258 matches found
Top 3 Threat Report Insights for Q2 2024
Cato CTRL Cyber Threats Research Lab has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato's global customers, between April and June 2024. Key Insights from the...
GHSA-HJX6-F647-MVF9 Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components
Impact We have identified a Cross-Site Scripting XSS vulnerability within certain React components related to community members in the Invenio-Communities module. This vulnerability enables a user to inject a script tag into the Affiliations field during the account registration process. The...
Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components
Impact We have identified a Cross-Site Scripting XSS vulnerability within certain React components related to community members in the Invenio-Communities module. This vulnerability enables a user to inject a script tag into the Affiliations field during the account registration process. The...
Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware
Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...
CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources
CISA, in partnership with the Department of Homeland Security DHS, the Federal Bureau of Investigation FBI and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with...
ProfileGrid – User Profiles, Memberships, Groups and Communities < 5.8.0 - Insecure Direct Object Reference
Description The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.7.9 due to missing validation on a user controlled key in the pgshowmsgpanel function. This makes it...
CSAF - Cyber Security Awareness Framework
The Cyber Security Awareness Framework CSAF is a structured approach aimed at enhancing Cybersecurity" title="Cybersecurity"cybersecurity awareness and understanding among individuals, organizations, and communities. It provides guidance for the development of effective Cybersecurity"...
DEBIAN-CVE-2022-24808
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...
inclusivecommunities.com.au Cross Site Scripting vulnerability OBB-3905259
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Authentic8 launches Silo Shield program to protect high-risk communities in partnership with CISA
By Cyber Newswire Washington, DC, United States, April 2nd, 2024, CyberNewsWire Authentic8, provider of the leading OSINT research platform Silo for… This is a post from HackRead.com Read the original post: Authentic8 launches Silo Shield program to protect high-risk communities in partnership wi...
CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities
Today, CISA published a new dedicated High-Risk Communities webpage comprised of cybersecurity resources to support civil society communities at heighted risk of digital security threats, including cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tool...
MetaFox 5.1.8 Shell Upload
!/usr/bin/env python3 Exploit Title: MetaFox Remote Shell Upload Google Dork: "Social network for niche communities" Exploit Author: The Joker Vendor Homepage: https://www.phpfox.com Version: = 5.1.8import jsonimport requestsimport sysif lensys.argv != 4: sys.exit"Usage: %s " % sys.argv0...
Fedora: Security Advisory for moodle (FEDORA-2024-d2f180202f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Open Social - Moderately critical - Information Disclosure - SA-CONTRIB-2024-005
Open Social is a Drupal distribution for online communities. The included optional socialgroupflexiblegroup module doesn't sufficiently validate group updates. The lack of validation makes it possible to have content inside the group changing it's visibility, which could lead to that content bein...
CVE-2022-36352
Missing Authorization vulnerability in Profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.0.3...
CVE-2022-36352
Missing Authorization vulnerability in Profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.0.3...
CVE-2022-36352
CVE-2022-36352 affects WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin. The issue is a Missing Authorization/Broken Access Control vulnerability in versions up to 5.0.3, allowing unauthorized access to certain actions/data. PatchStack specifies a fix in version 5...
Stellar Cyber Bridges Cybersecurity Skills Gap with First-of-Its-Kind University Program
By Owais Sultan Stellar Cyber launches a field-proven university program to enable educational organizations to deliver hands-on cybersecurity training and provide soc services to underserved communities. This is a post from HackRead.com Read the original post: Stellar Cyber Bridges Cybersecurity...
CVE-2023-47644
Cross-Site Request Forgery CSRF vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6...
CVE-2023-47644
Cross-Site Request Forgery CSRF vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6...