Category: CVSS2 - HIGH
CVE-2023-27992

The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware versions prior to V5.21(AATB.11)C0, and NAS542 firmware ...

Continue Reading

June 19, 2023

CVE-2023-2907

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marksoft allows SQL Injection.This issue affects Marksoft: through Mobile:v.7.1.7 ; Login:1.4 ; AP ...

Continue Reading

June 19, 2023

CVE-2023-2907

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marksoft allows SQL Injection.This issue affects Marksoft: through Mobile:v.7.1.7 ; Login:1.4 ; AP ...

Continue Reading

June 19, 2023

What You Need To Know About The MOVEit

**The MOVEit Vulnerabilities and Latest Exploits. Impact On Governmental Agencies And Large Organizations** Governmental agencies and large organizations around the world are being hit by ransomware a ...

Continue Reading

June 16, 2023

CVE-2023-32754

Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify ...

Continue Reading

June 16, 2023

CVE-2023-32752

L7 Networks InstantScan IS-8000 & InstantQoS IQ-8000’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit t ...

Continue Reading

June 16, 2023

CVE-2023-32753

OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary ...

Continue Reading

June 16, 2023

Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack

[![MOVEit Transfer App](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() Progress Software on Thursday [disclosed]() a third vulne ...

Continue Reading

June 16, 2023

OWASP APIsec Top-10 2023 Is Here | API Security Newsletter

Welcome to our May API newsletter, recapping some of the events of last month. As the old proverb goes, _April showers bring May flowers_ – and this means the bees at the Wallarm hive have been i ...

Continue Reading

June 15, 2023

Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway

[![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() A suspected China-nexus threat actor dubbed **UNC4841** has been linked to t ...

Continue Reading

June 15, 2023

Load more