Aggregator

A vulnerability was found in Xibo CMS up to 4.0.x. It has been declared as problematic. This vulnerability affects unknown code of the component Generic File Module. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-43412. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

新闻速览 •《网络安全技术 网络身份认证公共服务应用接入规范》等4项国家标准公开征求意见 •有赞支付、度小满支 […]

面对不断增长的勒索软件攻击，企业需要采取全面、主动和协作的防护策略，通过结合技术、流程和人员等多方面的防护措施 […]

A vulnerability was found in Linux Kernel up to 5.10.224/5.15.165/6.1.106/6.6.47/6.10.6 and classified as problematic. Affected by this issue is some unknown functionality of the component arm64. The manipulation leads to allocation of resources. This vulnerability is handled as CVE-2024-46707. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.10.7/6.11-rc1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component vmwgfx. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2024-46712. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Most password protection methods use some form of encryption, but is there a clear choice between software and hardware encryption when it comes to protecting your personal or business files from theft, loss, or hacking?

The post How Secure is the “Password Protection” on Your Files and Drives? appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, was found in Cron Jobs Plugin up to 1.2.9 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-8731. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in PDF Thumbnail Generator Plugin up to 1.3 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-8737. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in Roles & Capabilities Plugin up to 1.1.9 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-8732. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Exit Notifier Plugin up to 1.9.1 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8730. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Email Obfuscate Shortcode Plugin up to 2.0 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-8747. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Beauty Plugin up to 1.1.4 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument tpl_featured_cat_id leads to cross site scripting. This vulnerability is known as CVE-2024-5884. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Neighborly Plugin up to 1.4 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-5869. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Tweaker5 Plugin up to 1.2 on WordPress and classified as problematic. This issue affects some unknown processing of the component Shortcode Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-5870. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Delicate Plugin up to 3.5.5 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-5867. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Triton Lite Plugin up to 1.3 on WordPress. This affects an unknown part of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-5789. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in MStore API Plugin up to 4.15.3 on WordPress. Affected by this issue is some unknown functionality of the component User Registration Handler. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2024-8269. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Custom Post Limits Plugin up to 4.4.1 on WordPress. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-6544. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in MStore API Plugin up to 4.15.3 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2024-8242. The attack can be launched remotely. There is no exploit available.

A Google Sheets exploit has recently been discovered by cybersecurity experts Proofpoint. As per the initial information, the platform is being leveraged as a command-and-control (C2) mechanism. In this article, we’ll look at what the Google Sheets exploit is about, which sectors are being targeted, and more. Let’s begin! Google Sheets Exploit: Initial Discovery The […]

The post Espionage Alert: Google Sheets Exploit For Malware Control appeared first on TuxCare.

The post Espionage Alert: Google Sheets Exploit For Malware Control appeared first on Security Boulevard.