ZDI-24-1458: Centreon updateContactServiceCommands_MC SQL Injection Privilege Escalation Vulnerability

Unsafe eval() in TestRail CLI

Posted by Devin Cook on Nov 06 This is not a very exciting vulnerability, but I had already publicly disclosed...

November 7, 2024

A Vulnerability in Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Could Allow for Remote Code Execution

A vulnerability has been discovered in Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point that could allow...

November 6, 2024

USN-7088-3: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A...

November 6, 2024

ZDI-24-1460: Centreon updateContactHostCommands_MC SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability....

November 6, 2024

ZDI-24-1459: Centreon updateAccessGroupLinks_MC SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability....

November 6, 2024

ZDI-24-1457: Delta Electronics InfraSuite Device Master _gExtraInfo Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is...

November 6, 2024

Smashing Security podcast #392: Pasta spies and private eyes, and are you applying for a ghost job?

Cyber-Attack on Microlise Disrupts DHL and Serco Tracking Services

IRISSCON: Organizations Still Falling Victim to Predictable Cyber-Attacks

Winos4.0 Malware Found in Game Apps, Targets Windows Users

Massive Nigerian Cybercrime Bust Sees 130 Arrested

IoT Devices in Password-Spraying Botnet

Google Cloud to Mandate Multifactor Authentication by 2025

Snowflake Hacking Suspect Arrested in Canada

Global Operation Takes Down 22,000 Malicious IPs

ZDI-24-1458: Centreon updateContactServiceCommands_MC SQL Injection Privilege Escalation Vulnerability

Unsafe eval() in TestRail CLI

A Vulnerability in Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Could Allow for Remote Code Execution

USN-7088-3: Linux kernel vulnerabilities

ZDI-24-1460: Centreon updateContactHostCommands_MC SQL Injection Privilege Escalation Vulnerability

ZDI-24-1459: Centreon updateAccessGroupLinks_MC SQL Injection Privilege Escalation Vulnerability

ZDI-24-1457: Delta Electronics InfraSuite Device Master _gExtraInfo Deserialization of Untrusted Data Remote Code Execution Vulnerability