EUVD-2006-4232

Malware in sbrugna...

EUVD-2023-48816

Malicious code in bioql PyPI...

Xorux LPAR2RRD File Upload Directory Traversal

Vulnerability Details Affected Vendor: Xorux Affected Product: LPAR2RRD Affected Version: 8.04 and prior Platform: Rocky Linux 8.10 CWE Classification: CWE-24: Path Traversal: '../filedir', CWE-434: Unrestricted Upload of File with Dangerous Type, CWE-648: Incorrect Use of Privileged APIs CVE...

CVE-2023-44479

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jim Krill WP Jump Menu plugin = 3.6.4 versions...

jim-humble.de Improper Access Control vulnerability OBB-3767541

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

jim-morris.com Cross Site Scripting vulnerability OBB-3720188

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-44479

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jim Krill WP Jump Menu plugin = 3.6.4 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jim Krill WP Jump Menu plugin = 3.6.4 versions...

CVE-2023-44479 WordPress WP Jump Menu Plugin <= 3.6.4 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jim Krill WP Jump Menu plugin = 3.6.4 versions...

CVE-2023-44479

CVE-2023-44479 concerns the WP Jump Menu WordPress plugin by Jim Krill. Affected versions are

Never Mind the Ears, Here's Security Nation

It's another year down and another season down for Security Nation. With the close of our fifth season, I wanted to take a minute here to reflect on who we spoke with and what we talked about. The show titles focus as you would expect on the individual interview subjects, but there's a bunch of...

Why 8kun Went Offline During the January 6 Hearings

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun.top and TheDonald.win in helping to organize and galvanize supporters who responded to former President Trumps invitation to "be wild" in Washington, D.C. on that chaotic day. At the same...

[Security Nation] Jim O’Gorman and g0tmi1k on Kali Linux

!\Security Nation\ Jim O’Gorman and g0tmi1k on Kali Linuxhttps://blog.rapid7.com/content/images/2022/05/securitynationlogo--1-.jpg In this episode of Security Nation, Jen and Tod sit down with Jim O’Gorman and Ben “g0tmi1k” Wilson of Offensive Security to chat about Kali Linux. They walk our host...

King Jim Password Manager 安全漏洞

King Jim Password Manager is a password manager from the Japanese company King Jim. A security vulnerability exists in King Jim Password Manager that stems from an improper encryption algorithm. The vulnerability can be exploited by an attacker to obtain stored passwords...

JVN#19826500: PASSWORD MANAGER "MIRUPASS" PW10 / PW20 missing encryption

PASSWORD MANAGER "MIRUPASS" PW10 / PW20 provided by KING JIM CO.,LTD. contain a missing encryption vulnerability CWE-311. Impact A user who can physically access the products may obtain the stored passwords. Solution Stop using the products The developer states that the products are no longer...

Cybersecurity opportunities for the public and private sectors

Im happy to share a new paper by Cynergy Partners, co-authored by Coalfire board member, Jim Pflaging, titled Cybersecurity Opportunities for the Public and Private Sectors...

jimthompson.com Improper Access Control vulnerability OBB-1464571

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

jimlewiscars.com Cross Site Scripting vulnerability OBB-1423963

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

How Internet Savvy are Your Leaders?

Back in April 2015, I tweeted about receiving a letter via snail mail suggesting the search engine rankings for a domain registered in my name would suffer if I didn't pay a bill for some kind of dubious-looking service I'd never heard of. But it wasn't until the past week that it become clear ho...

Jim Risen Writes about Reporting Government Secrets

Jim Risen writes a long and interesting article about his battles with the US government and the New York Times to report government secrets...