NAME__________Etsy Shop Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Etsy Shop plugin for WordPress 3.0.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Etsy Shop Plugin for...
NAME__________Peplink Surf SOHO HW1 command executionPlatforms Affected:Peplink Surf SOHO HW1 6.3.5Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Peplink Surf SOHO HW1 could allow a...
NAME__________Zebra Technologies ZTC ZT410-203dpi ZPL printer security bypassPlatforms Affected:Zebra Technologies ZTC ZT410Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Zebra Technologies ZTC ZT410-203dpi ZPL printer...
NAME__________SoftEther VPN denial of servicePlatforms Affected:SoftEther VPN 5.01.9674 SoftEther VPN 5.02Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SoftEther VPN is vulnerable to a...
NAME__________SoftEther VPN denial of servicePlatforms Affected:SoftEther VPN 5.01.9674 SoftEther VPN 5.02Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SoftEther VPN is vulnerable to a...
NAME__________Sante FFT Imaging code executionPlatforms Affected:Santesoft Sante FFT Imaging 1.4.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Sante FFT Imaging could allow a remote attacker...
NAME__________Siemens Xpedition Layout Browser buffer overflowPlatforms Affected:Siemens Xpedition Layout BrowserRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens Xpedition Layout Browser is vulnerable to a...
NAME__________NASA Open MCT denial of servicePlatforms Affected:NASA Open MCT 2.2.5Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NASA Open MCT is vulnerable to a denial...
NAME__________Thumbnail Slider With Lightbox Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Thumbnail Slider With Lightbox Plugin for WordPress 1.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain...
NAME__________LINE App for iOS weak securityPlatforms Affected:LINE LINE App for iOS 13.15.0Risk Level:7.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________LINE App for iOS could provide...
NAME__________Siemens SINEC NMS code executionPlatforms Affected:Siemens SINEC NMSRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens SINEC NMS could allow a local authenticated attacker to...
NAME__________SoftEther VPN denial of servicePlatforms Affected:SoftEther VPN 5.01.9674 SoftEther VPN 5.02Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SoftEther VPN is vulnerable to a...
NAME__________taoCMS cross-site scriptingPlatforms Affected:taoCMS taoCMS 2.5 beta5.1Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________taoCMS is vulnerable to cross-site scripting, caused by improper validation of...
curl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long...
Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers' private...
A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021,...
Malicious NuGet packages appearing to have over 2 million downloads impersonate crypto wallets, crypto exchange, and Discord libraries to infect developers...
Internet-exposed WS_FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks. As recently observed by Sophos...
The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along...
Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities...
Microsoft announced a new AI bounty program focused on the AI-driven Bing experience, with rewards reaching $15,000. With the AI-powered...
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- agentLocal privilege escalation due to improper soft link handling. The...
(Currently) Fully Undetected same-process native/.NET assembly shellcode injector based on RecycledGate by thefLink, which is also based on HellsGate +...
Company Name: b'Nord Security' Company HackerOne URL: https://hackerone.com/nordsecurity Submitted By:b'tvmbug'Link to Submitters Profile:https://hackerone.com/b'tvmbug' Report Title:b'Stored XSS at nordvpn.com'Report Link:https://hackerone.com/reports/1841042Date Submitted:12...
