#vulnerability

Online Bus Ticket Booking Website version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Nipah Virus Testing Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Ubuntu Security Notice 7017-1 - Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service.

Ubuntu Security Notice 7016-1 - Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service.

Membership Management System version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

HYSCALE System version 1.9 suffers from add administrator and cross site request forgery vulnerabilities.

Furniture Master version 2 suffers from a remote SQL injection vulnerability.

Food Ordering and Table Reservation System for Restaurants version 1.0 suffers from an ignored default credential vulnerability.

Beauty Parlour and Saloon Management System version 1.1 suffers from an ignored default credential vulnerability.

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN. The activity cluster is being tracked by Google-owned Mandiant under the moniker UNC2970, which it said overlaps with a threat group known as TEMP.Hermit, which is