Get Mystery Box with random crypto!

Vulnerability News

Logo of telegram channel vulnerabilitynews — Vulnerability News V
Logo of telegram channel vulnerabilitynews — Vulnerability News
Channel address: @vulnerabilitynews
Categories: News
Language: English
Subscribers: 2.46K
Description from channel

Every day new posts about vulnerabilities and cybersecurity news. Active 24/7
Group: @VulnerabilityNewsGroup
Twitter: @VulnerabilityN
For any question contact @TomRobb

Ratings & Reviews

2.33

3 reviews

Reviews can be left only by registered users. All reviews are moderated by admins.

5 stars

0

4 stars

1

3 stars

0

2 stars

1

1 stars

1


The latest Messages

2022-08-31 08:42:25 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Published at: August 26, 2022 at 06:15PM
View on website
62 views05:42
Open / Comment
2022-08-31 08:42:24 mm-wiki v0.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the markdown editor.
Published at: August 26, 2022 at 03:15PM
View on website
62 views05:42
Open / Comment
2022-08-31 08:42:23 mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information.
Published at: August 26, 2022 at 03:15PM
View on website
61 views05:42
Open / Comment
2022-08-31 08:42:22 htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php.
Published at: August 26, 2022 at 03:15PM
View on website
60 views05:42
Open / Comment
2022-08-31 08:42:21 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.
Published at: August 29, 2022 at 07:15AM
View on website
60 views05:42
Open / Comment
2022-08-31 08:42:19 Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
Published at: August 29, 2022 at 07:15AM
View on website
57 views05:42
Open / Comment
2022-08-31 02:01:58 New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries
Read More
84 views23:01
Open / Comment
2022-08-31 01:02:35 Don't Let 'Perfect' Be the Enemy of a Good AppSec Program
Read More
92 views22:02
Open / Comment
2022-08-30 23:53:27 Malicious Chrome Extensions Plague 1.4M Users
Read More
97 views20:53
Open / Comment
2022-08-30 23:49:34 IBM Security Identity Manager 6.0 and 6.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 206089
Published at: August 30, 2022 at 09:15PM
View on website
100 views20:49
Open / Comment