Lucene search
K

258 matches found

The Hacker News
The Hacker News
added 2024/09/12 10:51 a.m.20 views

Top 3 Threat Report Insights for Q2 2024

Cato CTRL Cyber Threats Research Lab has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato's global customers, between April and June 2024. Key Insights from the...

6.8AI score
Exploits0
OSV
OSV
added 2024/06/12 7:43 p.m.2 views

GHSA-HJX6-F647-MVF9 Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components

Impact We have identified a Cross-Site Scripting XSS vulnerability within certain React components related to community members in the Invenio-Communities module. This vulnerability enables a user to inject a script tag into the Affiliations field during the account registration process. The...

6.3CVSS5.8AI score
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/06/12 7:43 p.m.12 views

Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components

Impact We have identified a Cross-Site Scripting XSS vulnerability within certain React components related to community members in the Invenio-Communities module. This vulnerability enables a user to inject a script tag into the Affiliations field during the account registration process. The...

5.8AI score
Exploits0References6Affected Software1
Imperva Blog
Imperva Blog
added 2024/06/10 6:5 p.m.81 views

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...

10CVSS8AI score0.99999EPSS
Exploits442
CISA
CISA
added 2024/05/14 12:0 p.m.8 views

CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

CISA, in partnership with the Department of Homeland Security DHS, the Federal Bureau of Investigation FBI and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with...

7.1AI score
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/04/29 12:0 a.m.19 views

ProfileGrid – User Profiles, Memberships, Groups and Communities < 5.8.0 - Insecure Direct Object Reference

Description The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.7.9 due to missing validation on a user controlled key in the pgshowmsgpanel function. This makes it...

8.8CVSS6.7AI score0.00448EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2024/04/26 12:30 p.m.74 views

CSAF - Cyber Security Awareness Framework

The Cyber Security Awareness Framework CSAF is a structured approach aimed at enhancing Cybersecurity" title="Cybersecurity"cybersecurity awareness and understanding among individuals, organizations, and communities. It provides guidance for the development of effective Cybersecurity"...

7.5AI score
Exploits0References1
OSV
OSV
added 2024/04/16 8:15 p.m.4 views

DEBIAN-CVE-2022-24808

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

6.5CVSS6.7AI score0.01131EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2024/04/05 10:43 a.m.6 views

inclusivecommunities.com.au Cross Site Scripting vulnerability OBB-3905259

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
HackRead
HackRead
added 2024/04/02 4:34 p.m.19 views

Authentic8 launches Silo Shield program to protect high-risk communities in partnership with CISA

By Cyber Newswire Washington, DC, United States, April 2nd, 2024, CyberNewsWire Authentic8, provider of the leading OSINT research platform Silo for… This is a post from HackRead.com Read the original post: Authentic8 launches Silo Shield program to protect high-risk communities in partnership wi...

7.2AI score
Exploits0
CISA
CISA
added 2024/04/02 12:0 p.m.7 views

CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities

Today, CISA published a new dedicated High-Risk Communities webpage comprised of cybersecurity resources to support civil society communities at heighted risk of digital security threats, including cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tool...

6.9AI score
Exploits0References6
Packet Storm
Packet Storm
added 2024/03/13 12:0 a.m.259 views

MetaFox 5.1.8 Shell Upload

!/usr/bin/env python3 Exploit Title: MetaFox Remote Shell Upload Google Dork: "Social network for niche communities" Exploit Author: The Joker Vendor Homepage: https://www.phpfox.com Version: = 5.1.8import jsonimport requestsimport sysif lensys.argv != 4: sys.exit"Usage: %s " % sys.argv0...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2024/03/01 12:0 a.m.23 views

Fedora: Security Advisory for moodle (FEDORA-2024-d2f180202f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS5.2AI score0.00944EPSS
Exploits0References2
Drupal
Drupal
added 2024/01/24 12:0 a.m.25 views

Open Social - Moderately critical - Information Disclosure - SA-CONTRIB-2024-005

Open Social is a Drupal distribution for online communities. The included optional socialgroupflexiblegroup module doesn't sufficiently validate group updates. The lack of validation makes it possible to have content inside the group changing it's visibility, which could lead to that content bein...

9.1CVSS7AI score0.00341EPSS
Exploits0References7
NVD
NVD
added 2024/01/08 10:15 p.m.32 views

CVE-2022-36352

Missing Authorization vulnerability in Profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.0.3...

8.8CVSS7AI score0.00391EPSS
Exploits0References1
OSV
OSV
added 2024/01/08 10:15 p.m.6 views

CVE-2022-36352

Missing Authorization vulnerability in Profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.0.3...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References1
CVE
CVE
added 2024/01/08 9:50 p.m.51 views

CVE-2022-36352

CVE-2022-36352 affects WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin. The issue is a Missing Authorization/Broken Access Control vulnerability in versions up to 5.0.3, allowing unauthorized access to certain actions/data. PatchStack specifies a fix in version 5...

8.8CVSS8AI score0.00391EPSS
Exploits0References1Affected Software1
HackRead
HackRead
added 2023/12/04 1:56 p.m.16 views

Stellar Cyber Bridges Cybersecurity Skills Gap with First-of-Its-Kind University Program

By Owais Sultan Stellar Cyber launches a field-proven university program to enable educational organizations to deliver hands-on cybersecurity training and provide soc services to underserved communities. This is a post from HackRead.com Read the original post: Stellar Cyber Bridges Cybersecurity...

7.2AI score
Exploits0
NVD
NVD
added 2023/11/18 10:15 p.m.27 views

CVE-2023-47644

Cross-Site Request Forgery CSRF vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6...

8.8CVSS0.0028EPSS
Exploits0References1
OSV
OSV
added 2023/11/18 10:15 p.m.4 views

CVE-2023-47644

Cross-Site Request Forgery CSRF vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6...

8.8CVSS7.3AI score0.0028EPSS
Exploits0References1
Rows per page
Query Builder