CVE-2021-43258
CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through insecure uploads. This requires authenticated access tot he ChurchInfo application. Once authenticated, a...
Panaseer Launches Guidance on Security Controls Ahead of EU’s New Legislation
The cybersecurity monitoring firm offers 18 recommendations on security controls to help organizations anticipate tougher cybersecurity regulations Read More
Meta outlines US involvement in social media disinformation in new report
A report released by Meta’s security team describes the company’s shutdown of a network of Facebook and Instagram accounts participating in what it calls coordinated...
CVE-2022-23740
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. To exploit this...
CVE-2021-35284
SQL Injection vulnerability in function get_user in login_manager.php in rizalafani cms-php v1. Read More
CVE-2009-1143
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath...
CVE-2009-1142
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and...
Hive ransomware has extorted $100 million in 18 months, FBI warns
$100 million. That's the amount of money that the Hive ransomware is thought to have extorted from over 1300 companies around the world, according to...
CISA Updates Guidelines to Increase Resilience of Infrastructure Planning
They expand the framework's scope by adding new resources and tools to support SLTT partners Read More
CVE-2021-35246
The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffic could bypass...