Mozilla Firefox < 129.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 129.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-33 advisory. - Incorrect garbage collection interaction could have led to a use-after-free. CVE-2024-7530 - Insufficient...

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. "These vulnerabilities are found in various WordPress plugins and are...

Apple iOS 和 iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. Apple iOS and iPadOS contain a security vulnerability. An attacker could exploit this vulnerability to...

Basecamp: Bypass of image rewriting / tracking blocker via srcset

CVSS ---- Medium 4.7 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Description ----------- One of the security features of Hey is blocking of tracking pixels to preserve users privacy. As such, img tags and similar are rewritten by the app to point to gopher.hey.com. However, an attacker can bypas...