[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
  [ vulnerabilities | tools ]
CISA Advisories
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA and Partners Release Update to BianLian Ransomware Cybersecurity Advisory
2024 CWE Top 25 Most Dangerous Software Weaknesses
Apple Releases Security Updates for Multiple Products
USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication
Mitsubishi Electric MELSEC iQ-F Series
CISA Releases One Industrial Control Systems Advisory
CISA Adds Three Known Exploited Vulnerabilities to Catalog
Siemens SIPORT
Siemens SCALANCE M-800 Family
US-CERT
USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication
CISA and Partners Release Update to BianLian Ransomware Cybersecurity Advisory
CISA Adds Two Known Exploited Vulnerabilities to Catalog
2024 CWE Top 25 Most Dangerous Software Weaknesses
Apple Releases Security Updates for Multiple Products
CISA Releases One Industrial Control Systems Advisory
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Releases Nineteen Industrial Control Systems Advisories
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Palo Alto Networks Emphasizes Hardening Guidance
FullDisclosure
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
4 vulnerabilities in ibmsecurity
32 vulnerabilities in IBM Security Verify Access
xlibre Xnest security advisory & bugfix releases
APPLE-SA-10-29-2024-1 Safari 18.1
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
US CERT Weekly
Vulnerability Summary for the Week of November 11, 2024
Vulnerability Summary for the Week of November 4, 2024
Vulnerability Summary for the Week of October 28, 2024
Vulnerability Summary for the Week of October 21, 2024
Vulnerability Summary for the Week of October 14, 2024
Vulnerability Summary for the Week of October 7, 2024
Vulnerability Summary for the Week of September 30, 2024
Vulnerability Summary for the Week of September 23, 2024
Vulnerability Summary for the Week of September 16, 2024
Vulnerability Summary for the Week of September 9, 2024
Open Source Security
CVE-2024-52067: Apache NiFi: Potential Insertion of Sensitive Parameter Values in Debug Log
[kubernetes] CVE-2024-10220: Arbitrary command execution through gitRepo volume
Local Privilege Escalations in needrestart
Fwd: wget-1.25.0 released [fixes CVE-2024-10524]
CVE-2024-31141: Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
CVE-2024-52318: Apache Tomcat: Incorrect JSP tag recycling leads to XSS
CVE-2024-52317: Apache Tomcat: Request/response mix-up with HTTP/2
CVE-2024-52316: Apache Tomcat: Authentication bypass when using Jakarta Authentication API
Re: shell wildcard expansion (un)safety
Re: PostgreSQL: 4 CVEs fixed in 17.1, 16.5, 15.9, 14.14, 13.17, 12.21
CVEMAP
© 2024 RiskDiscovery | Sponsored by: Deception Logic