Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Bluesky is back online after a roughly 24-hour DDoS attack disrupted services, with the Iran-linked 313 Team claiming responsibility and no data breach reported...

CVE-2026-1313

creationtimestamp| type| source ---|---|--- 2026-03-21 06:39:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhkgcafysn2y 2026-03-21 10:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116266698540154784 2026-03-21 10:30:30+00:00| seen|...

CVE-2026-25585

iccDEV before version 2.3.1.3 contains a vulnerability in the color management module due to improper array bounds validation at IccCmm.cpp:5793 during ICC profile processing, leading to out-of-bounds reads with potential memory disclosure or segmentation faults. The issue has been patched in ver...

PT-2025-54357

Name of the Vulnerable Software and Affected Versions Efí Bank Gerencianet Oficial versions through 3.1.3 Description An issue exists in Efí Bank Gerencianet Oficial that allows retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations Upda...

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

CVE-2025-49389

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WEN Solutions Notice Bar notice-bar allows Stored XSS.This issue affects Notice Bar: from n/a through = 3.1.3...

CVE-2023-21925

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2023-1016

The Intuitive Custom Post Order plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.1.4.1, due to insufficient escaping on the user supplied 'objects' and 'tags' parameters and lack of sufficient preparation in the 'updateoptions' function as well as the...

SUSE CVE-2021-22879

Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation...

PT-2023-18787 · Splunk · Splunk Cloudconnect Sdk +1

Name of the Vulnerable Software and Affected Versions: Splunk Add-on Builder versions prior to 4.1.2 Splunk CloudConnect SDK versions prior to 3.1.3 Description: The issue occurs when requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after...

UBUNTU-CVE-2018-5764

The parsearguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism...