Channel address:
Categories:
News
Language: English
Subscribers:
2.46K
Description from channel
Every day new posts about vulnerabilities and cybersecurity news. Active 24/7
Group: @VulnerabilityNewsGroup
Twitter: @VulnerabilityN
For any question contact @TomRobb
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
1
3 stars
0
2 stars
1
1 stars
1
The latest Messages
2022-08-31 08:42:25
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Published at: August 26, 2022 at 06:15PM
View on website
62 views05:42
2022-08-31 08:42:24
mm-wiki v0.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the markdown editor.
Published at: August 26, 2022 at 03:15PM
View on website
62 views05:42
2022-08-31 08:42:23
mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information.
Published at: August 26, 2022 at 03:15PM
View on website
61 views05:42
2022-08-31 08:42:22
htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php.
Published at: August 26, 2022 at 03:15PM
View on website
60 views05:42
2022-08-31 08:42:21
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.
Published at: August 29, 2022 at 07:15AM
View on website
60 views05:42
2022-08-31 08:42:19
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
Published at: August 29, 2022 at 07:15AM
View on website
57 views05:42
2022-08-31 02:01:58
New ODGen Tool Unearths 180 Zero-Days in Node.js LibrariesRead More
84 views23:01
2022-08-31 01:02:35
Don't Let 'Perfect' Be the Enemy of a Good AppSec ProgramRead More
92 views22:02
2022-08-30 23:53:27
Malicious Chrome Extensions Plague 1.4M UsersRead More
97 views20:53
2022-08-30 23:49:34
IBM Security Identity Manager 6.0 and 6.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 206089
Published at: August 30, 2022 at 09:15PM
View on website
100 views20:49