Korea arrests CEO for adding DDoS feature to satellite receivers
South Korean police have arrested a CEO and five employees for manufacturing over 240,000...
Russia sentences Hydra dark web market leader to life in prison
Russian authorities have sentenced the leader of the criminal group behind the now-closed dark...
The shocking speed of AWS key exploitation
It’s no secret that developers often inadvertently expose AWS access keys online and we know...
Discover the future of Linux security
Explore open source strategies to safeguard critical systems and data Webinar Linux security is...
A Guide to Securing AI App Development: Join This Cybersecurity Webinar
Artificial Intelligence (AI) is no longer a far-off dream—it’s here, changing the way we live....
SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan
Taiwanese entities in manufacturing, healthcare, and information technology sectors have become...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
Latest Vulnerabilities
-
CVE-2024-11252
6.1The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including,...
-
CVE-2024-49803
9.8IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
-
CVE-2024-49804
7.8IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a locally authenticated non-administrative user to escalate their privileges due to unnecessary permissions used to perform...
-
CVE-2024-49805
9.4IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound...
-
CVE-2024-49806
9.4IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound...
Latest Critical Vulnerabilities
-
CVE-2024-49803
9.8IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
-
CVE-2024-49805
9.4IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound...
-
CVE-2024-49806
9.4IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound...
-
CVE-2024-11103
9.8The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due to the plugin not properly validating...
-
CVE-2024-49038
9.3Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network.
-
CVE-2017-11076
9.8On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
-
CVE-2017-17772
9.8In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
-
CVE-2018-11922
9.8Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.