CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 19, 2024. These...
Month: December 2024
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Best Practice Guidance for Mobile Communications
CISA Releases Best Practice Guidance for Mobile Communications Today, CISA released Mobile Communications Best Practice Guidance. The guidance was crafted...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on December 17, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Cobalt Strike Beacon Detected – 47[.]92[.]214[.]161:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 121[.]37[.]41[.]191:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 49[.]0[.]243[.]129:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 170[.]130[.]165[.]84:444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]90[.]142[.]15:5432
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2024-52361
Vulnerability Summary: CVE-2024-52361 IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can...
CVE Alert: CVE-2024-47810
Vulnerability Summary: CVE-2024-47810 A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially...
CVE Alert: CVE-2024-45082
Vulnerability Summary: CVE-2024-45082 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct...
CVE Alert: CVE-2024-49576
Vulnerability Summary: CVE-2024-49576 A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBF_Widget object. A specially...
CVE Alert: CVE-2024-47119
Vulnerability Summary: CVE-2024-47119 IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could...
CVE Alert: CVE-2024-55086
Vulnerability Summary: CVE-2024-55086 In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be achieved in the...
CVE Alert: CVE-2024-41752
Vulnerability Summary: CVE-2024-41752 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote...
CVE Alert: CVE-2024-25042
Vulnerability Summary: CVE-2024-25042 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting...
CVE Alert: CVE-2024-55492
Vulnerability Summary: CVE-2024-55492 Winmail Server 4.4 is vulnerable to f_user=%22%3E%3Csvg%20onload Cross Site Scripting (XSS). Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-54383
Vulnerability Summary: CVE-2024-54383 Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers:...
HackerOne Bug Bounty Disclosure: bypass-of-this-fixed-inadequate-protocol-restriction-enforcement-in-curl-hackeriron
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:hackeriron1Link to Submitters Profile:https://hackerone.com/hackeriron1 Report Title:bypass of this Fixed #2437131 Report Link:https://hackerone.com/reports/2905552Date...
CVE Alert: CVE-2024-56052
Vulnerability Summary: CVE-2024-56052 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to...
CVE Alert: CVE-2024-54381
Vulnerability Summary: CVE-2024-54381 Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects Advance Menu Manager: from n/a through 3.1.1....
CVE Alert: CVE-2024-56051
Vulnerability Summary: CVE-2024-56051 Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects...
