CVE-2020-4556
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by...
Tick APT Group Hacked East Asian DLP Software Firm
The hacker breached the DLP company's internal update servers to deliver malware within its network Read More
“FakeCalls” Android Malware Targets Financial Firms in South Korea
CPR discovered 2500 samples of the malware, impersonating 20 financial institutions in the region Read More
Humans Still More Effective Than ChatGPT at Phishing
The research paper by HoxHunt analyzed 53,127 emails sent to users in over 100 countries Read More
Drupal core – Moderately critical – Access bypass – SA-CORE-2023-004
Project: Drupal core Date: 2023-March-15 Security risk: Moderately critical 14∕25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon Vulnerability: Access bypass Affected versions: <7.95 || >=8.0.0 <9.4.12 || >=9.5.0 <9.5.5 || >=10.0.0...
Drupal core – Moderately critical – Information Disclosure – SA-CORE-2023-003
Project: Drupal core Date: 2023-March-15 Security risk: Moderately critical 13∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon Vulnerability: Information Disclosure Affected versions: >=8.0.0 <9.4.12 || >=9.5.0 <9.5.5 || >=10.0.0 <10.0.5 Description: ...
Drupal core – Moderately critical – Information Disclosure – SA-CORE-2023-002
Project: Drupal core Date: 2023-March-15 Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default Vulnerability: Information Disclosure Affected versions: >=8.0.0 <9.4.12 || >=9.5.0 <9.5.5 || >=10.0.0 <10.0.5 Description: ...
USN-5957-1: LibreCAD vulnerabilities
Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to...
Microsoft Patch Tuesday, March 2023 Edition
Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already...
USN-5956-1: PHPMailer vulnerabilities
Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could...