CVE Alert: CVE-2024-43984
Vulnerability Summary: CVE-2024-43984 Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher allows Code Injection.This issue affects Podlove Podcast...
Vulnerability Summary: CVE-2024-43984 Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher allows Code Injection.This issue affects Podlove Podcast...
Vulnerability Summary: CVE-2024-43933 Cross-Site Request Forgery (CSRF) vulnerability in WPMobile.App allows Stored XSS.This issue affects WPMobile.App: from n/a through 11.48....
Vulnerability Summary: CVE-2024-8934 A local user with administrative access rights can enter specialy crafted values for settings at the user...
Vulnerability Summary: CVE-2024-8553 A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an...
Vulnerability Summary: CVE-2024-51254 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
Vulnerability Summary: CVE-2024-42835 langflow v1.0.12 was discovered to contain a remote code execution (RCE) vulnerability via the PythonCodeTool component. Affected...
Vulnerability Summary: CVE-2024-51259 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
Vulnerability Summary: CVE-2024-48910 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to...
Ransomware Group: RHYSIDA VICTIM NAME: Hope Valley Recovery NOTE: No files or stolen information are by RedPacket Security. Any legal...
Ransomware Group: CACTUS VICTIM NAME: lsstac NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even...
Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate...
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk...
Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time...
The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...
Vulnerability Summary: CVE-2024-51255 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
Vulnerability Summary: CVE-2024-8185 Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service...
Vulnerability Summary: CVE-2024-50354 gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0...
Vulnerability Summary: CVE-2024-51260 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
Vulnerability Summary: CVE-2024-51478 YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic...
Vulnerability Summary: CVE-2024-50356 Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The...
Vulnerability Summary: CVE-2024-51482 ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.*
Vulnerability Summary: CVE-2024-7883 When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via...