258 matches found
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6...
CVE-2023-47644
The CVE-2023-47644 entry is valid and affects the WordPress plugin ProfileGrid – User Profiles, Memberships, Groups and Communities (v5.6.6 and earlier). It is a Cross-Site Request Forgery (CSRF) vulnerability with unauthenticated impact. The issue stems from CSRF protection gaps in ProfileGrid, ...
PT-2023-30532 · Unknown · Profilegrid
Name of the Vulnerable Software and Affected Versions: ProfileGrid – User Profiles, Memberships, Groups and Communities versions 5.6.6 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user...
WordPress Plugin ProfileGrid - User Profiles, Memberships, Groups and Communities Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware
Introduction As a cybersecurity company, Kaspersky is constantly dealing with known and brand-new malware samples. As part of our crimeware reporting service, we provide our customers with technical reports on the evolution of existing crimeware families, as well as newly emerging ones. In this...
Fedora: Security Advisory for moodle (FEDORA-2023-a7b0d27d18)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cybersecurity Awareness Month 2023: Elevating Security Together
As the 20th anniversary of Cybersecurity Awareness Month begins, I find myself reflecting on the strides made since its inception. The journey to enhance and improve cybersecurity is ongoing and extends beyond October. It’s not merely a technological challenge; it is fundamentally about people...
Fedora: Security Advisory for moodle (FEDORA-2023-ce24b63b36)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: moodle-4.1.4-1.fc37
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...
Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities
Improperly deactivated and abandoned Salesforce Sites and Communities aka Experience Cloud could pose severe risks to organizations, leading to unauthorized access to sensitive data. Data security firm Varonis dubbed the abandoned, unprotected, and unmonitored resources "ghost sites." "When these...
Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities
Improperly deactivated and abandoned Salesforce Sites and Communities aka Experience Cloud could pose severe risks to organizations, leading to unauthorized access to sensitive data. Data security firm Varonis dubbed the abandoned, unprotected, and unmonitored resources "ghost sites." "When these...
Fedora: Security Advisory for moodle (FEDORA-2023-0ab503de3d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: moodle-3.11.14-1.fc36
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...
EFF on the UN Cybercrime Treaty
EFF has a good explainer on the problems with the new UN Cybercrime Treaty, currently being negotiated in Vienna. The draft treaty has the potential to rewrite criminal laws around the world, possibly adding over 30 criminal offenses and new expansive police powers for both domestic and...
Fedora: Security Advisory for moodle (FEDORA-2023-d9c13996b2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM Sterling B2B Integrator Authentication Error Vulnerability
IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities. IBM Sterling B2B Integrator...
SUSE CVE-2010-1674
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a malformed Extended Communities attribute...
Unspecified Vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A security vulnerability exists i...
[SECURITY] Fedora 35 Update: moodle-3.11.11-1.fc35
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...
Hot on the Trail of a Mass-School-Shooting Hoaxer
For months, an anonymous caller has terrorized communities around the US by reporting false shooting threats. We know how they did it. The question is, why?...