A vulnerability, which was classified as critical, has been found in Draytek Vigor 3910 4.3.2.6. Affected by this issue is some unknown functionality of the file chglog.cgi. The manipulation of the argument CGIbyFieldName leads to buffer overflow.
Thi…
A vulnerability classified as problematic was found in Technitium 11.5.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to denial of service.
This vulnerability is known as CVE-2023-49203. The attack can be launche…
A vulnerability classified as critical has been found in OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88. Affected is an unknown function of the component EtherNet IP Parser. The manipulation leads to stack-based buffer overflow.
This vulnerabilit…
A vulnerability was found in Guardrails AI up to 0.5.9. It has been rated as very critical. This issue affects some unknown processing of the component XML Handler. The manipulation leads to improper neutralization of directives in dynamically evaluated code (‘eval injection’).
The identification of this vulnerability is CVE-2024-45858. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability was found in Mautic up to 3.3.4/4.1.x. It has been declared as problematic. This vulnerability affects unknown code of the file .htaccess. The manipulation leads to improper validation of specified quantity in input.
This vulnerability…
Scammers are creating fake Walmart virtual shopping lists that look like a contact page for customer service.
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuli…
From personal experience many mobile apps that I’ve tested don’t actively detect and discourage (with a warning) or even block the app from running on/in:
a rooted/jailbroken Android/iOS device
emulated environment
an end-of-life iOS or e…
When I run the command
hydra -l sergeeva_kori -P /home/kali/Desktop/rockyousplit/file00 instagram.com http-get
to crack my own instagram account, it tries some of the passwords and says
1 of 1 target successfully completed, 16 valid pass…
A vulnerability was found in Technitium 11.0.2. It has been classified as problematic. This affects an unknown part of the component DNS Resolver. The manipulation leads to denial of service.
This vulnerability is uniquely identified as CVE-2023-28451…
