Aggregator

A vulnerability was found in Pixman up to 0.42.1. It has been declared as critical. Affected by this vulnerability is the function rasterize_edges_8 of the component libpixman. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2022-44638. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Hyperion Infrastructure Technology 11.2.6.0. It has been declared as critical. This vulnerability affects unknown code of the component libpng. The manipulation leads to denial of service. This vulnerability was named CVE-2019-7317. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Oracle Hospitality Cruise Shipboard Property Management System 20.1.0. This issue affects some unknown processing of the component jQuery. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2020-11022. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle Hyperion Planning 11.1.2.4/11.2.6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component jQuery. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2019-11358. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Java SE 8u301. It has been rated as critical. This issue affects some unknown processing of the component Deployment. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2021-35560. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Oracle Java SE 7u311/8u301. Affected is an unknown function of the component Hotspot. The manipulation leads to denial of service. This vulnerability is traded as CVE-2021-35588. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in bludit 3.13.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Login. The manipulation of the argument Username leads to cross site scripting. This vulnerability is handled as CVE-2021-35323. The attack may be launched remotely. Furthermore, there is an exploit available.

苹果遭评级下调，市值被微软超越；英伟达 CEO 黄仁勋 2025 财年薪酬达 4990 万美元；《GTA 6》跳票，彭博社记者称早已注定，玩家直呼「好歹来张截图」

A vulnerability classified as problematic has been found in Template CMS up to 2.1.1. This affects an unknown part of the file admin/index.php. The manipulation of the argument themes_editor leads to cross site scripting. This vulnerability is uniquely identified as CVE-2012-4901. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in Automated Logic WebCTRL and WebCTRL OEM up to 6.5. This affects an unknown part of the component Login Portal. The manipulation of the argument operatorlocale leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-31682. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in jQuery-UI up to 1.12.x. Affected is an unknown function of the component Datepicker Widget. The manipulation of the argument altField leads to cross site scripting. This vulnerability is traded as CVE-2021-41182. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in jQuery-UI up to 1.12.x. Affected by this vulnerability is an unknown functionality of the component Datepicker Widget. The manipulation of the argument *Text leads to cross site scripting. This vulnerability is known as CVE-2021-41183. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in jQuery-UI up to 1.12.x. Affected by this issue is the function position. The manipulation of the argument of leads to cross site scripting. This vulnerability is handled as CVE-2021-41184. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

TeamsPhisher TeamsPhisher is a Python3 program that facilitates the delivery of phishing messages and attachments to Microsoft Teams users whose organizations allow external communications. It is not ordinarily possible to send files to Teams...

The post TeamsPhisher: Send phishing messages and attachments to Microsoft Teams users appeared first on Penetration Testing Tools.

Damn Vulnerable RESTaurant An intentionally vulnerable API service designed for learning and training purposes dedicated to developers, ethical hackers, and security engineers. The idea of the project is to provide an environment that can...

The post Damn Vulnerable RESTaurant: An intentionally vulnerable Web API game for learning and training appeared first on Penetration Testing Tools.

DragonForce ransomware group is targeting major UK retailers. Learn about this evolving threat and what steps can be taken to mitigate risk.

The post DragonForce Ransomware Gang | From Hacktivists to High Street Extortionists appeared first on SentinelOne.

Currently trending CVE - Hype Score: 9 - SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, ...