Fedora: Security Advisory for chromium (FEDORA-2024-1bc17d6ec7)
The remote host is missing an update for...
9.6CVSS
9.2AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-4d2d73ab31)
The remote host is missing an update for...
8.8CVSS
7.3AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-5f84678c08)
The remote host is missing an update for...
9.6CVSS
9.2AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-5483bc2adb)
The remote host is missing an update for...
9.1AI Score
0.0004EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-8b50ca2e22)
The remote host is missing an update for...
8.8CVSS
7.4AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-decb7e94a1)
The remote host is missing an update for...
8.8CVSS
8AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-55e7e839f1)
The remote host is missing an update for...
9.4AI Score
0.0004EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-5cf9499b62)
The remote host is missing an update for...
8.8CVSS
8AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-44edce9689)
The remote host is missing an update for...
8.7AI Score
0.0004EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-87bb7ffab1)
The remote host is missing an update for...
8.7AI Score
0.0004EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-5d8f4f86b0)
The remote host is missing an update for...
8.8CVSS
7.4AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-92780a83f9)
The remote host is missing an update for...
9.4AI Score
0.0004EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-2c9be9d949)
The remote host is missing an update for...
8.8CVSS
8AI Score
0.001EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-382a7dba53)
The remote host is missing an update for...
9.6CVSS
9.3AI Score
0.003EPSS
Fedora: Security Advisory for chromium (FEDORA-2024-12edb9dec8)
The remote host is missing an update for...
8.8CVSS
7.4AI Score
0.001EPSS
Domainim - A Fast And Comprehensive Tool For Organizational Network Scanning
Domainim is a fast domain reconnaissance tool for organizational network scanning. The tool aims to provide a brief overview of an organization's structure using techniques like OSINT, bruteforcing, DNS resolving etc. Features Current features (v1.0.1)- - Subdomain enumeration (2 engines +...
7.8AI Score
Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’
Plus: US surveillance reportedly targets pro-Palestinian protesters, the FBI arrests a man for AI-generated CSAM, and stalkerware targets hotel...
7.4AI Score
Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data
Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed...
8.2AI Score
Beware: These Fake Antivirus Sites Spreading Android and Windows Malware
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which...
7.4AI Score
The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber access or higher,...
4.3CVSS
4.7AI Score
0.0004EPSS
The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber access or higher,...
4.3CVSS
6.3AI Score
0.0004EPSS
CVE-2024-0893 Schema App Structured Data <= 1.23.1 - Missing Authorization
The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber access or higher,...
4.3CVSS
4.7AI Score
0.0004EPSS
CVE-2024-0893 Schema App Structured Data <= 1.23.1 - Missing Authorization
The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber access or higher,...
4.3CVSS
6.5AI Score
0.0004EPSS
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SEO title and description parameters as well as others in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for...
6.4CVSS
6AI Score
0.0004EPSS
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SEO title and description parameters as well as others in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for...
6.4CVSS
5.9AI Score
0.0004EPSS
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SEO title and description parameters as well as others in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for...
6.4CVSS
6AI Score
0.0004EPSS
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SEO title and description parameters as well as others in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for...
6.4CVSS
6AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: chromium-125.0.6422.76-1.fc39
Chromium is an open-source web browser, powered by WebKit...
6.7AI Score
0.0004EPSS
bind-dyndb-ldap [11.6-4] - Modify empty zone conflicts under exclusive mode Resolves: rhbz#2126877 [11.6-3] - Rebuild against bind 9.11.36 - Resolves: rhbz#2022762 [11.6-2] - Rebuild against bind 9.11.26 - Resolves: rhbz#1904612 [11.6-1] - New upstream release - Resolves: rhbz#1891735 [11.3-1] -...
5.3CVSS
7.6AI Score
0.0004EPSS
LuckyWP Table of Contents <= 2.1.4 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC Request: POST...
5.5AI Score
0.0004EPSS
LuckyWP Table of Contents <= 2.1.4 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
5.6AI Score
0.0004EPSS
[1.4.3.39-3] - Bump version to 1.4.3.39-3 - Resolves: RHEL-19240 - RFE Add PROXY protocol support to 389-ds-base via confiuration item - similar to Postfix [1.4.3.39-2] - Bump version to 1.4.3.39-2 - Resolves: RHEL-23209 - CVE-2024-1062 389-ds:1.4/389-ds-base: a heap overflow leading to...
5.5CVSS
7.3AI Score
0.0004EPSS
SEOPress < 7.6 - Contributor+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting via the SEO title and description parameters as well as others due to insufficient input sanitization and output escaping. This makes it possible for attackers, with contributor access or higher, to inject arbitrary web scripts in....
6.4CVSS
6AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 118 vulnerabilities disclosed in 90...
10CVSS
9.4AI Score
EPSS
The Wiz Research team's investigations into AI-as-a-service providers reveals a major risk to AI...
7.2AI Score
Are Your SaaS Backups as Secure as Your Production Data?
Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could...
7AI Score
Personal AI Assistants and Privacy
Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called "Recall" for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall...
7AI Score
How AI will change your credit card behind the scenes
Many companies are starting to implement Artificial Intelligence (AI) within their services. Whenever there are large amounts of data involved, AI offers a way to turn that pile of data into actionable insights. And there's a big chance that our data are somewhere in that pile, whether they can be....
6.9AI Score
The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell
Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the second half of 2024 in favor of more advanced alternatives such as JavaScript and PowerShell. "Technology has advanced over the years, giving rise to more powerful and versatile scripting languages such as....
6.3AI Score
[SECURITY] Fedora 40 Update: chromium-125.0.6422.76-1.fc40
Chromium is an open-source web browser, powered by WebKit...
7AI Score
0.0004EPSS
Schema App Structured Data <= 2.2.0 - Missing Authorization
Description The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber access.....
4.3CVSS
4.6AI Score
0.0004EPSS
Mirth Connect deserialization vulnerability
Added: 05/23/2024 Background Mirth Connect is an application which translates message standards for healthcare systems. Problem A deserialization vulnerability in Mirth Connect allows remote attackers to execute arbitrary commands by sending a specially crafted API request. Resolution Upgrade...
9.8CVSS
9.9AI Score
0.956EPSS
Mirth Connect deserialization vulnerability
Added: 05/23/2024 Background Mirth Connect is an application which translates message standards for healthcare systems. Problem A deserialization vulnerability in Mirth Connect allows remote attackers to execute arbitrary commands by sending a specially crafted API request. Resolution Upgrade...
9.8CVSS
8AI Score
0.956EPSS
[0.10.18-2.0.1] - Replace HAM-logo.png with a generic one [0.10.18-2] - Fixed CVE-2024-25126, CVE-2024-26141, CVE-2024-26146 in bundled dependency rack Resolves: RHEL-26445, RHEL-26447, RHEL-26449 [0.10.18-1] - Rebased to the latest sources (see CHANGELOG.md) Resolves: RHEL-7741 [0.10.17-6] -...
5.8CVSS
6.9AI Score
0.0004EPSS
Criminal IP: Enhancing Security Solutions through AWS Marketplace Integration
By Cyber Newswire AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal… This is a post from HackRead.com Read the original post: Criminal IP: Enhancing Security Solutions through AWS Marketplace...
7.3AI Score
The Ultimate SaaS Security Posture Management Checklist, 2025 Edition
Since the first edition of _The Ultimate SaaS Security Posture Management (SSPM) Checklist _was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large enterprises, the number of SaaS applications in use today is in the hundreds, spread across...
6.9AI Score
Microsoft AI “Recall” feature records everything, secures far less
Developing an AI-powered threat to security, privacy, and identity is certainly a choice, but it's one that Microsoft was willing to make this week at its “Build” developer conference. On Monday, the computing giant unveiled a new line of PCs that integrate Artificial Intelligence (AI) technology.....
6.8AI Score
@apidevtools/json-schema-ref-parser is vulnerable to Prototype Pollution. The vulnerability is due to inadequate input validation in the bundle(), parse(), resolve(), and dereference() functions, allowing a remote attacker to execute arbitrary...
7.5AI Score
EPSS
The AI ChatBot plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the openai_file_list_callback function in all versions up to, and including, 5.3.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
5CVSS
5.2AI Score
0.001EPSS
The AI ChatBot plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the openai_file_upload_callback function in all versions up to, and including, 5.3.4. This makes it possible for authenticated attackers, with subscriber-level access and...
5CVSS
5.3AI Score
0.001EPSS