EUVD-2014-6097

Malware in sbrugna...

EUVD-2024-48079

Malicious code in bioql PyPI...

CVE-2024-7093

Dispatch's notification service uses Jinja templates to generate messages to users. Jinja permits code execution within blocks, which were neither properly sanitized nor sandboxed. This vulnerability enables users to construct command line scripts in their custom message templates, which are then...

Netflix Dispatch 安全漏洞

Netflix Dispatch is a US-based Netflix software that provides deep integration with Slack, GSuite, Jira and other tools and provides security event management. Netflix Dispatch suffers from a security vulnerability that stems from allowing code to be executed within blocks that have not been...

A Microsoft Office 365 Feature Could Help Ransomware Hackers Hold Cloud Files Hostage

A "dangerous piece of functionality" has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to mount attacks on cloud infrastructure and ransom files stored on SharePoint and OneDrive. The cloud ransomware attack makes it possible to launch file-encryptin...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control error...

CVE-2014-6211

CVE-2014-6211 affects IBM WebSphere Commerce 6.0–6.0.0.11, 7.0–7.0.0.9, and 7.0 Feature Pack 2–8. When debugging is enabled, logging is not properly restricted for personal data, allowing local users to read sensitive information from log files. Exploitation details are not provided in the suppli...