Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search
Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search

Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search

2024-05-23 08:44

A massive Microsoft outage in some regions affects Bing.com, Copilot for web and mobile, Copilot...

UK data watchdog wants six figures from N Ireland cops after 2023 data leak

UK data watchdog wants six figures from N Ireland cops after 2023 data leak

2024-05-23 08:30

Following a data leak that brought "Tangible fear of threat to life", the UK's data...

HHS pledges $50M for autonomous vulnerability management solution for hospitals

HHS pledges $50M for autonomous vulnerability management solution for hospitals

2024-05-23 07:14

As organizations in the healthcare sector continue to be a prime target for ransomware gangs and...

How Apple Wi-Fi Positioning System can be abused to track people around the globe

How Apple Wi-Fi Positioning System can be abused to track people around the globe

2024-05-23 06:34

Your profile can be used to present content that appears more relevant based on your possible...

Would you buy Pegasus spyware from this scammer?

Would you buy Pegasus spyware from this scammer?

2024-05-23 05:45

Your profile can be used to present content that appears more relevant based on your possible...

The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell

The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell

2024-05-23 05:33

Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the...

CISOs pursuing AI readiness should start by updating the org’s email security policy

CISOs pursuing AI readiness should start by updating the org’s email security policy

2024-05-23 05:00

Conduct regular security training, especially with staff members who work with sensitive data...

Vulnerabilities by Risk level (Last 12 months)

Risk level Last 12 months #
Critical 3834
High 9328
Medium 11099
Low 376

Vulnerabilities by Vendor (Last 12 months)

Vendor Last 12 months #
Google 1283
Microsoft 817
Apple 527
Adobe 487
Fedoraproject 485

Latest Vulnerabilities

  • CVE-2024-4261

    5.4

    The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.9.1. This is due to the...

    network
    low complexity
  • CVE-2024-4262

    7.2

    The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.4.28 due to insufficient input...

    network
    low complexity
  • CVE-2024-2036

    4.3

    The ApplyOnline – Application Form Builder and Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the aol_modal_box AJAX action in all...

    network
    low complexity
  • CVE-2024-3495

    9.8

    The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on...

    network
    low complexity
    critical
  • CVE-2024-4362

    6.4

    The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siteorigin_widget' shortcode in all versions up to, and including, 1.60.0 due to...

    network
    low complexity

Latest Critical Vulnerabilities

  • CVE-2024-3495

    9.8

    The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on...

    network
    low complexity
    critical
  • CVE-2024-5147

    9.8

    The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'grid_style' parameter. This...

    network
    low complexity
    critical
  • CVE-2024-4443

    9.8

    The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and...

    network
    low complexity
    critical
  • CVE-2024-3658

    9.8

    The Build App Online plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.21. This is due to missing authentication checking in the 'set_user_cart'...

    network
    low complexity
    critical
  • CVE-2024-2771

    9.8

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the...

    network
    low complexity
    critical
  • CVE-2024-3551

    9.8

    The Penci Soledad Data Migrator plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.0 via the 'data' parameter. This makes it possible for...

    network
    low complexity
    critical
  • CVE-2024-4223

    9.8

    The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to,...

    network
    low complexity
    critical
  • CVE-2024-4893

    9.8

    DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and...

    network
    low complexity
    CWE-89
    critical