CVE

CVE Alert: CVE-2024-45519

October 3, 2024

Vulnerability Summary: CVE-2024-45519 The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10...

CVE Alert: CVE-2024-45960

October 3, 2024

Vulnerability Summary: CVE-2024-45960 Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system....

CVE Alert: CVE-2024-28888

October 3, 2024

Vulnerability Summary: CVE-2024-28888 A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox field object. A specially...

CVE Alert: CVE-2024-47616

October 3, 2024

Vulnerability Summary: CVE-2024-47616 Pomerium is an identity and context-aware access proxy. The Pomerium databroker service is responsible for managing all...

CVE Alert: CVE-2024-8799

October 3, 2024

Vulnerability Summary: CVE-2024-8799 The Custom Banners plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of...

CVE Alert: CVE-2024-8786

October 3, 2024

Vulnerability Summary: CVE-2024-8786 The Auto Featured Image from Title plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...

CVE Alert: CVE-2024-9018

October 3, 2024

Vulnerability Summary: CVE-2024-9018 The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection...

CVE Alert: CVE-2024-8793

October 3, 2024

Vulnerability Summary: CVE-2024-8793 The Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin for WordPress...

CVE Alert: CVE-2024-8324

October 3, 2024

Vulnerability Summary: CVE-2024-8324 The XO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘get_slider’ function in...

CVE Alert: CVE-2024-9224

October 3, 2024

Vulnerability Summary: CVE-2024-9224 The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to,...

CVE Alert: CVE-2024-9265

October 3, 2024

Vulnerability Summary: CVE-2024-9265 The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions...

CVE Alert: CVE-2024-9228

October 3, 2024

Vulnerability Summary: CVE-2024-9228 The Loggedin – Limit Active Logins plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...

CVE Alert: CVE-2024-9209

October 3, 2024

Vulnerability Summary: CVE-2024-9209 The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use...

CVE Alert: CVE-2024-9220

October 3, 2024

Vulnerability Summary: CVE-2024-9220 The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the...

CVE Alert: CVE-2024-9241

October 2, 2024

Vulnerability Summary: CVE-2024-9241 The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use...

CVE Alert: CVE-2024-9060

October 2, 2024

Vulnerability Summary: CVE-2024-9060 The AVIF & SVG Uploader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...

CVE Alert: CVE-2024-9118

October 2, 2024

Vulnerability Summary: CVE-2024-9118 The QS Dark Mode Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...

CVE Alert: CVE-2023-3441

October 2, 2024

Vulnerability Summary: CVE-2023-3441 An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The...

CVE Alert: CVE-2024-9289

October 2, 2024

Vulnerability Summary: CVE-2024-9289 The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions...

CVE Alert: CVE-2024-44744

October 2, 2024

Vulnerability Summary: CVE-2024-44744 An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries...

CVE Alert: CVE-2023-7273

October 2, 2024

Vulnerability Summary: CVE-2023-7273 Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests. If a request...

CVE Alert: CVE-2024-30132

October 2, 2024

Vulnerability Summary: CVE-2024-30132 HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow...

CVE Alert: CVE-2024-41276

October 2, 2024

Vulnerability Summary: CVE-2024-41276 A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism....

CVE Alert: CVE-2024-9405

October 2, 2024

Vulnerability Summary: CVE-2024-9405 An incorrect limitation of a path to a restricted directory (path traversal) has been detected in Pluck...

CVE

CVE Alert: CVE-2024-45519

CVE Alert: CVE-2024-45960

CVE Alert: CVE-2024-28888

CVE Alert: CVE-2024-47616

CVE Alert: CVE-2024-8799

CVE Alert: CVE-2024-8786

CVE Alert: CVE-2024-9018

CVE Alert: CVE-2024-8793

CVE Alert: CVE-2024-8324

CVE Alert: CVE-2024-9224

CVE Alert: CVE-2024-9265

CVE Alert: CVE-2024-9228

CVE Alert: CVE-2024-9209

CVE Alert: CVE-2024-9220

CVE Alert: CVE-2024-9241

CVE Alert: CVE-2024-9060

CVE Alert: CVE-2024-9118

CVE Alert: CVE-2023-3441

CVE Alert: CVE-2024-9289

CVE Alert: CVE-2024-44744

CVE Alert: CVE-2023-7273

CVE Alert: CVE-2024-30132

CVE Alert: CVE-2024-41276

CVE Alert: CVE-2024-9405

[KAIROS] – Ransomware Victim: combinedpoolandspa[.]com

[RANSOMHUB] – Ransomware Victim: AKConstructors[.]com

CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook

CVE Alert: CVE-2024-48854

CVE Alert: CVE-2024-48856

You may have missed