CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 16, 2025. These...
Year: 2025
CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...
Cobalt Strike Beacon Detected – 103[.]136[.]150[.]182:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2024-12142
Vulnerability Summary: CVE-2024-12142 CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of...
CVE Alert: CVE-2024-12703
Vulnerability Summary: CVE-2024-12703 CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential...
CVE Alert: CVE-2024-13377
Vulnerability Summary: CVE-2024-13377 The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alt’ parameter in...
CVE Alert: CVE-2024-12476
Vulnerability Summary: CVE-2024-12476 CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure, impacts workstation...
CVE Alert: CVE-2024-10497
Vulnerability Summary: CVE-2024-10497 CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values...
CVE Alert: CVE-2024-10498
Vulnerability Summary: CVE-2024-10498 CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow...
CVE Alert: CVE-2025-0527
Vulnerability Summary: CVE-2025-0527 A vulnerability classified as critical was found in code-projects Admission Management System 1.0. Affected by this vulnerability...
CVE Alert: CVE-2025-0530
Vulnerability Summary: CVE-2025-0530 A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects...
CVE Alert: CVE-2025-0528
Vulnerability Summary: CVE-2025-0528 A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20....
CVE Alert: CVE-2025-0529
Vulnerability Summary: CVE-2025-0529 A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This...
HackerOne Bug Bounty Disclosure: cve-apache-airflow-format-string-vulnerability-leixiao
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:leixiaoLink to Submitters Profile:https://hackerone.com/leixiao Report Title:CVE-2022-40604: Apache Airflow: Format String...
HackerOne Bug Bounty Disclosure: object-level-access-control-leads-to-reading-user-s-full-requests-sessions-and-error-messages-mester-x
Company Name: Yelp Company HackerOne URL: https://hackerone.com/yelp Submitted By:mester_xLink to Submitters Profile:https://hackerone.com/mester_x Report Title:Object Level access control leads to reading...
CVE Alert: CVE-2024-45832
Vulnerability Summary: CVE-2024-45832 Hard-coded credentials were included as part of the application binary. These credentials served as part of the...
CVE Alert: CVE-2024-26153
Vulnerability Summary: CVE-2024-26153 All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 are vulnerable to cross-site request...
CVE Alert: CVE-2024-26156
Vulnerability Summary: CVE-2024-26156 All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross...
CVE Alert: CVE-2024-26157
Vulnerability Summary: CVE-2024-26157 All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross...
CVE Alert: CVE-2025-0531
Vulnerability Summary: CVE-2025-0531 A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some...
CVE Alert: CVE-2024-12757
Vulnerability Summary: CVE-2024-12757 Nedap Librix Ecoreader is missing authentication for critical functions that could allow an unauthenticated attacker to potentially...
CVE Alert: CVE-2024-53683
Vulnerability Summary: CVE-2024-53683 A valid set of credentials in a .js file and a static token for communication were obtained...
CVE Alert: CVE-2024-26154
Vulnerability Summary: CVE-2024-26154 All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross...
CVE Alert: CVE-2024-26155
Vulnerability Summary: CVE-2024-26155 All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text credentials in...
