Aggregator

A vulnerability was found in Shortcodes Blocks Creator Ultimate Plugin up to 2.2.0 on WordPress. It has been classified as problematic. This affects the function _wpnonce of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-12167. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. This affects an unknown part of the file updateQuestion.php. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2024-4918. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft Internet Explorer 4.0/5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component DHTML Edit ActiveX Control. The manipulation leads to improper privilege management. This vulnerability is known as CVE-1999-0487. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in WonderCMS 3.1.3. It has been classified as problematic. This affects an unknown part of the component Page Description. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2020-29233. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A security vulnerability in Nagios XI 2024R1.2.2, tracked as CVE-2024-54961, has been disclosed, allowing unauthenticated attackers to retrieve sensitive user information, including usernames and email addresses, from the network monitoring platform. This high-severity flaw (CVSSv3 score: 6.5) exposes organizations to heightened risks of phishing campaigns, credential-stuffing attacks, and lateral movement within compromised networks. Technical Breakdown […]

The post Nagios XI Flaw Exposes User Details and Emails to Unauthenticated Attackers” appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ubiquiti Networks has issued an urgent security advisory (Bulletin 046) warning of multiple critical vulnerabilities in its UniFi Protect camera ecosystem, including a high-severity remote code execution (RCE) flaw that could allow attackers to hijack devices and infiltrate network infrastructure. The vulnerabilities, discovered during the Pwn2Own 2025 hacking competition, affect UniFi Protect Cameras (firmware v4.74.88 […]

The post Critical UniFi Protect Camera Vulnerability Enables Remote Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Chinese threat actor Salt Typhoon used JumbledPath, a custom-built utility, to gain access to a remote Cisco device, said the network provider

地球上的生命演化持续受到来自地表及宇宙射线辐射的影响。邻近地球的超新星爆发可能会使地表接收的辐射强度提高好几个数量级，对生命演化产生深远影响。超新星爆发会将放射性铁-60 传播到地球。研究人员发现，距今约 200 至 300 万年前，一颗邻近地球的恒星产生超新星爆发，释放出放射性铁-60。而根据一项针对非洲东非裂谷湖泊病毒多样性的研究显示，该区域的病毒在约 250 万年前经历了显著的多样性变化。虽然目前无法直接证实这两者之间的关联，但它们出现在相同的时间，研究团队认为值得关注。

A critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF), has exposed enterprise cloud infrastructures to denial-of-service (DoS) attacks. Designated as CVE-2024-50608 and CVE-2024-50609, these vulnerabilities—scoring 8.9 on the CVSS v3.1 severity scale—stem from improper handling of HTTP headers in the […]

The post Critical Vulnerability in Fluent Bit Exposes Cloud Services to Potential Cyber Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

2025资产配置进行中......

2025资产配置进行中......

2025资产配置进行中......

2025资产配置进行中......

2025资产配置进行中......

Chrome and Mozilla release security fixes, latest Darcula PhaaS spoofs any brand, and GRU-linked actors exploit Signal feature for RCE.

The post The Good, the Bad and the Ugly in Cybersecurity – Week 8 appeared first on SentinelOne.