An unauthorized access vulnerability exists in versions 4.0.0 to 4.2.7 of Joomla!, a world-renowned content management system. The vulnerability is due to a faulty access check in the affected version ...
Continue Reading
February 22, 2023
## _How to deal with the next open-source vulnerability using custom scripts_ A critical vulnerability in Apacheâs Log4j Java-based logging utility (CVE-2021-44228) was previously referred to as ...
Continue Reading
February 22, 2023
A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS) allows attackers to compromise user accounts via a bruteforce attack.Read More ...
Continue Reading
February 22, 2023
Hosting and domain name company GoDaddy [says it believes]() a "sophisticated threat actor group" has been subjecting the company to a multi-year attack campaign, the most recent of which occurred in ...
Continue Reading
February 22, 2023
The 2023 Imperva Global DDoS Threat Landscape Report reviews DDoS attack activity throughout 2022, provides insights into the yearâs most noteworthy DDoS events, and offers recommendations for th ...
Continue Reading
February 21, 2023
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.Read More ...
Continue Reading
February 20, 2023
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.Read More ...
Continue Reading
February 20, 2023
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3325 advisory. - AES OCB mode for 32-bit x86 platforms using the AES-NI assemb ...
Continue Reading
February 20, 2023
Back to Main
