Ransomware Payments Are Down
Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6...
GitHub code-signing certificates stolen (but will be revoked this week)
Simply put: someone used a pre-generated access code acquired from who-knows-where to leech the...
New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of...
Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years
A shellcode-based packer dubbed TrickGate has been successfully operating without attracting...
Critical QNAP NAS vulnerability fixed, update your device ASAP! (CVE-2022-27596)
QNAP Systems has fixed a critical vulnerability affecting QNAP network-attached storage devices,...
Amid FTX's burning wreckage, Japanese outpost promises asset withdrawals in February
A Monday post from FTX Japan states the outfit plans to allow withdrawals from an unspecified...
3 ways to stop cybersecurity concerns from hindering utility infrastructure modernization efforts
Utility infrastructure is in dire need of modernization.
Integrating real-time data...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
| Vendor | Last 12 months | # |
| 1490 | ||
| Fedoraproject | 896 | |
| Microsoft | 891 | |
| Debian | 743 | |
| Oracle | 501 |
Latest Vulnerabilities
-
CVE-2023-22240
7.8Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in...
-
CVE-2023-22241
7.8Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in...
-
CVE-2023-22242
7.8Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in...
-
CVE-2022-42386 - Out-of-bounds Read vulnerability in Tracker-Software Pdf-Xchange Editor
5.5This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the...
-
CVE-2022-42387 - Out-of-bounds Read vulnerability in Tracker-Software Pdf-Xchange Editor
5.5This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the...
Latest Critical Vulnerabilities
-
CVE-2022-4305
9.8The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to...
-
CVE-2022-4383
9.8The CBX Petition for WordPress plugin through 1.0.3 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users,...
-
CVE-2023-24028 - Unspecified vulnerability in Misp-Project Misp 2.4.167
9.8In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function.
-
CVE-2020-21152 - SQL Injection vulnerability in Inxedu 2.0.6
9.8SQL Injection vulnerability in inxedu 2.0.6 allows attackers to execute arbitrary commands via the functionIds parameter to /saverolefunction.
-
CVE-2020-22653 - Unspecified vulnerability in Ruckuswireless products
9.8In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200)...
-
CVE-2020-22654 - Unspecified vulnerability in Ruckuswireless products
9.8In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200)...
-
CVE-2020-22657 - Improper Authentication vulnerability in Ruckuswireless products
9.1In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200)...
-
CVE-2020-22658 - Unspecified vulnerability in Ruckuswireless products
9.8In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200)...