βΌ CVE-2022-28491 βΌ
π Read
via "National Vulnerability Database".
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 contains a command injection vulnerability in the NTPSyncWithHost function via the host_name parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27079 βΌ
π Read
via "National Vulnerability Database".
Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted packageπ Read
via "National Vulnerability Database".
βΌ CVE-2023-23864 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Michael Aronoff Very Simple Google Maps plugin <= 2.8.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28492 βΌ
π Read
via "National Vulnerability Database".
TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote attackers to bypass Login.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23722 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media WP eBay Product Feeds plugin <= 3.3.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22712 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TemplatesNext TemplatesNext ToolKit plugin <= 3.2.7 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22716 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Cross-Site Scripting vulnerability in OOPSpam OOPSpam Anti-Spam plugin <= 1.1.35 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27078 βΌ
π Read
via "National Vulnerability Database".
A command injection issue was found in TP-Link MR3020 v.1_150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27077 βΌ
π Read
via "National Vulnerability Database".
Stack Overflow vulnerability found in 360 D901 allows a remote attacker to cause a Distributed Denial of Service (DDOS) via a crafted HTTP package.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22702 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WPMobile.App WPMobile.App Γ’β¬β Android and iOS Mobile Application plugin <= 11.13 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47589 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in this.Functional CTT Expresso para WooCommerce plugin <= 3.2.11 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28493 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers to start the Telnet service,π Read
via "National Vulnerability Database".
βΌ CVE-2023-28772 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27135 βΌ
π Read
via "National Vulnerability Database".
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22715 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Lester 'GaMerZ' Chan WP-CommentNavi plugin <= 1.12.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23650 βΌ
π Read
via "National Vulnerability Database".
Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in MainWP MainWP Code Snippets Extension plugin <= 4.0.2 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27655 βΌ
π Read
via "National Vulnerability Database".
xpdf v4.04 was discovered to contain a stack overflow in the component pdftotext.π Read
via "National Vulnerability Database".
π΄ MITRE Rolls Out Supply Chain Security Prototype π΄
π Read
via "Dark Reading".
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.π Read
via "Dark Reading".
Dark Reading
MITRE Rolls Out Supply Chain Security Prototype
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.
π΄ Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals π΄
π Read
via "Dark Reading".
Enterprise storage devices have 14 security weaknesses on average, putting them at risk of compromise by cyberattackers and especially ransomware attacks.π Read
via "Dark Reading".
Dark Reading
Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals
Enterprise storage devices have 14 security weaknesses on average, putting them at risk of compromise by cyberattackers and especially ransomware attacks.
π΄ The Board of Directors Will See You Now π΄
π Read
via "Dark Reading".
Help the board understand where the business is vulnerable, where controls end, and where exposure begins.π Read
via "Dark Reading".
Dark Reading
The Board of Directors Will See You Now
Help the board understand where the business is vulnerable, where controls end, and where exposure begins.
β S3 Ep127: When you chop someone out of a photo, but there they are anywayβ¦ β
π Read
via "Naked Security".
Listen now - latest episode. Full transcript inside.π Read
via "Naked Security".
Naked Security
S3 Ep127: When you chop someone out of a photo, but there they are anywayβ¦
Listen now β latest episode. Full transcript inside.