Severity Medium Analysis Summary CVE-2023-4919 CVSS:6.4 iframe plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker […]

Severity Medium Analysis Summary CVE-2023-33840 CVSS:4.7 IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in […]

Severity Medium Analysis Summary CVE-2023-43045 CVSS:5.9 IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to […]

Severity Medium Analysis Summary CVE-2023-46288 Apache Airflow could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when “non-sensitive-only” configuration is set. […]

Severity High Analysis Summary Racoon gathers private data such as credit card numbers, cryptocurrency wallet addresses, login passwords, and browser information like cookies and history. It […]

Severity High Analysis Summary Redline Stealer is a type of malware that is used to steal sensitive information from infected systems. The malware was first discovered […]

Severity Medium Analysis Summary CVE-2023-36409 Microsoft Edge (Chromium-based) could allow a remote attacker to obtain sensitive information. By sending a specially crafted request, an attacker could […]

Severity High Analysis Summary The North Korean APT group Lazarus (aka Hidden Cobra) has been detected using trojanized Virtual Network Computing (VNC) app versions to lure […]

Severity High Analysis Summary Taiwan’s networking equipment manufacturer D-Link has recently confirmed a data breach linked to a phishing attack that resulted in stolen data from […]