Saturday, December 2, 2023

Vulnerability Analysis

PHPFusion Flaw Allows Attackers to Read Critical System Data

On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers.PHPFusion is an open-source content management system (CMS)...

Multiple IBM Sterling Secure Proxy Vulnerabilities Allow Remote Code Execution

Multiple vulnerabilities have been found in IBM Sterling Secure Proxy, mostly related to Denial of Service and Information Disclosure.It also consisted of a code...

NCSC Warns of Specific Vulnerabilities in AI Models Like ChatGPT

A large language model (LLM) is a deep learning AI model or system that understands, generates, and predicts text-based content, often associated with generative...

Multiple Splunk Enterprise Flaws Let Attackers Execute Arbitrary Code

Splunk Enterprise has multiple vulnerabilities that can lead to Cross-site Scripting (XSS), Denial of Service (DoS), Remote code execution, Privilege Escalation, and Path Traversal....

Multiple Flaws in ArubaOS Switches Let Attackers Execute Remote Code

Multiple vulnerabilities have been identified in ArubaOS-Switch Switches, specifically pertaining to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory corruption.Aruba...

Hackers Can Exploit Skype Vulnerability to Find User IP Address

Hackers can now capture your IP address and expose your physical location by sending a Skype link, even if you don't click it.An IP...

GroundPeony Group Exploiting Zero-day Flaw to Attack Government Agencies

A cyber attack group - GroundPeony, targeting the Taiwanese government, was discovered in March 2023; it used several tactics, such as tampering with legitimate...

Ford Cars WiFi Vulnerability Let Attackers Execute Remote Code

Ford recently identified a buffer overflow flaw in the Wi-Fi driver used by it in the SYNC 3 infotainment system. After the discovery, Ford...

Email Spoofing Tool to Detect Open Relay Configured Public Mail Servers

Cybercriminals use Email spoofing methods to deliver forged emails to recipients. the email servers that are available publically available can be used for Email...

Oracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM

Oracle has released a list of security patches for more than 130+ products. These products were used in several industries, including banking, communication, enterprise,...

Managed WAF protection


Recent Articles