1.6 C
Johannesburg

CVE-2020-15034

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter. Read more

CVE-2019-8250

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability....

CVE-2019-8251

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability....

CVE-2019-8066

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability....

CVE-2019-20418

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to prevent users from accessing the instance via an Application Denial of Service vulnerability in the /rendering/wiki...

AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

Original release date: July 1, 2020 | Last revised: July 2, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK...

Verizon Media, PayPal, Twitter Top Bug-Bounty Rankings

Verizon Media has paid nearly $10 million to ethical hackers via HackerOne's platform. Read more

Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores

Adobe and payment-card companies are making last-minute pleas for e-commerce sites to update to Magento 2, to avoid Magecart attacks and more. Read more

Critical CODESYS Bug Allows Remote Code Execution

CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit. Read more

AA20-049A: Ransomware Impacting Pipeline Operations

Original release date: February 18, 2020 | Last revised: June 30, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE...

Latest article

Bugtraq: LPE and RCE in OpenSMTPD’s default install (CVE-2020-8794)

LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) Read more

Online Shopping Portal 3.1 SQL Injection

Online Shopping Portal version 3.1 suffers from a remote SQL injection vulnerability. Read more

CVE-2020-15034

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter....