23andMe responds to breach with new suit-limiting user terms
Security in brief The saga of 23andMe's mega data breach has reached something of a...
Playbook: Your First 100 Days as a vCISO - 5 Steps to Success
In an increasingly digital world, no organization is spared from cyber threats. Yet, not every...
SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users
Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play...
Webinar — Psychology of Social Engineering: Decoding the Mind of a Cyber Attacker
In the ever-evolving cybersecurity landscape, one method stands out for its chilling...
VictoriaMetrics takes organic growth over investor pressure
Co-founder Roman Khavronenko, who was speaking to us at a recent Kubecon event about open...
Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support
With its innovative feature for generating reliable Vulnerability Exploitability eXchange...
Why are IT professionals not automating?
The survey results clearly indicate that many IT professionals are not familiar with or...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
| Vendor | Last 12 months | # |
| 1806 | ||
| Microsoft | 947 | |
| Fedoraproject | 488 | |
| Apple | 485 | |
| Debian | 482 |
Latest Vulnerabilities
-
CVE-2023-5008
9.8Student Information System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'regno' parameter of index.php page, allowing an external attacker to dump all the contents...
-
CVE-2023-4122
9.9Student Information System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'photo' parameter of my-profile page, allowing an authenticated attacker to obtain Remote Code...
networklow complexitycritical -
CVE-2023-35618
9.6Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
networklow complexitycritical -
CVE-2023-36880
4.8Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
networkhigh complexity -
CVE-2023-38174
4.3Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
networklow complexity
Latest Critical Vulnerabilities
-
CVE-2023-5008
9.8Student Information System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'regno' parameter of index.php page, allowing an external attacker to dump all the contents...
-
CVE-2023-4122
9.9Student Information System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'photo' parameter of my-profile page, allowing an authenticated attacker to obtain Remote Code...
networklow complexitycritical -
CVE-2023-35618
9.6Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
networklow complexitycritical -
CVE-2023-49404 - Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
9.8Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.
-
CVE-2023-49405 - Out-of-bounds Write vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
9.8Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg.
-
CVE-2023-49406 - Unspecified vulnerability in Tenda W30E Firmware 16.01.0.12(4843)
9.8Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
-
CVE-2023-49408 - Out-of-bounds Write vulnerability in Tenda AX3 Firmware 16.03.12.11
9.8Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name.
-
CVE-2023-49409 - Unspecified vulnerability in Tenda AX3 Firmware 16.03.12.11
9.8Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet.