23andMe responds to breach with new suit-limiting user terms
23andMe responds to breach with new suit-limiting user terms

23andMe responds to breach with new suit-limiting user terms

2023-12-11 11:46

Security in brief The saga of 23andMe's mega data breach has reached something of a...

Playbook: Your First 100 Days as a vCISO - 5 Steps to Success

Playbook: Your First 100 Days as a vCISO - 5 Steps to Success

2023-12-11 11:45

In an increasingly digital world, no organization is spared from cyber threats. Yet, not every...

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

2023-12-11 11:30

Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play...

Webinar — Psychology of Social Engineering: Decoding the Mind of a Cyber Attacker

Webinar — Psychology of Social Engineering: Decoding the Mind of a Cyber Attacker

2023-12-11 10:53

In the ever-evolving cybersecurity landscape, one method stands out for its chilling...

VictoriaMetrics takes organic growth over investor pressure

VictoriaMetrics takes organic growth over investor pressure

2023-12-11 10:15

Co-founder Roman Khavronenko, who was speaking to us at a recent Kubecon event about open...

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

2023-12-11 07:57

With its innovative feature for generating reliable Vulnerability Exploitability eXchange...

Why are IT professionals not automating?

Why are IT professionals not automating?

2023-12-11 06:00

The survey results clearly indicate that many IT professionals are not familiar with or...

Vulnerabilities by Risk level (Last 12 months)

Risk level Last 12 months #
Critical 4534
High 10504
Medium 12443
Low 440

Vulnerabilities by Vendor (Last 12 months)

Vendor Last 12 months #
Google 1806
Microsoft 947
Fedoraproject 488
Apple 485
Debian 482

Latest Vulnerabilities

  • CVE-2023-5008

    9.8

    Student Information System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'regno' parameter of index.php page, allowing an external attacker to dump all the contents...

    network
    low complexity
    CWE-89
    critical
  • CVE-2023-4122

    9.9

    Student Information System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'photo' parameter of my-profile page, allowing an authenticated attacker to obtain Remote Code...

    network
    low complexity
    critical
  • CVE-2023-35618

    9.6

    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

    network
    low complexity
    critical
  • CVE-2023-36880

    4.8

    Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

    network
    high complexity
  • CVE-2023-38174

    4.3

    Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

    network
    low complexity

Latest Critical Vulnerabilities