CVE-2026-25758

creationtimestamp| type| source ---|---|--- 2026-02-05 13:49:28+00:00| published-proof-of-concept| https://github.com/spree/spree/security/advisories/GHSA-87fh-rc96-6fr6 2026-03-06 20:09:04+00:00| seen|...

Packet Fence 15.0.0

PacketFence is a network access control NAC system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration...

EUVD-2018-17950

Malware in sbrugna...

EUVD-2008-6855

Malware in sbrugna...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 7, 2025 to April 13, 2025)

In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. Last week, there were 352 vulnerabilities disclosed in 310 WordPress...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 3, 2025 to March 9, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 10, 2025 to February 16 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

PT-2024-7362

Name of the Vulnerable Software and Affected Versions: Spring Framework versions prior to 5.3.41 Spring Framework versions prior to 6.0.25 Spring Framework versions prior to 6.1.14 Confluence Data Center and Server versions 3.0 through 9.1.0 Confluence Data Center and Server version 9.1 Bitbucket...

Simplifying Azure Cloud Security with Snapshot-Based Scans

As organizations increasingly move to the cloud, securing these dynamic and transient environments has become a critical challenge for security teams. Cloud deployments are inherently more fluid than traditional infrastructure, with resources constantly being spun up, modified, or decommissioned...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 26, 2024 to September 1, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with =1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024, researchers c...

Top Security Posture Vulnerabilities Revealed

Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It's the nature of the field – the speed at which malicious actors carry out advanced persistent threats brings a constant, evolving battle for cyber resilience. The excitement in...

7 Cyber Security Tips for SMBs

When the headlines focus on breaches of large enterprises like the Optus breach, it's easy for smaller businesses to think they're not a target for hackers. Surely, they're not worth the time or effort? Unfortunately, when it comes to cyber security, size doesn't matter. Assuming you're not a...

4 Steps the Financial Industry Can Take to Cope With Their Growing Attack Surface

The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobile banking apps, chat-based customer service, and other digital tools. Adobe's 2022 FIS Trends Report, for instance, found that more than half of th...

Moving to AWS Lambda? Here’s what you need to know.

Serverless computing is transforming the way organizations build, ship, automate and scale applications. With no need to worry about infrastructure or who’s going to manage it, developers are free to focus on application development and innovation. The payoffs can be significant: Faster time to...

ThreatMapper - Identify Vulnerabilities In Running Containers, Images, Hosts And Repositories

The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud native workload protection platform, released as a community edition. This community edition empowers the users with following features: 1. Visualization: Visualize kubernetes clusters, virtual machines, containers and images,...

The HOW, WHY, and HUH? Blog on Disputes

As you may know, performing vulnerability scans is a requirement for PCI DSS compliance. One of those specific requirements, described in section 11.2.2, states that quarterly external scanning must be done by a qualified Approved Scanning Vendor. Coalfire just so happens to be an ASV, so if you...

Open Source Network Access Control: PacketFence

PacketFence is a fully supported, trusted, Free and Open Source network access control NAC system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices,...

GDPR Is Here: Web App Security Is a Must

With web and mobile apps becoming a preferred vector for data breaches, organizations must include application security in their plans for complying with the EU’s General Data Protection Regulation GDPR. GDPR went into effect in May, imposing strict requirements on millions of businesses worldwid...

Penetration Testing Requirements for GDPR

We get lots of people asking us what it is they need to have tested as a requirement for GDPR Compliance, so I've put this together to provide some clarity. This post is NOT a definitive guide to the General Data Protection Regulations. It is however, helpful, real world advice about what you...

CVE-2018-6189

CVE-2018-6189 affects F-Secure Radar (on-premises) prior to 2018-02-15, enabling a cross-site scripting (XSS) vulnerability via the Tags parameter in the JSON body of an outbound request to /api/latest/vulnerabilityscans/tags/batch. The issue is described as a “suggested metadata tags for assets”...