[FOG] – Ransomware Victim: Gitlabs: Chalmers tekniska högskola, Fligno, 3SS
Ransomware Group: FOG VICTIM NAME: Gitlabs: Chalmers tekniska högskola, Fligno, 3SS NOTE: No files or stolen information are by RedPacket...
Year: 2025
CVE Alert: CVE-2024-57430
Vulnerability Summary: CVE-2024-57430 An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to...
CVE Alert: CVE-2024-57429
Vulnerability Summary: CVE-2024-57429 A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows...
CVE Alert: CVE-2024-57428
Vulnerability Summary: CVE-2024-57428 A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input...
CVE Alert: CVE-2025-1078
Vulnerability Summary: CVE-2025-1078 A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1.29 on macOS and classified...
CVE Alert: CVE-2024-57427
Vulnerability Summary: CVE-2024-57427 PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS). Multiple endpoints improperly handle user...
CVE Alert: CVE-2025-24981
Vulnerability Summary: CVE-2025-24981 MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component....
CVE Alert: CVE-2024-13416
Vulnerability Summary: CVE-2024-13416 Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens...
CVE Alert: CVE-2024-57523
Vulnerability Summary: CVE-2024-57523 Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers...
CVE Alert: CVE-2025-22992
Vulnerability Summary: CVE-2025-22992 A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability...
CVE Alert: CVE-2025-22867
Vulnerability Summary: CVE-2025-22867 On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the...
HackerOne Bug Bounty Disclosure: error-page-content-spoofing-or-text-injection-mcblockchamp
Company Name: XVIDEOS Company HackerOne URL: https://hackerone.com/xvideos Submitted By:mcblockchampLink to Submitters Profile:https://hackerone.com/mcblockchamp Report Title:Error Page Content Spoofing or Text InjectionReport...
HackerOne Bug Bounty Disclosure: cve-netrc-and-default-credential-leak-sherlock
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:sherlock2010Link to Submitters Profile:https://hackerone.com/sherlock2010 Report Title:CVE-2025-0167: netrc and default credential leakReport Link:https://hackerone.com/reports/2917232Date...
HackerOne Bug Bounty Disclosure: cve-django-potential-sql-injection-in-haskey-lhs-rhs-on-oracle-scyoon
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:scyoonLink to Submitters Profile:https://hackerone.com/scyoon Report Title:CVE-2024-53908: Django Potential SQL injection...
HackerOne Bug Bounty Disclosure: cve-eventfd-double-close-ankomcoper
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:ankomcoperLink to Submitters Profile:https://hackerone.com/ankomcoper Report Title:CVE-2025-0665: eventfd double closeReport Link:https://hackerone.com/reports/2954286Date Submitted:07 February...
CISA: Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software
Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software CISA is collaborating with private industry partners to respond...
[RANSOMHUB] – Ransomware Victim: teamues[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: teamuescom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2025-24786
Vulnerability Summary: CVE-2025-24786 WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in...
CVE Alert: CVE-2025-24787
Vulnerability Summary: CVE-2025-24787 WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter...
CVE Alert: CVE-2024-52892
Vulnerability Summary: CVE-2024-52892 IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an...
CVE Alert: CVE-2024-47256
Vulnerability Summary: CVE-2024-47256 Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin access privileges) to...
CVE Alert: CVE-2024-47258
Vulnerability Summary: CVE-2024-47258 2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle...
CVE Alert: CVE-2024-13417
Vulnerability Summary: CVE-2024-13417 Specifically crafted payloads sent to the RFID reader could cause DoS of RFID reader. After the device...
CVE Alert: CVE-2025-0158
Vulnerability Summary: CVE-2025-0158 IBM EntireX 11.1 could allow a local user to cause a denial of service due to an...
