CVE-2024-1547

Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Fir ...

Continue Reading

February 20, 2024

CVE-2024-25605

The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions gr ...

Continue Reading

February 20, 2024

Insecure Randomness

github.com/greenpau/go-authcrunch is vulnerable to Insecure Randomness. The vulnerability is caused due to using math/rand Golang library with a seed based on the Unix timestamp to generate strings fo ...

Continue Reading

February 20, 2024

JFrog Artifactory < 7.25.4 – Blind SQL Injection Exploit

...Read More ...

Continue Reading

February 20, 2024

CVE-2024-25635

alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, organization owners can view the generated API KEY and USERS of other organization owners using the https://192.168.26. ...

Continue Reading

February 19, 2024

CVE-2024-25636

Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the r ...

Continue Reading

February 19, 2024

XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT

With its widespread use among businesses and individual users, ChatGPT is a prime target for attackers looking to access sensitive information. In this blog post, I'll walk you through my discove ...

Continue Reading

February 19, 2024

JFrog Artifactory SQL Injection

...Read More ...

Continue Reading

February 19, 2024

1 8,465 8,466 8,467 8,468 8,469 9,321

Back to Main
Subscribe for the latest news: