CVE-2020-36670

Read Time:22 Second

The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and including 7.7.1 due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber level permissions and above to invoke these functions which can be used to perform actions like modify form submission records, deleting files, sending test emails, modifying plugin settings, and more.

gimp-2.10.38-12.fc40

FEDORA-2024-ccdbd92d7b Packages in this update: gimp-2.10.38-12.fc40 Update description: This update fixes issues with loading TGA and XCF files. Read More

December 31, 2024

Multiple vulnerabilities in CTFd versions <= 3.7.4

Posted by Blazej Adamczyk on Dec 30 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Multiple vulnerabilities in CTFd versions <= 3.7.4 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1 General information ═════════════════════......

December 31, 2024

IBMi Navigator / CVE-2024-51464 / HTTP Security Token Bypass

Posted by hyp3rlinx on Dec 30 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_HTTP_Security_Token_Bypass-CVE-2024-51464.txt [+] x.com/hyp3rlinx...

December 31, 2024

IBMi Navigator / CVE-2024-51463 / Server Side Request Forgery (SSRF)

Posted by hyp3rlinx on Dec 30 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_Server_Side_Request_Forgery_CVE-2024-51463.txt [+] x.com/hyp3rlinx...

December 31, 2024

PAN-OS Firewall Denial of Service (DoS) Vulnerability

What is the Vulnerability?Attackers are exploiting, a Denial-of-Service vulnerability (CVE-2024-3393) in the DNS Security feature of Palo Alto Networks PAN-OS....

December 31, 2024

golang-github-git-5-5.13.0-1.fc42

FEDORA-2024-ac5e7f9952 Packages in this update: golang-github-git-5-5.13.0-1.fc42 Update description: Automatic update for golang-github-git-5-5.13.0-1.fc42. Changelog * Tue Dec 31 2024 Mikel Olasagasti...

December 31, 2024

Gift Card Fraud

U.S. Army Soldier Arrested in AT&T, Verizon Extortions

Salt Typhoon’s Reach Continues to Grow

Majority of UK SMEs Lack Cybersecurity Policy

Happy 15th Anniversary, KrebsOnSecurity!

CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration

Casino Players Using Hidden Cameras for Cheating

Friday Squid Blogging: Squid on Pizza

Scams Based on Fake Google Emails

gimp-2.10.38-12.fc40

Multiple vulnerabilities in CTFd versions <= 3.7.4

IBMi Navigator / CVE-2024-51464 / HTTP Security Token Bypass

IBMi Navigator / CVE-2024-51463 / Server Side Request Forgery (SSRF)

PAN-OS Firewall Denial of Service (DoS) Vulnerability

golang-github-git-5-5.13.0-1.fc42