Aggregator

A vulnerability was found in Apache CouchDB up to 3.2.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to insecure default initialization of resource. The identification of this vulnerability is CVE-2022-24706. The attack can only be done within the local network. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in hanabank 4.06. Affected is an unknown function of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2014-5832. The attack needs to be done within the local network. There is no exploit available.

Brussel, Belgium, September 2nd, 2024, CyberNewsWireThe company’s new product covers every base f

A vulnerability classified as critical was found in Xoops Tutoriais module. This vulnerability affects unknown code of the file viewcat.php. The manipulation of the argument cid leads to sql injection. This vulnerability was named CVE-2007-1816. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Check Point Firewall-1 4.0/4.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SecuRemote Request Handler. The manipulation leads to information disclosure (Path). This vulnerability is handled as CVE-2003-0757. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in happylabs Hotel Story: Resort Simulation 1.7.9b. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-5831. The attack can only be initiated within the local network. There is no exploit available.

Vulnerability Management / WebinarThe world of cybersecurity is in a constant state of flux. New v

2024/09/02 Stamattina alle 11 torno a Rete Tre con “Niente panico” St

Technical Analysis Upon launching the application, the user is shown an attacker-defined message scr

Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. Launched in November 2019, OTP Agency was a service for intercepting one-time passwords needed to log in to various websites. Scammers would enter the target’s phone number and name, and the service would initiate an automated phone call to the target that alerts them about unauthorized activity on their account.