NAME__________CONPROSYS HMI System SQL injectionPlatforms Affected:Contec CONPROSYS HMI System 3.5.1 Contec CONPROSYS HMI System 3.5.0Risk Level:7.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________CONPROSYS HMI System...
NAME__________PDF-XChange Editor information disclosurePlatforms Affected:Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to obtain sensitive information, caused by...
NAME__________Seiko SkyBridge MB-A100 and MB-A110 security bypassPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Seiko SkyBridge MB-A100 and MB-A110 could allow a remote attacker...
NAME__________Seiko SkyBridge MB-A100 and MB-A110 weak securityPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Other DESCRIPTION__________Seiko SkyBridge MB-A100 and MB-A110 could provide weaker than expected security,...
NAME__________PDF-XChange Editor code executionPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary code on the...
NAME__________PDF-XChange Editor code executionPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary code on the...
NAME__________PDF-XChange Editor code executionPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary code on the...
NAME__________Seiko SkyBridge MB-A100 and MB-A110 information disclosurePlatforms Affected:Risk Level:3.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Seiko SkyBridge MB-A100 and MB-A110 could allow a remote authenticated...
NAME__________Seiko SkyBridge MB-A200 and SkyBridge BASIC MB-A130 security bypassPlatforms Affected:Risk Level:4.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Seiko SkyBridge MB-A200 and SkyBridge BASIC MB-A130 could...
NAME__________NetComm NF20MESH, NF20, and NL1902 routers security bypassPlatforms Affected:NetComm NF20MESH NetComm NF20 NetComm NL1902Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NetComm NF20MESH, NF20, and...
NAME__________Seiko SkyBridge MB-A200, SkyBridge BASIC MB-A130, and SkySpider MB-R210 weak securityPlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Other DESCRIPTION__________Seiko SkyBridge MB-A200, SkyBridge BASIC MB-A130, and...
NAME__________Screen Creator Advance 2 buffer overflowPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Screen Creator Advance 2 is vulnerable to a buffer overflow, caused...
NAME__________HAProxy request smugglingPlatforms Affected:Risk Level:5.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________HAProxy is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP headers...
NAME__________PDF-XChange Editor code executionPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary code on the...
The adversary behind the supply chain attack targeting 3CX deployed a second-stage implant specifically singling out a small number of...
Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service...
Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems....
The Cybersecurity and Infrastructure Security Agency (CISA) warned federal agencies to patch a Zimbra Collaboration (ZCS) cross-site scripting flaw exploited...
Today, the U.S. Department of Justice seized six virtual currency accounts containing over $112 million in funds stolen in cryptocurrency...
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without...
Some of the victims affected by the 3CX supply chain attack have also had their systems backdoored with Gopuram malware,...
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications. London-based...
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a...
