CVE Alert: CVE-2024-50506
Vulnerability Summary: CVE-2024-50506 Incorrect Privilege Assignment vulnerability in Azexo Marketing Automation by AZEXO allows Privilege Escalation.This issue affects Marketing Automation...
Vulnerability Summary: CVE-2024-50506 Incorrect Privilege Assignment vulnerability in Azexo Marketing Automation by AZEXO allows Privilege Escalation.This issue affects Marketing Automation...
Vulnerability Summary: CVE-2024-50504 Incorrect Privilege Assignment vulnerability in Matt Whiteman Bulk Change Role allows Privilege Escalation.This issue affects Bulk Change...
Vulnerability Summary: CVE-2024-50511 Unrestricted Upload of File with Dangerous Type vulnerability in David DONISA WP donimedia carousel allows Upload a...
Vulnerability Summary: CVE-2024-50512 Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti Shipping allows Retrieve Embedded Sensitive Data.This...
Vulnerability Summary: CVE-2024-9632 A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a...
Vulnerability Summary: CVE-2024-50510 Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For Woocommerce allows...
Vulnerability Summary: CVE-2024-10525 In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet...
Vulnerability Summary: CVE-2024-8512 The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and...
Vulnerability Summary: CVE-2024-9388 The Black Widgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Vulnerability Summary: CVE-2024-3935 In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an...
Company Name: ProductBoard, Inc. Company HackerOne URL: https://hackerone.com/productboard Submitted By:mous_haxkLink to Submitters Profile:https://hackerone.com/mous_haxk Report Title:Insecure Invitation Link HandlingReport Link:https://hackerone.com/reports/2586433Date Submitted:31...
Ransomware Group: MEOW VICTIM NAME: Houston Housing Authority NOTE: No files or stolen information are by RedPacket Security. Any legal...
Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its...
LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to...
Ransomware Group: FOG VICTIM NAME: Askling Car (asklingbilse) NOTE: No files or stolen information are by RedPacket Security. Any legal...
Ransomware Group: RANSOMHUB VICTIM NAME: wwwmabeglobalcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Vulnerability Summary: CVE-2024-28052 The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet...
Vulnerability Summary: CVE-2024-51304 In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
Vulnerability Summary: CVE-2024-28875 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access...
Vulnerability Summary: CVE-2024-23309 The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due...
Vulnerability Summary: CVE-2024-24777 A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6....
Vulnerability Summary: CVE-2024-31151 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access...
Vulnerability Summary: CVE-2024-33626 The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive...
Vulnerability Summary: CVE-2024-33603 The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users...