Aggregator

CVE-2021-37136 | Oracle Access Manager 12.2.1.4.0 Centralized Thirdparty Jars denial of service (Nessus ID 240509)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Oracle Access Manager 12.2.1.4.0 and classified as critical. Affected by this issue is some unknown functionality of the component Centralized Thirdparty Jars. The manipulation leads to denial of service. This vulnerability is handled as CVE-2021-37136. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2021-37137 | Oracle WebCenter Portal 12.2.1.3.0/12.2.1.4.0 Security Framework denial of service (Nessus ID 240509)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Oracle WebCenter Portal 12.2.1.3.0/12.2.1.4.0. It has been classified as critical. This affects an unknown part of the component Security Framework. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2021-37137. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2021-37137 | Oracle Communications BRM - Elastic Charging Engine 5G gateway denial of service (Nessus ID 240509)

Vuldb Updates
2 months 3 weeks ago
A vulnerability classified as critical was found in Oracle Communications BRM - Elastic Charging Engine. Affected by this vulnerability is an unknown functionality of the component 5G gateway. The manipulation leads to denial of service. This vulnerability is known as CVE-2021-37137. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

The Hackers News
2 months 3 weeks ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-54085 (CVSS score: 10.0) - An authentication bypass by spoofing
The Hacker News

CVE-2025-6212 | Ultra Addons for Contact Form 7 Plugin up to 3.5.11/3.5.19 on WordPress Database Module ajax_get_table_data cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in Ultra Addons for Contact Form 7 Plugin up to 3.5.11/3.5.19 on WordPress. It has been classified as problematic. This affects the function ajax_get_table_data of the component Database Module. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-6212. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-5842 | Modern Design Library Plugin up to 1.1.4 on WordPress Class cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in Modern Design Library Plugin up to 1.1.4 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Class leads to cross site scripting. This vulnerability is handled as CVE-2025-5842. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-5338 | WProyal Royal Elementor Addons Plugin up to 1.7.1024 on WordPress Widget cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability has been found in WProyal Royal Elementor Addons Plugin up to 1.7.1024 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Widget. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-5338. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-47654 | FormLift for Infusionsoft Web Forms Plugin up to 7.5.20 on WordPress cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability classified as problematic has been found in FormLift for Infusionsoft Web Forms Plugin up to 7.5.20 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-47654. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

Trend Micro Scam Radar analyzes different communications methods used by scammers

Help Net Security
2 months 3 weeks ago

Trend Micro launched Scam Radar, a new feature within the Trend Micro ScamCheck app. Scam Radar offers real-time protection by identifying scam tactics utilized by cybercriminals as they happen, alerting users early and empowering them to take action before any harm is done. A recent study by Trend Micro found that 30% of consumers reported having been a victim of an online scam and 39% of victims did not even realize they had been scammed … More →

The post Trend Micro Scam Radar analyzes different communications methods used by scammers appeared first on Help Net Security.

Industry News

Managed ad