-
CVE-2024-57686 – PHPGurukul Land Record System Cross Site Scripting Vulnerability
CVE ID : CVE-2024-57686 Published : Jan. 10, 2025, 2:15 p.m. | 2 days, 1 hour ago Description : A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the “pagetitle” parameter. Severity: 9.8 | CRITICAL Visit the link for more details,…
-
CVE-2024-41787 – IBM Engineering Requirements Management DOORS Next Remote Code Execution (RCE)
CVE ID : CVE-2024-41787 Published : Jan. 10, 2025, 2:15 p.m. | 2 days, 1 hour ago Description : IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute…
-
TheCyberThrone Security Weekly Review – January 11, 2025
TheCyberThrone Security Weekly Review – January 11, 2025 Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, January 11, 2025.Redis was affected by CV … Read more Published Date: Jan 12, 2025 (2 hours, 1 minute ago) Vulnerabilities has been mentioned in this…
-
Chinese MirrorFace APT targets Japan
Chinese MirrorFace APT targets Japan The MirrorFace Advanced Persistent Threat (APT) group, also known as Earth Kasha, has been linked to a series of cyber-attacks targeting Japan. These attacks have been ongoing since 2019 and have prim … Read more Published Date: Jan 12, 2025 (6 hours, 11 minutes ago) Vulnerabilities has been mentioned in this article.…
-
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two vulnerabili … Read more Published Date: Jan 12, 2025 (7 hours, 4 minutes ago) Vulnerabilities has been mentioned in…
-
CVE-2024-5594 impacts OpenVPN
CVE-2024-5594 impacts OpenVPN CVE-2024-5594 is a critical vulnerability identified in OpenVPN versions prior to 2.6.11. This vulnerability stems from improper sanitization of PUSH_REPLY messages, which allows attackers to inject u … Read more Published Date: Jan 12, 2025 (13 hours, 44 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-12847 CVE-2024-53704 CVE-2024-5594 CVE-2024-54677 CVE-2024-50379 CVE-2024-49415 Go…
-
CVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with 100,000 Active Installations
CVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with 100,000 Active Installations A severe vulnerability has been identified in the GiveWP plugin, one of WordPress’s most widely used tools for online donations and fundraising. Tracked as CVE-2025-22777, the flaw has a CVSS score of … Read more Published Date: Jan 12, 2025 (14 hours, 44 minutes…
-
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
Fake LDAPNightmware exploit on GitHub spreads infostealer malware A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The tact … Read more Published Date: Jan 11, 2025 (1 day ago) Vulnerabilities has been mentioned in this article. CVE-2024-49113 CVE-2024-49112 Go…
-
CVE-2024-49415 : Samsung Android devices Impacted
CVE-2024-49415 : Samsung Android devices Impacted CVE-2024-49415 is a critical vulnerability found in Samsung devices running Android versions 12, 13, and 14. This vulnerability was discovered by researchers from Google Project Zero, a team dedicated … Read more Published Date: Jan 11, 2025 (1 day, 2 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-12847 CVE-2024-53704…
-
CVE-2024-53704 impacts SonicWall
CVE-2024-53704 impacts SonicWall CVE-2024-53704 is a high-severity vulnerability impacting SonicWall’s SSLVPN authentication mechanism. This flaw, with a CVSS score of 8.2, allows remote attackers to bypass authentication and gain un … Read more Published Date: Jan 11, 2025 (1 day, 4 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-12847 CVE-2024-53704 CVE-2024-51741 CVE-2024-46981 CVE-2024-54677 CVE-2024-50379 CVE-2024-38193…