CVE-2023-1424 : MITSUBISHI ELECTRIC MELSEC IQ-F PACKETS BUFFER OVERFLOW
Description Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU
CVE-2023-2845 : CLOUDEXPLORER-LITE UP TO 1.0.X ACCESS CONTROL
Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE
What Is A Zero Day Attack? How To Prevent A Zero Day Attack?
A zero-day attack is a type of cyber-attack that exploits an unknown vulnerability in software, hardware, or firmware. These attacks
CVE-2023-32336 : IBM INFOSPHERE INFORMATION SERVER 11.7 RMI SERVICE DESERIALIZATION
Description IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an
What Is Denial Of Inventory (DoI)?
Denial of Inventory (DoI) is a type of cyber attack that is used to disrupt or shut down a business’s
CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION
Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running
What Is Meant By Credential Stuffing?
In today’s digital age, cybersecurity threats are a constant concern for individuals and businesses alike. One such threat is credential
What Is Cashing Out? How Can Such Illicit Activities Be Prevented?
Cashing out is a serious security threat that can cause significant financial harm to individuals and business organizations alike. It
What Is Carding? What Are The Methods Used By Attackers For Carding?
Carding is an automated attack that involves the process of using stolen credit card information to make fraudulent purchases or
CVE-2023-1834 : ROCKWELL AUTOMATION KINETIX 5500 7.13 TELNET/FTP ACCESS CONTROL
Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running
CVE-2023-2645 : USR USR-G806 1.0.41 WEB MANAGEMENT PAGE USERNAME/PASSWORD HARD-CODED PASSWORD
Description A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of
What Is Card Cracking?
Card cracking is a type of automated threat identified by the OWASP organization that has become increasingly prevalent in the
CVE-2023-24941 : MICROSOFT WINDOWS NETWORK FILE SYSTEM REMOTE CODE EXECUTION
Description Windows Network File System Remote Code Execution Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24941 For More Information MITRE
CVE-2023-2583 : JSREPORT UP TO 3.11.2 CODE INJECTION
Description Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3. References https://huntr.dev/bounties/397ea68d-1e28-44ff-b830-c8883d067d96 https://github.com/jsreport/jsreport/commit/afaff3804b34b38e959f5ae65f9e672088de13d7 For More Information MITRE
CVE-2023-2564 : SBS20 SCANSERVJS PRIOR 2.27.0 OS COMMAND INJECTION
Description OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0. References https://huntr.dev/bounties/d13113ad-a107-416b-acc1-01e4c16ec461 https://github.com/sbs20/scanservjs/commit/d51fd52c1569813990b8f74e64ae6979c665dca1 For More Information MITRE
What Is CAPTCHA Defeat? What Can Be Done To Prevent Automated CAPTCHA Defeat?
What is CAPTCHA? CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a technology that was
CVE-2023-25826 : OPENTSDB TAG VALIDATION OS COMMAND INJECTION
Description Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted
CVE-2023-2479 : APPIUM DESKTOP PRIOR 1.22.3-4 OS COMMAND INJECTION
Description OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4. References https://huntr.dev/bounties/fbdeec3c-d197-4a68-a547-7f93fb9594b4 https://github.com/appium/appium-desktop/commit/12a988aa08b9822e97056a09486c9bebb3aad8fe For More Information MITRE
CVE-2023-22919 : ZYXEL NBG-6604 1.01(ABIR.0)C0 HTTP REQUEST OS COMMAND INJECTION
Description The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute
What Is Ad Fraud?
What Is Ad Fraud? Ad fraud is a type of automated threat identified by the OWASP organization that has become
What Do You Mean By Inadequate Logging And Monitoring?
What is Logging and Monitoring? In the world of cybersecurity, logging and monitoring play a critical role in protecting organizations
CVE-2022-41736 : IBM SPECTRUM SCALE CONTAINER NATIVE STORAGE ACCESS UP TO 5.1.6.0 LOCAL PRIVILEGE ESCALATION
Description IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 contains an unspecified vulnerability that could allow a local
CVE-2023-1968 : ILLUMINA UNIVERSAL COPY SERVICE 2.X BINDING TO AN UNRESTRICTED IP ADDRESS
Description Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated
CVE-2023-30846 : MICROSOFT TYPED-REST-CLIENT UP TO 1.7.3 INSUFFICIENTLY PROTECTED CREDENTIALS
Description typed-rest-client is a library for Node Rest and Http Clients with typings for use with TypeScript. Users of the