CVE Alert: CVE-2025-26156
Vulnerability Summary: CVE-2025-26156 A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote...
Month: February 2025
CVE Alert: CVE-2025-25997
Vulnerability Summary: CVE-2025-25997 Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain sensitive information via the...
CVE Alert: CVE-2025-26158
Vulnerability Summary: CVE-2025-26158 A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management...
CVE Alert: CVE-2025-0503
Vulnerability Summary: CVE-2025-0503 Mattermost versions 9.11.x
CVE Alert: CVE-2025-25288
Vulnerability Summary: CVE-2025-25288 @octokit/plugin-paginate-rest is the Octokit plugin to paginate REST API endpoint responses. For versions starting in 1.0.0 and...
CVE Alert: CVE-2025-25285
Vulnerability Summary: CVE-2025-25285 @octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version...
CVE Alert: CVE-2025-25290
Vulnerability Summary: CVE-2025-25290 @octokit/request sends parameterized requests to GitHub’s APIs with sensible defaults in browsers and Node. Starting in version...
CVE Alert: CVE-2025-25297
Vulnerability Summary: CVE-2025-25297 Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's S3 storage...
CVE Alert: CVE-2025-25289
Vulnerability Summary: CVE-2025-25289 @octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version...
CVE Alert: CVE-2022-28693
Vulnerability Summary: CVE-2022-28693 Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user...
CVE Alert: CVE-2025-25296
Vulnerability Summary: CVE-2025-25296 Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's `/projects/upload-example` endpoint...
CVE Alert: CVE-2025-0593
Vulnerability Summary: CVE-2025-0593 The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level...
CVE Alert: CVE-2022-26083
Vulnerability Summary: CVE-2022-26083 Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow...
CVE Alert: CVE-2025-0592
Vulnerability Summary: CVE-2025-0592 The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the...
CISA: Microsoft Releases January 2025 Security Updates
Microsoft Releases January 2025 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...
CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap
CISA and Partners Release Call to Action to Close the National Software Understanding Gap Today, CISA—in partnership with the Defense Advanced...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 16, 2025. These...
CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...
CISA: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications CISA, in partnership with...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These...
