Tag
Tramyardg Autoexpress version 1.3.0 suffers from a persistent cross site scripting vulnerability.
Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles.
Tramyardg Autoexpress version 1.3.0 suffers from a remote SQL injection vulnerability.
Quick.CMS version 6.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
A manager at an unnamed telecommunications company has admitted to SIM swapping his customers.
UPS Network Management Card version 4 suffers from a path traversal vulnerability.
Nokia BMC Log Scanner version 13 suffers from a remote command injection vulnerability.
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website," Netskope Threat Labs
The Red Hat Advanced Cluster Security (RHACS) engineering team is excited to announce the pending release of the latest RHACS version, packed with brand-new features and updates. The team continues to build on the 4.0 major release and RHACS Cloud Service announcements last year with a feature-packed release to kick off 2024. The RHACS 4.4 release will focus on increased consistency of scan results, strengthened security posture management, and more automated security features to alleviate monotonous security tasks.Significant updates include:A new vulnerability scanner termed “Scanner V4”
Plus: The operator of a dark-web cryptocurrency “mixing” service is found guilty, and a US senator reveals that popular safes contain secret backdoors.