Security
Headlines
HeadlinesLatestCVEs

Tag

#google

Tramyardg Autoexpress 1.3.0 Cross Site Scripting

Tramyardg Autoexpress version 1.3.0 suffers from a persistent cross site scripting vulnerability.

Packet Storm
#xss#vulnerability#web#apple#google#ubuntu#linux#apache#js#git#java#php#auth#chrome#webkit
Tramyardg Autoexpress 1.3.0 Authentication Bypass

Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles.

Quick.CMS 6.7 SQL Injection

Quick.CMS version 6.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Store manager admits SIM swapping his customers

A manager at an unnamed telecommunications company has admitted to SIM swapping his customers.

UPS Network Management Card 4 Path Traversal

UPS Network Management Card version 4 suffers from a path traversal vulnerability.

Nokia BMC Log Scanner 13 Command Injection

Nokia BMC Log Scanner version 13 suffers from a remote command injection vulnerability.

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website," Netskope Threat Labs

Red Hat Advanced Cluster Security 4.4: What’s included

The Red Hat Advanced Cluster Security (RHACS) engineering team is excited to announce the pending release of the latest RHACS version, packed with brand-new features and updates. The team continues to build on the 4.0 major release and RHACS Cloud Service announcements last year with a feature-packed release to kick off 2024. The RHACS 4.4 release will focus on increased consistency of scan results, strengthened security posture management, and more automated security features to alleviate monotonous security tasks.Significant updates include:A new vulnerability scanner termed “Scanner V4”

Automakers Are Telling Your Insurance Company How You Really Drive

Plus: The operator of a dark-web cryptocurrency “mixing” service is found guilty, and a US senator reveals that popular safes contain secret backdoors.