EUVD-2019-13866

Malware in sbrugna...

MAL-2025-9851 Malicious code in @zalastax/nolb-_ces (npm)

The package @zalastax/nolb-ces was found to contain malicious code...

Security Bulletin: Multiple vulnerabilities which can affect IBM Storage Scale cloudkit and CES S3 are now addressed. (CVE-2025-22868, CVE-2025-22869)

Summary There are several vulnerabilities in IBM Storage Scale which could provide weaker than expected security that are now addressed CVE-2024-45337, CVE-2024-45338 Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pass a malicious malformed token which causes unexpected...

cescollege.ac.in Improper Access Control vulnerability OBB-3836875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Volkswagen Goes AI, Integrates ChatGPT into its Vehicles

By Waqas Volkswagen announced the surprising development at CES 2024 Consumer Electronics Show in Las Vegas. This is a post from HackRead.com Read the original post: Volkswagen Goes AI, Integrates ChatGPT into its Vehicles...

ces-cam.org Cross Site Scripting vulnerability OBB-3619243

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ces.com.uy Cross Site Scripting vulnerability OBB-3319178

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

A Quick Look at CES 2022

The first thing I noticed about CES this year was COVID’s impact on the event, which was more than just attendance size. A large amount of the technology focused on sanitation, everything from using light to sanitize surfaces on point-of-sale systems to hand-washing stations. When I attend events...

CES 2021 Gadgets: Worst in Privacy and Security Awards

This year’s Consumer Electronics Show was hampered by the pandemic, but that didn’t stop an expert panel from convening to award this year’s dubious CES 2021 Worst in Show honors in the context of gadget privacy and security. Overall trends from the week included ever-connected devices constantly...

ces-msa.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1126544 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

SIEMENS SCALAN CES-600 family Denial of Service Vulnerability

SCALANCE S firewall is used to protect trusted industrial networks from untrusted networks. A denial of service vulnerability exists in the SIEMENS SCALAN CES-600 family. An attacker could exploit the vulnerability by sending packets to port 443/tcp of the affected device, resulting in a denial o...

CES Surveillance Hype Worries Privacy Advocates

Cutting-edge surveillance tech took center stage at the Consumer Electronics Show in Las Vegas, Nevada this past week. But just as many tech enthusiast praised the technology as something to marvel, privacy advocates voiced concern. Many security experts are sounding the alarm that the annual tec...

A week in security (January 6 – 12)

Last week on Malwarebytes Labs, we told readers how to check the safety of websites and their related files, explored the shady behavior taking place within the billion-dollar search industry, broke down the top six ways that hackers target retail businesses, and put a spotlight on the ransomware...

Facebook Revamps Its Privacy Checkup Feature in Time for CES

Forget Portal. This year, Facebook is marketing itself as a privacy crusader...

CVE-2018-20355

An invalid write of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

Celebrating the Next Generation of Technology Innovators

At Trend Micro, it’s our mission to secure the connected world. However, we want to go beyond the boundaries of the cybersecurity industry to support and learn from the technology innovators of tomorrow. That’s what our venture arm, Trend Forward Capital, is all about. As part of these efforts, w...

CVE-2019-4259

A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011...

CVE-2019-4259

CVE-2019-4259 affects IBM Spectrum Scale with CES stack enabled (versions 4.1.1–5.0.0). Affected component: CES stack, where sensitive data could be included with service snaps. The IBM bulletin identifies affected releases and provides fixes: upgrade to V4.1.1.23 (for 4.1.1 branch), V4.2.3.14 (f...

CVE-2019-4259

A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011...

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements (CVE-2019-4259)

Summary A security vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements CVE-2019-4259 Vulnerability Details Deployments with protocol access metho...