Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Simple Laboratory Management System 1.0 SQL Injection

Simple Laboratory Management System version 1.0 suffers from a remote time-based SQL injection vulnerability.

Packet Storm
Open in Source
#sql#vulnerability#web#windows#git#php#auth#firefox
Azon Dominator Affiliate Marketing Script SQL Injection

Azon Dominator Affiliate Marketing Script suffers from a remote SQL injection vulnerability.

WordPress WPCode Lite 2.1.14 Cross Site Scripting

WordPress WPCode Lite plugin version 2.1.14 suffers from a persistent cross site scripting vulnerability.

Xhibiter NFT Marketplace 1.10.2 SQL Injection

Xhibiter NFT Marketplace version 1.10.2 suffers from a remote SQL injection vulnerability.

Customer Support System 1.0 Cross Site Scripting

Customer Support System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to Ahmed Abba in November of 2020.

Red Hat Security Advisory 2024-4200-03

Red Hat Security Advisory 2024-4200-03 - An update for libreswan is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-4179-03

Red Hat Security Advisory 2024-4179-03 - An update for pki-core is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.

CapraRAT Spyware Disguised as Popular Apps Threatens Android Users

The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections from any of the client

Juniper Networks Releases Critical Security Update for Routers

Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. “An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor