CVE-2026-27839 wger: IDOR in nutritional_values endpoints exposes private dietary data via direct ORM lookup

wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, three nutritionalvalues action endpoints fetch objects via Model.objects.getpk=pk — a raw ORM call that bypasses the user-scoped queryset. Any authenticated user can read another user's private nutrition...

CVE-2021-22889

Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the statsBreakdown parameter of stats.php and possibly other scripts due to single quotes not being escaped. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking...

CVE-2021-39973

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down...

Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck

CVE-2023-50564 - Pluck CMS v4.7.18 Exploit Overview This...

Signal Is Finally Testing Usernames

Plus: A DDoS attack shuts down ChatGPT, Lockbit shuts down a bank, and a communications breakdown between politicians and Big Tech...

Exploit for Uncontrolled Resource Consumption in Ietf Http

This is a proof of concept for a Denial of Service DoS exploit...

Managed Detection and Response in 2022

Kaspersky Managed Detection and Response MDR is a service for 24/7 monitoring and response to detected incidents based on technologies and expertise of Kaspersky Security Operations Center SOC team. MDR allows detecting threats at any stage of the attack – both before anything is compromised and...

Contracts will not working correctly after February 2106. Vesting will be locked forever if withdrawn after February 2106.

Lines of code Vulnerability details Impact Contracts will not working correctly after February 2106. Migration takes costs and is risky. You shouldn't pass on this work to future programmers. You should fix it in the first place. In case anything went wrong during migration, a big fund loss will...

Microsoft security experts outline next steps after compromise recovery

Who is CRSP? The Microsoft Compromise Recovery Security Practice CRSP is a worldwide team of cybersecurity experts operating in most countries, across both public and private organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the...

Google Project Zero Detects a Record Number of Zero-Day Exploits in 2021

Google Project Zero called 2021 a "record year for in-the-wild 0-days," as 58 security vulnerabilities were detected and disclosed during the course of the year. The development marks more than a two-fold jump from the previous maximum when 28 0-day exploits were tracked in 2015. In contrast, onl...

CVE-2021-39973

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down...

CVE-2021-39973

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down...

breakdown.gaming.ny.gov Cross Site Scripting vulnerability OBB-2153573

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Short shift is not cleared

Handle cmichel Vulnerability details The LongShort.batchConfirmOutstandingPendingActions function uses the batchedamountSyntheticTokentoShiftAwayFrommarketSidemarketIndexfalse field to determine how much short tokens to shift to long tokens. However, this field is not cleared, instead, the long...

Patch Tuesday Dashboard Template Release

We know that many security teams rely on Microsoft’s patch cycle to remediate vulnerabilities in their environments. However, every month , Patch Tuesday introduces numerous vulnerabilities and their solutions that apply to many, if not nearly all, devices. Keeping up with the deployment of these...

533 Million Facebook Users' Phone Numbers and Personal Data Leaked Online

In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full...

Threat Source newsletter (Jan. 7, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers and welcome to the first Threat Source newsletter of 2021. We hit the ground running already this year with a new Beers with Talos episode. It was recorded back in 2020, but the lessons regarding ransomware attacks and how actors...

A Deep Dive into Lokibot Infection Chain

By Irshad Muhammad, with contributions from Holger Unterbrink. News summary Lokibot is one of the most well-known information stealers on the malware landscape. In this post, we'll provide a technical breakdown of one of the latest Lokibot campaigns.Talos also has a new script to unpack the...

Kamailio 5.4.0 Header Smuggling Exploit

Kamailio version 5.4.0 is vulnerable to header smuggling via a bypass of removehf. Kamailio vulnerable to header smuggling possible due to bypass of removehf - Fixed versions: Kamailio v5.4.0 - Enable Security Advisory: - Tested vulnerable versions: 5.3.5 and earlier - Timeline: - Report date &...

WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass

Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Tested on: LAMP stack with most recent...