Cybersecurity News & Resources You Need To Assess Current Threats

The Beers & Bytes Podcast

When you're thirsty for cheesy entertainment AND information security, grab a beer and the latest episode of Beers & Bytes. Beers & Bytes Podcast

 
Sorry, no posts found.

All

Latest

CVE Notifications

Popular

CVE-2020-9395

An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2’s 4-way-handshake via a malformed...

CERT Insider Threats

Latest
Loading

Disinformation

Popular

Key Dates for Georgia Runoff

SHARE AND INFORM OTHERS:.fusion-body .fusion-builder-column-0{width:100% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-0 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px...

CERT-Vulnerabilities, National Cyber Awareness

Latest

SANS ISC Bulletins

Latest
Loading

5893 Basic Uncertainty Concepts

This 2-hour webinar provides a very basic introduction to uncertainty calculations and reporting using the 8-step process published in NIST SOP 29 ( NISTIR 6969 ), beginning with some definitions and concepts from the Guide to...

5895 Conducting an Effective Management Review

This 2-hour webinar introduces the Laboratory Management Review process, an important tool to foster communication between top management and laboratory personnel to improve laboratory operations to produce quality calibrations...

5894 Software Verification and Validation Part I & II

Session I (August 1, 2024) and Session II (August 22, 2024) These two 2 hour sessions on Software Verification and Validation will focus on the use of Microsoft Excel in calibration laboratories and examine the ISO/IEC...

TunnelCrack VPN vulnerabilities

Fortinet is aware of a research article named TunnelCrack, published at Usenix [1], which describe the LocalNet and ServerIP attacks. These attacks aim to leak VPN client traffic outside of the protected VPN tunnel when clients...

FISSEA Winter Forum: February 14, 2024

The FISSEA Forums are quarterly meetings to provide opportunities for policy and programmatic updates, the exchange of best practices, and discussion and engagement among members of the Federal Information Security Educators...

CVE-2023-47253

Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.

CVE-2023-38407

bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.

CVE-2023-38406

bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a “flowspec overflow.”

CVE-2023-4699

Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to reset the memory of the...

CVE-2023-42669

A vulnerability was found in Samba’s “rpcecho” development server, a non-Windows RPC server used to test Samba’s DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked...

CVE-2022-47432

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Kemal YAZICI – PluginPress Shortcode IMDB allows SQL Injection.This issue affects Shortcode IMDB: from n/a...

CVE-2022-46860

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in KaizenCoders Short URL allows SQL Injection.This issue affects Short URL: from n/a through 1.6.4.

CVE-2022-47430

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Weblizar The School Management – Education & Learning Management allows SQL Injection.This issue affects The...

CVE-2022-47428

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar,...

CVE-2021-4430

A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6. This affects an unknown part of the file src/defaultConfig.js of the component ENV Variable Handler. The manipulation leads to...

CVE-2022-46849

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Weblizar Coming Soon Page – Responsive Coming Soon & Maintenance Mode allows SQL Injection.This issue...

CVE-2022-45373

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics allows SQL Injection.This issue affects Slimstat Analytics: from n/a...

CVE-2022-47420

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online...

CVE-2023-28794

Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.

CVE-2023-35911

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Creative Solutions Contact Form Generator : Creative form builder for WordPress allows SQL Injection.This issue...

CVE-2023-28748

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in biztechc Copy or Move Comments allows SQL Injection.This issue affects Copy or Move Comments: from n/a through...

CVE-2023-33924

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Felix Welberg SIS Handball allows SQL Injection.This issue affects SIS Handball: from n/a through 1.0.45.

CVE-2023-27605

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Sajjad Hossain WP Reroute Email allows SQL Injection.This issue affects WP Reroute Email: from n/a through...

CVE-2023-21293 (android)

In PackageManagerNative, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no...

CVE-2023-45001

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Castos Seriously Simple Stats allows SQL Injection.This issue affects Seriously Simple Stats: from n/a through...

CVE-2022-20264 (android)

In Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional...

Loading