Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-2416: Security Advisory 2023-11

In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment.

CVE
Open in Source
#vulnerability#windows#microsoft#linux#ssrf
Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability

Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian

CVE-2022-2346: Security Advisory 2023-10

In affected versions of Octopus Deploy it is possible for a low privileged guest user to interact with extension endpoints.

CVE-2023-36121: OffSec’s Exploit Database Archive

Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to execute arbitrary code via the description function in the SEO project.

Red Hat Insights Compliance: Introducing new customization options for policies

Maintaining compliance to cybersecurity standards can be a daunting task, but you can mitigate that by using Red Hat Insights. With the latest feature update, the Red Hat Insights Compliance reporting service now allows you to edit the rules in your policies to meet your organization's requirements, giving you visibility and control over your servers. Red Hat Insights is a managed service, included with every Red Hat Enterprise Linux (RHEL) subscription, that continuously analyzes platforms and applications to help you manage your hybrid cloud environment. Red Hat Insights uses predictive a

Joomla JLex Review 6.0.1 Cross Site Scripting

Joomla JLex Review extension version 6.0.1 suffers from a cross site scripting vulnerability.

General Device Manager 2.5.2.2 Buffer Overflow

General Device Manager version 2.5.2.2 suffers from a buffer overflow vulnerability.

CoolAdmin 1.0 SQL Injection

CoolAdmin version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

CVE-2023-4045: Security Vulnerabilities fixed in Firefox ESR 102.14

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.