EUVD-2020-8136

Malware in sbrugna...

EUVD-2022-48291

Malicious code in bioql PyPI...

EUVD-2024-54525

Malicious code in bioql PyPI...

EUVD-2025-16225

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from failure to properly handle the firmware return result of a QP/RQ destruction, which could result in the...

Salesloft Drift Supply Chain Incident

We recently became aware of a widespread Salesloft / Drift supply chain incident that impacted third-party integrations with Drift. We are providing this update as part of our commitment to transparency and keeping our customers informed about the security of our platform and products. The key...

Linux Distros Unpatched Vulnerability : CVE-2024-37078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in...

Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets

Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users' digital assets at risk. "These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase,...

Zoomcar Data Breach Exposes Personal Info of 8.4 Million Users

Zoomcar confirms 2025 breach affecting 8.4M users, echoing its 2018 data leak. Personal info exposed, financial data safe, investigation ongoing...

Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine

Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations worldwide. While businesses face mounting pressure from regulators, insurers, and rising threats, many still treat cybersecurity as an afterthought. As a result, providers may struggle to mov...

CVE-2024-28125

FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification and this is currently under further investigation...

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

CVE-2024-11142 CSRF in Gosoft Software's Proticaret E-Commerce

Cross-Site Request Forgery CSRF vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery. This issue affects Proticaret E-Commerce: before v6.0 NOTE: According to the vendor, fixing process is still ongoing for v4.05...

CVE-2024-11142

CVE-2024-11142 describes a Cross‑Site Request Forgery (CSRF) vulnerability in Gosoft Software Proticaret E‑Commerce, affecting versions prior to 6.0. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) yields a base score of 8.8 (HIGH), with exploitation requiring user interaction. Some sou...

Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface API from payment processor Stripe to validate stolen payment information prior to exfiltration. "This tactic ensures that only valid card data is sent to the attackers,...

CVE-2023-53014

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminateall Terminate vdesc when terminating an ongoing transfer. This will ensure that the vdesc is present in the descterminated list The descriptor will be freed later in descfreelist. Thi...

DEBIAN-CVE-2023-53014

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminateall Terminate vdesc when terminating an ongoing transfer. This will ensure that the vdesc is present in the descterminated list The descriptor will be freed later in descfreelist. Thi...

CVE-2023-53014

The CVE-2023-53014 issue affects the Linux kernel’s DMA engine (tegra). It describes a memory leak that occurs when terminating an ongoing transfer: the vdesc must be terminated and placed in the desc_terminated list, with the descriptor freed later in desc_free_list(). The provided connected doc...

CVE-2023-53014 dmaengine: tegra: Fix memory leak in terminate_all()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminateall Terminate vdesc when terminating an ongoing transfer. This will ensure that the vdesc is present in the descterminated list The descriptor will be freed later in descfreelist. Thi...

CVE-2023-53014

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminateall Terminate vdesc when terminating an ongoing transfer. This will ensure that the vdesc is present in the descterminated list The descriptor will be freed later in descfreelist. Thi...