MFA bombing taken to the next level
Cybercriminals have taken MFA bombing to the next level by calling victims of an attack from a spoofed Apple Support number.
Cybercriminals have taken MFA bombing to the next level by calling victims of an attack from a spoofed Apple Support number.
A vulnerability, which was classified as critical, was found in Tenda AC15V1.0 15.03.20_multi. Affected is the function doSystemCmd of the file /goform/setUsbUnload. The manipulation of the argument deviceName leads to command injection.
This vulnerab…
A vulnerability, which was classified as critical, has been found in Stilog Visual Planning 8. This issue affects some unknown processing of the component Administrative API Token Handler. The manipulation leads to improper authentication.
The identif…
A vulnerability classified as problematic was found in Winter CMS 1.2.3. This vulnerability affects unknown code of the component CMS Pages Field/Plugin. The manipulation leads to injection.
This vulnerability was named CVE-2024-29686. The attack can …
A vulnerability classified as critical has been found in workos authkit-nextjs up to 0.4.1. This affects an unknown part. The manipulation of the argument x-workos-session leads to authentication bypass by capture-replay.
This vulnerability is uniquel…
A vulnerability was found in electron packager 18.3.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Environment Variable Handler. The manipulation of the argument environment leads to transmission of private resources into a new sphere (‘resource leak’).
This vulnerability is handled as CVE-2024-29900. The attack may be launched remotely. There is no exploit available.
A vulnerability was found in CodeIgniter4 up to 4.4.6. It has been declared as critical. Affected by this vulnerability is the function Language. The manipulation leads to infinite loop.
This vulnerability is known as CVE-2024-29904. The attack can be…
A vulnerability was found in Molongui Plugin up to 4.7.7 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to authorization bypass.
This vulnerability is traded as CVE-2024-30507. It is possib…
A vulnerability was found in Vsourz Digital All In One Redirection Plugin up to 2.2.0 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting.
The identification of this vu…
A vulnerability has been found in Andy Moyle Church Admin Plugin up to 4.1.18 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Authorization Handler. The manipulation leads to missing authorization.
…