2460 matches found
CVE-2025-62413
MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting XSS vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the MQTTX message viewer. ...
CVE-2025-62413
MQTTX v1.12.0 contains an XSS in the message viewer caused by improper rendering of MQTT payloads (HTML/JS). This can execute scripts in the app UI and potentially access credentials or trigger actions. The issue is fixed in v1.12.1; upgrading to 1.12.1 is the recommended remediation. The vulnera...
EUVD-2025-34812
MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting XSS vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the MQTTX message viewer. ...
LLM Agents for Automated Web Vulnerability Reproduction: Are We There Yet?
Large language model LLM agents have demonstrated remarkable capabilities in software engineering and cybersecurity tasks, including code generation, vulnerability discovery, and automated testing. One critical but underexplored application is automated web vulnerability reproduction, which...
Rapid7: 7 years of recognition in Gartner® Magic Quadrant™ for SIEM
We’re proud to share that Rapid7 has been recognized in the 2025 Gartner Magic Quadrant for Security Information and Event Management SIEM. This is the seventh year we have been positioned in this report, which means we’ve been recognized in every report following the launch of our SIEM offering,...
The importance of hardening customer support tools against cyberattacks
The Deputy CISO blog series is whereMicrosoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
GHSA-RG9H-VX28-XXP5 llama-index has Insecure Temporary File
The llamaindex library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, dat...
[SECURITY] Fedora 42 Update: prometheus-podman-exporter-1.19.0-1.fc42
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...
[SECURITY] Fedora 41 Update: apptainer-1.4.3-1.fc41
Apptainer provides functionality to make portable containers that can be used across host environments...
[SECURITY] Fedora 42 Update: apptainer-1.4.3-1.fc42
Apptainer provides functionality to make portable containers that can be used across host environments...
[SECURITY] Fedora 43 Update: apptainer-1.4.3-2.fc43
Apptainer provides functionality to make portable containers that can be used across host environments...
EUVD-2019-2190
Malware in sbrugna...
EUVD-2018-17267
Malware in sbrugna...
EUVD-2017-6084
Malware in sbrugna...
EUVD-2003-0513
Malware in sbrugna...
EUVD-2014-4617
Malware in sbrugna...
EUVD-2021-2283
Malware in sbrugna...
EUVD-2021-2122
Malware in sbrugna...
EUVD-2008-0243
Malware in sbrugna...
EUVD-2017-2336
Malware in sbrugna...