Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Easy Web Portal 2.1.1 Cross Site Scripting

Easy Web Portal version 2.1.1 suffers from a cross site scripting vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#web#windows#google#php#auth#firefox
Easy Password Manager 1.1 Information Disclosure

Easy Password Manager version 1.1 suffers from an administrative information disclosure vulnerability.

Easy Member Pro 3.0 Insecure Direct Object Reference

Easy Member Pro version 3.0 suffers from an insecure direct object reference vulnerability.

CVE-2023-3937: Snow Globe Community

Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser

New SystemBC Malware Variant Targets South African Power Company

An unknown threat actor has been linked to a cyber attack on a power generation company in South Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. "The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a South African nation's critical infrastructure," Kurt Baumgartner, principal security researcher at

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-38180 (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It

CVE-2023-34355

Uncontrolled search path element for some Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-25773

Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-28385

Improper authorization in the Intel(R) NUC Pro Software Suite for Windows before version 2.0.0.9 may allow a privileged user to potentially enable escalation of privilage via local access.