Cyber-Secure Philanthropy: Tech Infrastructure for Global Donations

Secure philanthropy needs hardened payments, API security, and compliance controls to protect global donations from fraud and attacks...

EUVD-2021-12367

Malware in sbrugna...

EUVD-2004-1036

Malware in sbrugna...

RL-MoE: an Image-Based Privacy Preserving Approach in Intelligent Transportation System

The proliferation of AI-powered cameras in Intelligent Transportation Systems ITS creates a severe conflict between the need for rich visual data and the fundamental right to privacy. Existing privacy-preserving mechanisms, such as blurring or encryption, are often insufficient, creating an...

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

How to Protect Your Online Presence from Devastating DDoS Attacks

Today, your internet presence is much more than just a website or social media profile, it's like your…...

CVE-2021-3332

WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via postpassword...

CVE-2021-25471

A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion...

CVE-2020-8168

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site reques...

WordPress Iron Security 2.2.3 IP Spoofing

WordPress Iron Security plugin versions 2.2.3 and below suffer from a source IP spoofing vulnerability. Wordpress Plugin Iron Security - IP Spoofing Exploit Author: bRpsd | cyatlive.no Date: March 20, 2025 Product: https://wordpress.org/plugins/iron-security/ Version: 2.2.3 and below CVE : N/A...

RHEL 6 : perltidy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perltidy: insecure temporary file creation CVE-2014-2277 - perltidy through 20160302, as used by...

CVE-2023-43139

Summary: CVE-2023-43139 affects franfinance prior to v2.0.27 (PrestaShop integration). The vulnerability allows a remote attacker to execute arbitrary code via the validation.php and controllers/front/validation.php components. The NVD records a CVSSv3.1 base score of 9.8 (CRITICAL) with network ...

CVE-2023-36478

Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to exceed their size limit. MetaDataBuilder.java determines if a...

Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2023-18299)

Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A cross-site scripting vulnerability exists...

PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service RDoS attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series hardware, VM-Series virtual and CN-Series container firewall...

Missing EIP-155 replay attack protection

Lines of code Vulnerability details Impact publishProject/addMember/escrow in Community and inviteContractor/updateProjectHash/addTasks/setComplete/changeOrder in Project use ecrecover for signed messages to check access. However, all signed messages that is used to check access do not include an...

Mageia: Security Advisory (MGASA-2017-0301)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-99662)

Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A cross-site scripting vulnerability exists,...

CVE-2021-25471

A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion...

Design/Logic Flaw

A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection...