Submit #446282: code-projects Restaurant Order System 1.0 SQL Injection [Duplicate]
Submit #446282 / VDB-282902
Aggregator
Submit #446281: code-projects Hospital Management System 1.0 SQL Injection [Duplicate]
1 day ago
Submit #446281 / VDB-281698
w0r1dtr33
A Threat Actor Reportedly is Selling Credit Cards to an Unidentified Shop Across Multiple Countries
1 day ago
A Threat Actor Reportedly is Selling Credit Cards to an Unidentified Shop Across Multiple Countries
Dark Web Informer
Submit #444738: E-Lins Technology E-Lins H685 Routers <=v3.2.337 Hard-coded Credentials [Accepted]
1 day ago
Submit #444738 / VDB-285916
liutong
China's DeepSeek Aims to Rival OpenAI's 'Reasoning' Model
1 day ago
DeepSeek-R1 Struggles with Logic Tests and Is Vulnerable to Jailbreaks
Chinese artificial intelligence research company DeepSeek, funded by quantitative trading firms, introduced what it says is one of the first reasoning models to rival OpenAI o1. Reasoning models engage in self-fact checking and perform multi-step reasoning tasks.
Chinese artificial intelligence research company DeepSeek, funded by quantitative trading firms, introduced what it says is one of the first reasoning models to rival OpenAI o1. Reasoning models engage in self-fact checking and perform multi-step reasoning tasks.
Google AI Tool Finds 26 Bugs in Open-Source Projects
1 day ago
One Vulnerability Had Been Undiscovered for Two Decades, Researchers Said
Google researchers used an AI-powered fuzzing tool to identify 26 vulnerabilities in open-source code repositories, some of which had been lurking undiscovered for several decades. Each was found with AI, using AI-generated and enhanced fuzz targets, Google said.
Google researchers used an AI-powered fuzzing tool to identify 26 vulnerabilities in open-source code repositories, some of which had been lurking undiscovered for several decades. Each was found with AI, using AI-generated and enhanced fuzz targets, Google said.
CISA: Over Half of Top Routinely Exploited Vulnerabilities in 2023 Affected Network Devices and Infrastructure
1 day ago
Over half of the most routinely exploited vulnerabilities worldwide in 2023 affected network devices and infrastructure, according to a cybersecurity advisory issued by CISA and other international cybersecurity agencies in November, 2024. Furthermore, the majority of the routinely exploited vulnerabilities were “initially exploited as a zero-day” which was a change from 2022, when the majority […]
The post CISA: Over Half of Top Routinely Exploited Vulnerabilities in 2023 Affected Network Devices and Infrastructure appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.
The post CISA: Over Half of Top Routinely Exploited Vulnerabilities in 2023 Affected Network Devices and Infrastructure appeared first on Security Boulevard.
Chris Garland
Medusa Blog
1 day ago
cohenido
Medusa Blog
1 day ago
cohenido
Medusa Blog
1 day ago
cohenido
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
1 day ago
The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asyncshell.
The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis published today.
Mysterious Elephant, which is also known as
The Hacker News
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
1 day ago
Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe.
Recorded Future's Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0063, which, in turn, overlaps with APT28. The
The Hacker News
Cloak
1 day ago
cohenido
CVE-2024-11426 | AutoListicle Plugin up to 1.2.3 on WordPress cross site scripting
1 day ago
A vulnerability, which was classified as problematic, was found in AutoListicle Plugin up to 1.2.3 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-11426. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-11188 | Formidable Forms Plugin up to 6.16.1.2 on WordPress cross site scripting
1 day ago
A vulnerability, which was classified as problematic, has been found in Formidable Forms Plugin up to 6.16.1.2 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-11188. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-11362 | Payments Plugin and Checkout Plugin for WooCommerce Plugin cross site scripting
1 day ago
A vulnerability classified as problematic was found in Payments Plugin and Checkout Plugin for WooCommerce Plugin up to 1.112.0 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2024-11362. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-10880 | JobBoardWP Plugin up to 1.3.0 on WordPress cross site scripting
1 day ago
A vulnerability classified as problematic has been found in JobBoardWP Plugin up to 1.3.0 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2024-10880. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-10606 | WP Travel Engine Plugin up to 6.2.1 on WordPress Setting authorization
1 day ago
A vulnerability was found in WP Travel Engine Plugin up to 6.2.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to missing authorization.
The identification of this vulnerability is CVE-2024-10606. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-11332 | HIPAA Compliant Forms Plugin up to 1.3.4 on WordPress cross site scripting
1 day ago
A vulnerability was found in HIPAA Compliant Forms Plugin up to 1.3.4 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2024-11332. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-11387 | Easy Liveblogs Plugin up to 2.3.5 on WordPress cross site scripting
1 day ago
A vulnerability was found in Easy Liveblogs Plugin up to 2.3.5 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-11387. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com