Risk Discovery

	[ News \| Blogs \| Reddits \| Lists \| Media \| ? ] HoneyDB
	[ vulnerabilities \| tools ]

Bugtraq

CISA Current Activity

#StopRansomware: Cuba Ransomware

CISA Releases Three Industrial Control Systems Advisories

CISA Releases Seven Industrial Control Systems Advisories

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Eight Industrial Control Systems Advisories

CISA, NSA, and ODNI Release Guidance for Customers on Securing the Software Supply Chain

#StopRansomware: Hive

CISA Releases Two Industrial Control Systems Advisories

Cisco Releases Security Updates for Identity Services Engine

Samba Releases Security Updates

CVEMAP [ Powered by cxsecurity.com ]

Medium CVE-2022-36728: Library management system project Library management system

Low CVE-2021-30071: Hestiacp Hestiacp

Low CVE-2022-36880: Webmin Usermin

Medium CVE-2022-29286: Pexip Pexip infinity

Medium CVE-2022-26352: Dotcms Dotcms

Low CVE-2022-27932: Pexip Pexip infinity

Medium CVE-2022-27931: Pexip Pexip infinity

Medium CVE-2022-27929: Pexip Pexip infinity

Medium CVE-2022-27928: Pexip Pexip infinity

Medium CVE-2022-27937: Pexip Pexip infinity

Latest security vulnerabilities Apache Tomcat

Latest security vulnerabilities Modsecurity Modsecurity

Full Disclosure

Drupal H5P Module <= 2.0.0 (isValidPackage) Zip Slip Vulnerability

CyberDanube Security Research 20221124-0 | Authenticated Command Injection Hirschmann BAT-C2

Exploiting an N-day vBulletin PHP Object Injection Vulnerability

Win32.Ransom.Conti / Crypto Logic Flaw

Ransomware Deception Tactics Part 1

Trojan.Win32.DarkNeuron.gen / Named Pipe Null DACL

Backdoor.Win32.Autocrat.b / Weak Hardcoded Credentials

Backdoor.Win32.Serman.a / Unauthenticated Open Proxy

Open-Xchange Security Advisory 2022-11-24

[CVE-2022-33942] Intel Data Center Manager Console <= 4.1.1.45749 ”UserMgmtHandler" Authentication Logic Error Leading to Authentication Bypass

CISA Bulletins

Vulnerability Summary for the Week of November 21, 2022

Vulnerability Summary for the Week of November 14, 2022

Vulnerability Summary for the Week of November 7, 2022

Vulnerability Summary for the Week of October 31, 2022

Vulnerability Summary for the Week of October 24, 2022

Latest security vulnerabilities Apple Iphone Os

Latest security vulnerabilities PHP PHP

Open Source Security

CVE-2021-37533: Apache Commons Net's FTP client trusts the host from PASV response by default

CVE-2022-46366: Apache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted input

Re: Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328)

Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328)

Security sensitive bug in the i915 kernel driver (CVE-2022-4139)

Re: CVE-2022-46146 in Prometheus' exporter toolkit: bypass basic authentication

CVE-2022-44635: Apache Fineract allowed an authenticated user to perform remote code execution due to path traversal

Re: CVE-2022-46146 in Prometheus' exporter toolkit: bypass basic authentication

CVE-2022-46146 in Prometheus' exporter toolkit: bypass basic authentication

CVE-2022-26885: Apache DolphinScheduler config file read by task risk

Microsoft Sec Notification

Latest security vulnerabilities Google Android

Latest security vulnerabilities Linux Linux Kernel