Month: January 2025

CVE Alert: CVE-2024-42172

January 12, 2025

Vulnerability Summary: CVE-2024-42172 HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens,...

CVE Alert: CVE-2024-42173

January 12, 2025

Vulnerability Summary: CVE-2024-42173 HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account...

CVE Alert: CVE-2024-11386

January 12, 2025

Vulnerability Summary: CVE-2024-11386 The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode...

CVE Alert: CVE-2024-42171

January 12, 2025

Vulnerability Summary: CVE-2024-42171 HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs...

CVE Alert: CVE-2024-42174

January 12, 2025

Vulnerability Summary: CVE-2024-42174 HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of...

CVE Alert: CVE-2024-11874

January 12, 2025

Vulnerability Summary: CVE-2024-11874 The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion'...

CVE Alert: CVE-2024-11915

January 12, 2025

Vulnerability Summary: CVE-2024-11915 The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to,...

CVE Alert: CVE-2024-12116

January 12, 2025

Vulnerability Summary: CVE-2024-12116 The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in...

CVE Alert: CVE-2024-11758

January 12, 2025

Vulnerability Summary: CVE-2024-11758 The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode...

CVE Alert: CVE-2024-11892

January 12, 2025

Vulnerability Summary: CVE-2024-11892 The Accordion Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'accordion_slider'...

CVE Alert: CVE-2024-12527

January 12, 2025

Vulnerability Summary: CVE-2024-12527 The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfect_portal_intake_form'...

CVE Alert: CVE-2024-12519

January 12, 2025

Vulnerability Summary: CVE-2024-12519 The TCBD Auto Refresher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tcbd_auto_refresh'...

CVE Alert: CVE-2024-12520

January 12, 2025

Vulnerability Summary: CVE-2024-12520 The Dominion – Domain Checker for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...

CVE Alert: CVE-2024-12407

January 12, 2025

Vulnerability Summary: CVE-2024-12407 The Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via...

CVE Alert: CVE-2024-12412

January 12, 2025

Vulnerability Summary: CVE-2024-12412 The Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration – WpRently | WordPress...

CVE Alert: CVE-2025-0390

January 12, 2025

Vulnerability Summary: CVE-2025-0390 A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This...

CVE Alert: CVE-2024-12877

January 12, 2025

Vulnerability Summary: CVE-2024-12877 The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection...

CVE Alert: CVE-2025-0392

January 12, 2025

Vulnerability Summary: CVE-2025-0392 A vulnerability, which was classified as critical, was found in Guangzhou Huayi Intelligent Technology Jeewms up to...

CVE Alert: CVE-2024-42175

January 12, 2025

Vulnerability Summary: CVE-2024-42175 HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts special characters and there...

CVE Alert: CVE-2025-0391

January 12, 2025

Vulnerability Summary: CVE-2025-0391 A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up...

Fake Job Offers from CrowdStrike Used by Cybercriminals to Distribute Cryptominer

January 12, 2025

Cybercriminals are leveraging fake job offers from CrowdStrike to spread dangerous cryptominers on unsuspecting victims' devices. Cybercriminals are impersonating recruiters...

CISA: Microsoft Releases December 2024 Security Updates

January 12, 2025

Microsoft Releases December 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...

CISA: Cisco Releases Security Updates for NX-OS Software

January 12, 2025

Cisco Releases Security Updates for NX-OS Software Cisco released security updates to address a vulnerability in Cisco NX-OS software. A...

CISA: Ivanti Releases Security Updates for Multiple Products

January 12, 2025

Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti...

Month: January 2025

CVE Alert: CVE-2024-42172

CVE Alert: CVE-2024-42173

CVE Alert: CVE-2024-11386

CVE Alert: CVE-2024-42171

CVE Alert: CVE-2024-42174

CVE Alert: CVE-2024-11874

CVE Alert: CVE-2024-11915

CVE Alert: CVE-2024-12116

CVE Alert: CVE-2024-11758

CVE Alert: CVE-2024-11892

CVE Alert: CVE-2024-12527

CVE Alert: CVE-2024-12519

CVE Alert: CVE-2024-12520

CVE Alert: CVE-2024-12407

CVE Alert: CVE-2024-12412

CVE Alert: CVE-2025-0390

CVE Alert: CVE-2024-12877

CVE Alert: CVE-2025-0392

CVE Alert: CVE-2024-42175

CVE Alert: CVE-2025-0391

Fake Job Offers from CrowdStrike Used by Cybercriminals to Distribute Cryptominer

CISA: Microsoft Releases December 2024 Security Updates

CISA: Cisco Releases Security Updates for NX-OS Software

CISA: Ivanti Releases Security Updates for Multiple Products

Fortifying Our Foundations: Cybersecurity for Critical Infrastructure

Magento Web Skimmer Campaign Targets Casio and Other E-commerce Sites

Increase in Malware Targeting Credential Stores: A Threefold Surge

Phishing Campaign Bypasses Microsoft ADFS MFA: Protect Your Organization

Infostealer Attacks Surge in EMEA Organizations: A Growing Threat to Data Security

You may have missed