NAME__________JetFormBuilder Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress JetFormBuilder Plugin for WordPress 3.0.6Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________JetFormBuilder Plugin for WordPress is...
NAME__________WP-Matomo Integration Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WP-Matomo Integration Plugin for WordPress 1.0.27Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP-Matomo Integration Plugin for...
NAME__________Apache Cassandra privilege escalationPlatforms Affected:Apache Cassandra 4.0.0 Apache Cassandra 4.0.9 Apache Cassandra 4.1.0 Apache Cassandra 4.1.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Apache Cassandra...
NAME__________Advantech WebAccess/SCADA code executionPlatforms Affected:Advantech WebAccess/SCADA 8.4.5Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Advantech WebAccess/SCADA could allow a remote authenticated attacker to execute arbitrary...
NAME__________Pydio Cells server-side request forgeryPlatforms Affected:Pydio Cells 4.1.2Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Pydio Cells is vulnerable to server-side request forgery, caused by...
NAME__________Pydio Cells cross-site scriptingPlatforms Affected:Pydio Cells 4.1.2Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pydio Cells is vulnerable to cross-site scripting, caused by improper validation...
NAME__________Google Chrome Downloads security bypassPlatforms Affected:Google Chrome 114.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security...
NAME__________VMware Workspace ONE Access and Identity Manager open redirectPlatforms Affected:VMware Cloud Foundation VMware Identity Manager 3.3.6 VMware Workspace ONE Access...
NAME__________OpenSSL denial of servicePlatforms Affected:OpenSSL OpenSSL 1.1.1 OpenSSL OpenSSL 1.0.2 OpenSSL OpenSSL 3.0.0 OpenSSL OpenSSL 3.1.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenSSL...
NAME__________Image Optimizer by 10web plugin for WordPress directory traversalPlatforms Affected:WordPress Image Optimizer by 10web Plugin for WordPress 1.0.26Risk Level:2.7Exploitability:UnprovenConsequences:Obtain Information...
NAME__________Add to Feedly Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Add to Feedly Plugin for WordPress 1.2.11Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Add to...
NAME__________VMware Workspace ONE Access and Identity Manager security bypassPlatforms Affected:VMware Cloud Foundation VMware Workspace ONE Access 21.08.0.0 VMware Identity Manager...
NAME__________Google Chrome Installer security bypassPlatforms Affected:Google Chrome 114.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security...
NAME__________Google Chrome Extensions security bypassPlatforms Affected:Google Chrome 114.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security...
Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances...
Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication...
Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker...
Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code...
A new Android malware distributed as an advertisement SDK has been discovered in multiple apps, many previously on Google Play...
Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection (SIP) to install "undeletable"...
A new campaign distributing the RomCom backdoor malware is impersonating the websites of well-known or fictional software, tricking users into...
Image: Bing Image Creator Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been...
Automattic, the company behind the open-source WordPress content management system, has started force installing a security patch on millions of...
The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity...
