Why organizations shouldn’t fold to cybercriminal requests
Why organizations shouldn’t fold to cybercriminal requests

Why organizations shouldn’t fold to cybercriminal requests

2023-03-24 04:30

Organizations worldwide pay ransomware fees instead of implementing solutions to protect...

In uncertain times, organizations prioritize tech skills development

In uncertain times, organizations prioritize tech skills development

2023-03-24 04:00

Though 65% of tech team leaders have been asked to cut costs, 72% still plan to increase their...

Uncle Sam reveals it sent cyber-soldiers to Albania to hunt for Iranian threats

Uncle Sam reveals it sent cyber-soldiers to Albania to hunt for Iranian threats

2023-03-24 01:05

US Cyber Command operators have confirmed they carried out an online defensive mission in...

Microsoft Teams, Virtualbox, Tesla zero-days exploited at Pwn2Own

Microsoft Teams, Virtualbox, Tesla zero-days exploited at Pwn2Own

2023-03-23 23:33

Competitors successfully exploited zero-day bugs in multiple products during the second day of...

BlackGuard stealer now targets 57 crypto wallets, extensions

BlackGuard stealer now targets 57 crypto wallets, extensions

2023-03-23 22:08

A new variant of the BlackGuard stealer has been spotted in the wild, featuring new capabilities...

Critical infrastructure gear is full of flaws, but hey, at least it's certified

Critical infrastructure gear is full of flaws, but hey, at least it's certified

2023-03-23 21:59

Devices used in critical infrastructure are riddled with vulnerabilities that can cause denial...

WordPress force patching WooCommerce plugin with 500K installs

WordPress force patching WooCommerce plugin with 500K installs

2023-03-23 21:39

Automattic, the company behind the WordPress content management system, is force installing a...

Vulnerabilities by Risk level (Last 12 months)

Risk level Last 12 months #
Critical 3038
High 7246
Medium 10675
Low 1530

Vulnerabilities by Vendor (Last 12 months)

Vendor Last 12 months #
Google 1488
Microsoft 898
Fedoraproject 724
Debian 704
Apple 468

Latest Vulnerabilities

  • CVE-2023-26359

    9.8

    Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code...

    network
    low complexity
    CWE-502
    critical
  • CVE-2023-26360

    8.6

    Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the...

    network
    low complexity
    CWE-284
  • CVE-2023-26361

    4.9

    Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')...

    network
    low complexity
    CWE-22
  • CVE-2022-4224

    8.8

    In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.

    network
    low complexity
    CWE-668
  • CVE-2018-25048

    8.8

    The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.

    network
    low complexity
    CWE-22

Latest Critical Vulnerabilities