Aggregator

303 and miyako have Allegdly Leaked Data of an Unidentified Chinese E-commerce Platform

Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is being actively exploited in attacks in the wild, and urges customers to review the updated advisory. The vulnerability resides in the WebVPN login page of Cisco Adaptive Security […]

A vulnerability was found in Adobe Experience Manager. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-26119. The attack may be launched remotely. There is no exploit available.

OAuth Labs: OAuth 2.0 Vulnerabilites

Acronis Cyber Protect/Backup Remote Code Execution

Fortinet FortiManager Unauthenticated Remote Code Execution

Asterisk AMI Originate Authenticated Remote Code Execution

A vulnerability, which was classified as critical, has been found in GNU wget up to 1.19.4. This issue affects the function resp_new of the file http.c of the component Cookie Handler. The manipulation with the input \r\n leads to improper input validation. The identification of this vulnerability is CVE-2018-0494. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Debian Security Advisory 5823-1

Sorb is Allegedly Selling the Data of Certified Training Institute

Debian Security Advisory 5815-2

Organizations that rely on their content delivery network provider for Web application firewall services may be inadvertently leaving themselves open to attack.

Paxton Net2 Information Disclosure / Incorrect Access Control

NASA 的机房被水淹了

Rey Claims to have Leaked the Data of Pardes Institute of Jewish Studies

Rey Claims to have Leaked the Data of GoTravel

Microsoft Warbird and PMP Security Research

A vulnerability was found in Fuji Electric Tellus Lite 4.0.20.0 and classified as critical. This issue affects some unknown processing of the component V8 File Parser. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2024-11799. The attack may be initiated remotely. There is no exploit available.