Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Joomla VirtueMart Shopping-Cart 4.0.12 Cross Site Scripting

Joomla VirtueMart Shopping-Cart extension version 4.0.12 suffers from a cross site scripting vulnerability.

Packet Storm
Open in Source
#sql#xss#vulnerability#web#windows#auth#ssh
Joomla HikaShop 4.7.4 Cross Site Scripting

Joomla HikaShop extension version 4.7.4 suffers from a cross site scripting vulnerability.

WordPress Page Builder KingComposer 2.8.1 Cross Site Scripting

WordPress Page Builder KingComposer plugin version 2.8.1 suffers from a cross site scripting vulnerability.

WordPress Duplicator 3.8.7 Backup Disclosure

WordPress Duplicator plugin version 3.8.7 appears to leave backups in a world accessible directory under the document root.

Red Hat Security Advisory 2023-4256-01

Red Hat Security Advisory 2023-4256-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique

The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code on compromised assets. "They are still heavily focused on Latin American

What might authentication attacks look like in a phishing-resistant future?

The industry has come a long way in terms of improving how we make user authentication more secure. From the most basic concept of relying on usernames and passwords for authentication to enabling multi-factor authentication (MFA) for additional security, we are now embracing a shift toward passwordless logins and/or

Critical Flaws Exposed Microsoft Message Queuing Service to DoS Attacks

By Deeba Ahmed Researchers at the AI-powered Security solutions provider, FortiGuard Labs, have been monitoring Microsoft Message Queuing (MSMQ) service for… This is a post from HackRead.com Read the original post: Critical Flaws Exposed Microsoft Message Queuing Service to DoS Attacks

RHSA-2023:4256: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversin...