect CVSS severity score of 9.8 out of 10. If exploited, it allows an unauthenticated, […]

The post Cisco Smart Software Manager Vulnerability Let Attackers Execute Arbitrary Commands appeared first on Cyber Security News.

速修复

速修复

当 AI Agent 拥有了读写文件、执行命令、访问网络的能力，如何用平台自身的扩展机制构建安全防线？

Oracle has executed a massive workforce reduction, eliminating between 20,000 and 30,000 employees globally to free up cash flow for its aggressive artificial intelligence infrastructure investments. The layoffs, representing roughly 18% of its workforce, were communicated abruptly via email, highlighting the company’s urgent shift in financial strategy amid mounting debt. On Tuesday morning, up to […]

The post Oracle Lays Off 30,000 Employees to Ramp Up Investment in AI Technologies appeared first on Cyber Security News.

从web3安全角度解析Uniswap V2源码，阐述AMM机制与防重入。重点剖析swap验证、mint铸造及最小流动性防御，理清架构逻辑，理解实现以及安全问题。

Что известно о взломе Cisco и при чем здесь популярный сканер уязвимостей.

结账时多看一眼，别让假页面套走你的卡

还在被momo和Hunter卡？这场直播给你答案

看雪论坛作者ID：Saileaxh

Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubblica and news agency ANSA, the vast majority of the targets are located in Italy. It's assessed that the threat actors behind the activity used social engineering

Шпионская контора попалась на создании поддельных мессенджеров.