-
CVE-2025-22376 – Apache Net::OAuth Client Nonce Generation Vulnerability
CVE ID : CVE-2025-22376 Published : Jan. 3, 2025, 10:15 p.m. | 12 hours, 8 minutes ago Description : In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong. Severity: 9.8 | CRITICAL Visit the link for more details,…
-
CVE-2024-10932 – WordPress Backup Migration PHP Object Injection Vulnerability
CVE ID : CVE-2024-10932 Published : Jan. 4, 2025, 8:15 a.m. | 2 hours, 8 minutes ago Description : The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.6 via deserialization of untrusted input in the ‘recursive_unserialize_replace’ function. This makes it possible for unauthenticated attackers to inject…
-
CVE-2024-13129 – “Roxy-WI OS Command Injection Vulnerability”
CVE ID : CVE-2024-13129 Published : Jan. 3, 2025, 10:15 p.m. | 12 hours, 8 minutes ago Description : A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by this vulnerability is the function action_service of the file app/modules/roxywi/roxy.py. The manipulation of the argument action/service leads to os command injection.…
-
ESET’s Warning: Windows 10 Users Urged to Switch to 11 or Linux
ESET’s Warning: Windows 10 Users Urged to Switch to 11 or Linux With millions of German computers still running the soon-to-be-obsolete Windows 10, and a worryingly low adoption rate of Windows 11, ESET warns of a cybersecurity risk unless users take immediate act … Read more Published Date: Jan 04, 2025 (8 hours, 9 minutes ago) Vulnerabilities…
-
Thousands of Buggy BeyondTrust Systems Remain Exposed
Thousands of Buggy BeyondTrust Systems Remain Exposed Source: artpartner-images.com via Alamy Stock PhotoA remarkable number of BeyondTrust instances remain connected to the Internet, despite dire warnings Chinese state-sponsored threat actors are active … Read more Published Date: Jan 03, 2025 (11 hours, 41 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-12356 Go to Source