#ios

Multi Store Inventory Management System version 1.0 suffers from an insecure direct object reference vulnerability.

While the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy is essential for all three types. There are six core types of testing that every security professional should know about to secure their applications, regardless of what phase they are in in development or deployment. In this article, we will

Although there was a decrease in BEC engagements from last quarter, it was still a major threat for the second quarter in a row.

Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the name ConfusedFunction. "An attacker could escalate their privileges to the Default Cloud Build Service Account and

The good news: Only organizations far behind on standard Windows patching have anything to worry about.

SIM Wisuda version 1.0 suffers from an insecure direct object reference vulnerability.

Gentoo Linux Security Advisory 202407-26 - A vulnerability has been discovered in Dmidecode, which can lead to privilege escalation. Versions greater than or equal to 3.5 are affected.

Webdenim AppUI version 1.0 suffers from an insecure direct object reference vulnerability.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below - CVE-2012-4792 (CVSS score: 9.3) - Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2024-39891 (CVSS score: 5.3) - Twilio Authy Information Disclosure

LMS ZAI version 6.1 suffers from an ignored default credential vulnerability.