CVE-2021-33420
A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object. Read More
CVE-2020-36607
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag. Read More
CVE-2020-24855
Directory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request. Read More
CVE-2020-21219
Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the...
CVE-2020-20589
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag. Read More
CVE-2020-20588
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php. Read...
Senate Approves Bill Banning TikTok From US Government Devices
The bill still needs to receive approval from the US House of Representatives Read More
Microsoft approved and digitally-signed malicious drivers used in ransomware attacks
Microsoft has warned that malicious hackers were able to get the software giant to digitally sign their code so it could be used in attacks,...
NSA, CISA Warn Against Threats to 5G Network Slicing
Improper network slice management may enable attackers to access data from different network slices Read More
Loan Scam Campaign ‘MoneyMonger’ Exploits Flutter to Hide Malware
Zimperium said the code was part of an existing campaign previously discovered by K7 Security Labs Read More