Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Paradox Security Systems IPR512 Denial Of Service

Paradox Security Systems version IPR512 suffers from a denial of service vulnerability.

Packet Storm
Open in Source
#vulnerability#web#windows#apple#google#dos#auth#chrome#webkit
Palo Alto Cortex XSOAR 6.5.0 Cross Site Scripting

Palo Alto Cortex XSOAR version 6.5.0 suffers from a persistent cross site scripting vulnerability.

CVE-2023-1969: bug_report/SQLi-1.md at main · Gear-D/bug_report

A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file /admin/inventory/manage_stock.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225406 is the identifier assigned to this vulnerability.

CVE-2022-41976: Scada-LTS

An privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile.

CVE-2021-45985: Lua: bugs

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) that could lead to the execution of privileged commands

How to Create a Mobile Application for Android OS Step by Step?

By Owais Sultan Android OS is available on 3.3 billion devices in 190 countries across the globe, making Android app development… This is a post from HackRead.com Read the original post: How to Create a Mobile Application for Android OS Step by Step?

Threat Roundup for March 31 to April 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 31 and April 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

CVE-2023-27810: H3C Magic R100 was discovered stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm - HackMD

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

CVE-2023-27805: H3C Magic R100 was discovered stack overflow via the EditSTList interface at /goform/aspForm - HackMD

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.