Crafter CMS Crafter Studio 3.0.1 is affected by: Cross Site Scripting (XSS), whic

Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An

Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows

In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create

In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject

In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists whic

In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unau

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to

In Jingyun Antivirus v2.4.2.39, the driver file (hookbody.sys) allows local users to c

Logic issue EDK II may allow an unauthenticated user to potentially enable denial of

Use after free vulnerability in EDK II may allow an authenticated user to potential

Logic issue in DxeImageVerification-Handler() for EDK II may allow an authenticated us

Integer truncation in EDK II may allow an authenticated user to potentially enable

A user authorized to perform database queries may trigger denial of service by issuing

A user authorized to perform database queries may trigger denial of service by issuing

A user authorized to perform database queries may trigger denial of service by issuing

Integer overflow in DxeImageVerification-Handler() EDK II may allow an authenticated

Uncontrolled resource consumption in EDK II may allow an unauthenticated user to po

Improper authentication in EDK II may allow a privileged user to potentially enable

A flaw was found in Keycloak before version 12.0.0, where it is possible to add un

Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80

Improper access control in Installer for Intel(R) CSME Driver for Windows versio

Subrion CMS 4.2.1 has CSRF in panel/modules/plugin-s/. The attacker can remotely activat

A logic issue was addressed with improved state management. This issue is fixed in mac

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned direct

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including ver

A potential security vulnerability has been identified with HP Integrated Lights-Out

Fraudsters redirected email and web traffic destined for several cryptocurrency tradi

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of

President Trump on Tuesday fired his top election security official Christopher Kre

An increasing number of websites are asking visitors to approve "notifications," brows

Adobe and Microsoft each issued a bevy of updates today to plug critical security ho

It's bad enough that many ransomware gangs now have blogs where they publish data stole

The body of a man found shot inside a burned out vehicle in Canada three years a

Companies hit by ransomware often face a dual threat: Even if they avoid paying th

Two young men from the eastern United States have been hit with identity theft

On Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable so

There is no more effective initial attack vector than phishing. With an ability t

This blog was written by a third party author. The business world is undergoing its

Stories from the SOC is a blog series that describes recent real-world security inc

Although businesses have been tasked with addressing a number of remote assets associated

This blog was written by an independent guest blogger. Even though SecTor had to