

Evasive Gelsemium hackers spotted in attack against Asian govt
A stealthy advanced persistent threat tracked as Gelsemium was observed in attacks targeting a...

National Student Clearinghouse data breach impacts 890 schools
U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting...

Air Canada discloses data breach of employee and 'certain records'
Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security...

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed...

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an...

Cisco to Acquire Splunk for $28 Billion, Accelerating AI-Enabled Security and Observability
On Thursday Cisco agreed to buy Splunk in a $28 billion deal intended to address AI-enabled...

Friday Squid Blogging: New Squid Species
New research on fossils has revealed that a vampire-like ancient squid haunted Earth's...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
Vendor | Last 12 months | # |
1633 | ||
Microsoft | 937 | |
Apple | 515 | |
Fedoraproject | 459 | |
Debian | 444 |
Latest Vulnerabilities
-
CVE-2023-4716
6.4The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mla_gallery' shortcode in versions up to, and including, 3.10 due to insufficient input...
-
CVE-2023-4774
6.4The WP-Matomo Integration (WP-Piwik) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient...
-
CVE-2023-41614 - Cross-site Scripting vulnerability in ZOO Management System Project ZOO Management System 1.0
4.8A stored cross-site scripting (XSS) vulnerability in the Add Animal Details function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
-
CVE-2023-41616 - Cross-site Scripting vulnerability in Student Management System Project Student Management System 1.0
4.8A reflected cross-site scripting (XSS) vulnerability in the Search Student function of Student Management System v1.2.3 and before allows attackers to execute arbitrary Javascript in the context...
-
CVE-2023-43274 - SQL Injection vulnerability in PHPjabbers PHP Shopping Cart 4.2
7.5Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL Injection via the id parameter.
Latest Critical Vulnerabilities
-
CVE-2023-43235 - Out-of-bounds Write vulnerability in Dlink Dir-823G Firmware 1.0.2B05
9.8D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings.
-
CVE-2023-43236 - Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05
9.8D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.
-
CVE-2023-43237 - Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05
9.8D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.
-
CVE-2023-43238 - Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05
9.8D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi.
-
CVE-2023-43239 - Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05
9.8D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.
-
CVE-2023-43240 - Out-of-bounds Write vulnerability in Dlink Dir-816 A2 Firmware 1.10Cnb05
9.8D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter.
-
CVE-2023-43241 - Out-of-bounds Write vulnerability in Dlink Dir-823G Firmware 1.0.2B05
9.8D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.
-
CVE-2023-43242 - Out-of-bounds Write vulnerability in Dlink Dir-816A2 Firmware 1.10Cnb05
9.8D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.