CVE-2020-26007
An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file....
Vulnerability Analysis
A vulnerability is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat...
Developer sabotages own npm module prompting open-source supply chain security questions
The developer of a popular JavaScript component hosted on the npm repository decided to protest Russia's invasion of Ukraine by adding code to his own...
dotnet3.1-3.1.417-1.fc34
FEDORA-2022-d28042f559 Packages in this update: dotnet3.1-3.1.417-1.fc34 Update description: This is the March 2022 update for .NET Core 3.1: SDK 3.1.417 and Runtime 3.1.23 Release notes:...
dotnet3.1-3.1.417-1.fc35
FEDORA-2022-5ecee47acb Packages in this update: dotnet3.1-3.1.417-1.fc35 Update description: This is the March 2022 update for .NET Core 3.1: SDK 3.1.417 and Runtime 3.1.23 Release notes:...
dotnet3.1-3.1.417-1.fc36
FEDORA-2022-9e046f579a Packages in this update: dotnet3.1-3.1.417-1.fc36 Update description: This is the March 2022 update for .NET Core 3.1: SDK 3.1.417 and Runtime 3.1.23 Release notes:...
Friday Squid Blogging: The Costs of Unregulated Squid Fishing
Greenpeace has published a report, “Squids in the Spotlight,” on the extent and externalities of global squid fishing. News article. As usual, you can also...
New Rootkit Used by UNC2891 for ATM Money Heist
FortiGuard Labs is aware of a report that a threat actor known as UNC2891 used a previously unknown rootkit to capture banking card and PIN...
CVE-2020-25197
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version...
CVE-2020-25193
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers...