Severity Medium Analysis Summary CVE-2023-50774 CVSS:8.8 Jenkins HTMLResource Plugin is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated […]

Severity Medium Analysis Summary CVE-2023-50766 CVSS:7.1 Jenkins Nexus Platform Plugin is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an […]

Severity High Analysis Summary CVE-2023-41314 Apache Doris is vulnerable to a denial of service, caused by improper authenticated validation by the /api/snapshot and /api/get_log_file APIs. By […]

Severity Low Analysis Summary CVE-2023-30867 CVSS:5.4 Apache StreamPark (incubating) is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could […]

Severity High Analysis Summary CVE-2023-46750 Apache Shiro could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability when “form” authentication is […]

Severity High Analysis Summary CVE-2023-50089 Netgear WNR2000v4 could allow a remote attacker to execute arbitrary commands on the system, caused by command injection vulnerability. By sending […]

Severity High Analysis Summary MongoDB recently published a warning that its corporate systems were breached in a cyberattack and their customer data was exposed which was […]

Severity Medium Analysis Summary SolarMarker, known as Jupyter or Yellow Cockatoo, is a sophisticated infostealer malware that emerged in early 2021. It spreads through phishing emails […]

Severity High Analysis Summary Microsoft has identified a resurgence of the QakBot malware in a low-volume phishing campaign targeting the hospitality industry. This revival comes more […]