Aggregator

Website Security / VulnerabilityCybersecurity researchers have disclosed a critical security flaw

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H severity vulnerability discovered by 'Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.7 AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2024-08-22, 70 days ago. The vendor is given until 2024-12-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5. "On GitHub Enterprise Server instances that use SAML single sign-on (SSO)

Enterprise Software / VulnerabilityGitHub has released fixes to address a set of three security fl

戳我立即查看

Database Security / CryptocurrencyCybersecurity researchers have unpacked a new malware strain dub

Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. "Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report. "