CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe released security updates to address vulnerabilities in multiple Adobe software products including...
CISA: Microsoft Releases January 2025 Security Updates
Microsoft Releases January 2025 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on January 14, 2025. These...
CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap
CISA and Partners Release Call to Action to Close the National Software Understanding Gap Today, CISA—in partnership with the Defense Advanced...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 16, 2025. These...
CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...
Cobalt Strike Beacon Detected – 103[.]136[.]150[.]182:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2024-12142
Vulnerability Summary: CVE-2024-12142 CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of...
CVE Alert: CVE-2024-12703
Vulnerability Summary: CVE-2024-12703 CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential...
CVE Alert: CVE-2024-13377
Vulnerability Summary: CVE-2024-13377 The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alt’ parameter in...
CVE Alert: CVE-2024-12476
Vulnerability Summary: CVE-2024-12476 CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure, impacts workstation...
CVE Alert: CVE-2024-10497
Vulnerability Summary: CVE-2024-10497 CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values...
CVE Alert: CVE-2024-10498
Vulnerability Summary: CVE-2024-10498 CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow...
CVE Alert: CVE-2025-0527
Vulnerability Summary: CVE-2025-0527 A vulnerability classified as critical was found in code-projects Admission Management System 1.0. Affected by this vulnerability...
CVE Alert: CVE-2025-0530
Vulnerability Summary: CVE-2025-0530 A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. This vulnerability affects...
CVE Alert: CVE-2025-0528
Vulnerability Summary: CVE-2025-0528 A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20....
CVE Alert: CVE-2025-0529
Vulnerability Summary: CVE-2025-0529 A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This...
HackerOne Bug Bounty Disclosure: cve-apache-airflow-format-string-vulnerability-leixiao
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:leixiaoLink to Submitters Profile:https://hackerone.com/leixiao Report Title:CVE-2022-40604: Apache Airflow: Format String...
HackerOne Bug Bounty Disclosure: object-level-access-control-leads-to-reading-user-s-full-requests-sessions-and-error-messages-mester-x
Company Name: Yelp Company HackerOne URL: https://hackerone.com/yelp Submitted By:mester_xLink to Submitters Profile:https://hackerone.com/mester_x Report Title:Object Level access control leads to reading...
CVE Alert: CVE-2024-45832
Vulnerability Summary: CVE-2024-45832 Hard-coded credentials were included as part of the application binary. These credentials served as part of the...
CVE Alert: CVE-2024-26153
Vulnerability Summary: CVE-2024-26153 All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 are vulnerable to cross-site request...
CVE Alert: CVE-2024-26156
Vulnerability Summary: CVE-2024-26156 All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross...
