Security Flaws in UK Political Party Donation Platforms Exposed
The donation websites of the UK’s seven major political parties are missing critical security features to protect the accounts of donors, according to DataDome Read...
Novel Android Malware Steals Card NFC Data For ATM Withdrawals
ESET claims new NGate Android malware relays NFC data to steal card details for ATM cash-out Read More
Backdoor in Mifare Smart Cards Could Open Doors Around the World
Quarklabs researchers claim millions of contactless key cards could be cloned via a backdoor Read More
ZDI-24-1161: Linux Kernel vmwgfx Driver Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged...
ZDI-24-1162: Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The ZDI has assigned...
ZDI-24-1163: Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The ZDI has assigned...
ZDI-24-1164: Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The ZDI has assigned...
ZDI-24-1165: Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The ZDI has assigned...
ZDI-24-1166: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in...
ZDI-24-1167: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in...