CVE-2024-31206

dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In [email protected], network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers. Anyone who uses the package could be the victi...

CVE-2024-47812

ImportDump is an extension for mediawiki designed to automate user import requests. Anyone who can edit the interface strings of a wiki typically administrators and interface admins can embed XSS payloads in the messages for dates, and thus XSS anyone who views Special:RequestImportQueue. This...

MOVEit discloses THIRD critical vulnerability

In chess, the threefold repetition rule states that a player may claim a draw if the same position occurs three times during the game. Whether this means that customers of the popular file transfer utility MOVEit Transfer can ask for their money back remains to be seen, but we do hope it signals...

The Safest Way to Store and Share Your Nudes

Listen, if you’re going to take them, follow these precautions so they don’t go anywhere you don’t intend them to...

SOL58243048 - Considerations for transferring files from F5 devices

Vulnerability Description The BIG-IP system uses Secure Vault, a secure SSL-encrypted storage system, to securely store sensitive data such as SSL key passphrases, users, and administrator and services passwords. However, files transferred from an F5 device may contain sensitive information such ...