EUVD-2022-26998

Malicious code in bioql PyPI...

KLA85303 OSI vulnerability in Microsoft Dynamics

Information disclosure vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2025-49715 Related products Microsoft-Dynamics-365 CVE list CVE-2025-49715 critical Solution Install necessary updates from...

CVE-2024-56800

CVE-2024-56800 – Firecrawl SSRF vulnerability : Firecrawl (OSS) before v1.1.1 is affected by a server-side request forgery that can be triggered by a malicious scrape target redirecting to a local IP, enabling exfiltration of local network resources via the API. The cloud service was patched on 2...

GO-2024-2730 WITHDRAWN: Directory traversal in FilesystemStore in github.com/gorilla/sessions

This report has been withdrawn on the grounds that it generates too many false positives. Session IDs are documented as not being suitable to hold user-provided data. FilesystemStore does not sanitize the Session.ID value, making it vulnerable to directory traversal attacks. If an attacker has...

Mobile Application Security

Our progression into the digital age has notably changed the way we function. Everything from financial management, online purchases, virtual education, to entertainment—has been compacted into the easily-navigatable universe of apps on our handheld devices. This amplified reliance on mobile...

What's New in Customer Identity and Access Management

We all know that the ability to accurately identify, understand, and engage our customers across multiple channels and digital touchpoints is absolutely vital to the digital customer experience and business. This couldn't be more important in the current environment as we continue to move more of...

Apple Clarifies Privacy Policy

Apple’s clarified and repackaged privacy policy is merely the storefront to a company-wide decision to make the safety and integrity of user data a differentiator among large technology companies, experts said. The new privacy policy appeared today filled with practical advice for users, describi...

Dropbox Denies Hack, Says 'Your Stuff is Safe'

Dropbox officials on Monday said that a large cache of usernames and passwords posted online and alleged to have come from the company’s users are not related to Dropbox customer accounts. A spate of media reports reported yesterday that attackers had stolen several million sets of credentials fr...

PHP-Nuke Gallery 1.3 Module - artid SQL Injection

PHP-Nuke Gallery 1.3 Module - artid SQL Injection source: https://www.securityfocus.com/bid/27957/info The Gallery module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...

msie.5.autocomplete.txt

http://abcnews.go.com/sections/tech/DailyNews/iehole990315.html New Web Browser Feature May Put Private Info At Risk Internet Explorer 5.0 users might be vulnerable to hackers if they enter credit cards and other information using the browser's AutoComplete feature. A.Shepherd/ABCNEWS.com By...

Bing Bar CY3 4-5

...