Aggregator

CVE-2026-1815 | Turkiye Electricity Transmission Corporation Mobile Application up to 1.12 session expiration (EUVD-2026-31289)

4 weeks ago

A vulnerability categorized as problematic has been discovered in Turkiye Electricity Transmission Corporation Mobile Application up to 1.12. The affected element is an unknown function. Such manipulation leads to session expiration. This vulnerability is referenced as CVE-2026-1815. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

vuldb.com

ConnectWise security advisory (AV26-496)

CCCS - Alerts and advisories

4 weeks ago

Canadian Centre for Cyber Security

Ваш встроенный антивирус решил поработать на хакеров. Пользователи Windows 11 в опасности

Securitylab.ru

4 weeks ago

Главный рубеж обороны внезапно превратился в идеальный инструмент кражи данных.

APT73

Dark Feed IO

4 weeks ago

You must login to view this content

cohenido

Mexican Citizenship Document Service Advertised on Underground Forum

Dark Web Informer - Cyber Threat Intelligence

4 weeks ago

A threat actor is advertising an alleged Mexican citizenship and passport document service, claiming to provide officially verified identity documents through in-person collection at government offices.

Dark Web Informer

Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown

Security Affairs

4 weeks ago

Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented. Apple ‘s annual fraud prevention report for 2025 paints a striking picture of just how much effort goes into keeping the App Store clean. The numbers are significant: more than two million app […]

Pierluigi Paganini

Critical Chrome Vulnerabilities Enable Remote Code Execution Attacks – Patch Now!

Cyber Security News

4 weeks ago

Google has released an urgent security update for Chrome, addressing 16 vulnerabilities including two rated Critical that could allow attackers to execute arbitrary code on affected systems. The Stable channel has been updated to 148.0.7778.178/179 for Windows and Mac, and 148.0.7778.178 for Linux, with the rollout expected to complete over the coming days. Critical Chrome […]

The post Critical Chrome Vulnerabilities Enable Remote Code Execution Attacks – Patch Now! appeared first on Cyber Security News.

Abinaya

CVE-2023-4231 | Cevik Informatics Online Payment System prior 4.09 sql injection

Vuldb Updates

4 weeks ago

A vulnerability classified as critical has been found in Cevik Informatics Online Payment System. Impacted is an unknown function. Performing a manipulation results in sql injection. This vulnerability is known as CVE-2023-4231. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-4661 | Saphira Connect prior 9 sql injection

Vuldb Updates

4 weeks ago

A vulnerability, which was classified as critical, was found in Saphira Connect. This affects an unknown function. The manipulation results in sql injection. This vulnerability was named CVE-2023-4661. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

vuldb.com

CVE-2023-4663 | Saphira Connect prior 9 cross site scripting

Vuldb Updates

4 weeks ago

A vulnerability was found in Saphira Connect. It has been classified as problematic. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in basic cross site scripting. This vulnerability is identified as CVE-2023-4663. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

vuldb.com

CVE-2023-4662 | Saphira Connect prior 9 unnecessary privileges

Vuldb Updates

4 weeks ago

A vulnerability was found in Saphira Connect. It has been declared as very critical. Affected by this issue is some unknown functionality. Executing a manipulation can lead to execution with unnecessary privileges. This vulnerability is tracked as CVE-2023-4662. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-4530 | Advertising Administration Panel 1.0 sql injection

Vuldb Updates

4 weeks ago

A vulnerability identified as critical has been detected in Advertising Administration Panel 1.0. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is traded as CVE-2023-4530. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

vuldb.com

CVE-2023-4406 | KC Group E-Commerce Software up to 20231123 cross site scripting (EUVD-2023-54269)

Vuldb Updates

4 weeks ago

A vulnerability was found in KC Group E-Commerce Software up to 20231123 and classified as problematic. This impacts an unknown function. Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2023-4406. The attack may be performed from remote. There is no available exploit.

vuldb.com

CVE-2023-4541 | Ween Admin Panel up to 20231229 sql injection

Vuldb Updates

4 weeks ago

A vulnerability was found in Ween Admin Panel up to 20231229 and classified as critical. The impacted element is an unknown function. Such manipulation leads to sql injection. This vulnerability is traded as CVE-2023-4541. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2026-23941 | Erlang OTP RFC 9112 httpd_request.erl Content-Length request smuggling (Nessus ID 302363 / WID-SEC-2026-0721)

Vuldb Updates

4 weeks ago

A vulnerability described as problematic has been identified in Erlang OTP. Affected by this issue is some unknown functionality in the library lib/inets/src/http_server/httpd_request.erl of the component RFC 9112. Executing a manipulation of the argument Content-Length can lead to http request smuggling. The identification of this vulnerability is CVE-2026-23941. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

vuldb.com

CVE-2026-23942 | Erlang OTP ssh_sftpd ssh_sftpd.erl path traversal (Nessus ID 302365 / WID-SEC-2026-0721)

Vuldb Updates

4 weeks ago

A vulnerability, which was classified as critical, was found in Erlang OTP. Impacted is an unknown function in the library lib/ssh/src/ssh_sftpd.erl of the component ssh_sftpd. Such manipulation leads to path traversal. This vulnerability is listed as CVE-2026-23942. The attack may be performed from remote. There is no available exploit.

vuldb.com

CVE-2026-23943 | Erlang OTP ssh_transport.erl data amplification (Nessus ID 302364 / WID-SEC-2026-0721)

Vuldb Updates

4 weeks ago

A vulnerability classified as problematic has been found in Erlang OTP. This affects an unknown part in the library lib/ssh/src/ssh_transport.erl. The manipulation leads to highly compressed data. This vulnerability is referenced as CVE-2026-23943. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

vuldb.com

CISA chief frets about open-source vulnerabilities, delayed security improvements

CyberScoop

4 weeks ago

Acting director Nick Andersen’s comments came as a wave of malware attacks hit tech that’s publicly available for collaboration.

The post CISA chief frets about open-source vulnerabilities, delayed security improvements appeared first on CyberScoop.

Tim Starks

50 лет астрономы видели только половину Вселенной. Гигантский телескоп в Андах закроет этот пробел

Securitylab.ru

4 weeks ago

Телескоп AtLAST размером с олимпийский стадион и весом 4400 тонн.

Announcing Claude Compliance API support with Cloudflare CASB

The Cloudflare Blog

4 weeks ago

Cloudflare now integrates with the Claude Compliance API, so that security teams can monitor Claude Enterprise activity directly in the Cloudflare Dashboard.

Abe Carryl

Aggregator

Managed ad