9 matches found
Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure
Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours...
EUVD-2025-32509
A security flaw has been discovered in Tenda AC18 15.03.05.196318. Affected by this issue is some unknown functionality of the file /goform/fastsettingpppoeset. Performing manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out...
CRMEB 安全漏洞
CRMEB is a Java mall system of CRMEB open source. A security vulnerability exists in CRMEB 5.6 and earlier versions, which stems from an incorrect manipulation of the parameter cateid in the file /adminapi/product/product, which could lead to a SQL injection attack...
Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems
Cybersecurity researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system OS commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum...
CVE-2024-33530
In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings that make use of a lobby leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby...
Design/Logic Flaw
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output...
CVE-2021-20180
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...
Gatekeeper Bug in MacOS Mojave Allows Malware to Execute
Researcher Filippo Cavallarin disclosed a bug in the macOS security feature Gatekeeper that allows malicious code execution on systems running the most recent version of Mojave 10.14.0. MacOS Gatekeeper is an Apple security feature that enforces code signing and verifies downloads and apps before...
Oracle Java SE < 7 Update 25 Arbitrary Code Execution
Binary data 9350.prm...