Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Inf

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Inf

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlie

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Inf

Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into reflecting an arbitrary Origin he

The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecti

Incorrect access control in migla_ajax_functions-.php in the Calmar Webmedia Total Donations plugin throu

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Syn

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authen

A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unau

The LDAP auth backend (airflow.contrib.aut-h.backends.ldap_auth-) prior to Apache Airflow 1.10.1 was misco

The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Adva

In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; Drupal core us

An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in

Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued a

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Securit

A remote code execution vulnerability exists in Xterm.js when the component mishandles special character

An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot B

The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera acces

The TK_set_deviceModel_r-eq_handle function in the cloud communication component in Guardzilla GZ621W dev

The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X-008_1:7.0/NRD90M/U

PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it easier for

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCo

Ártica Soluciones Tecnológicas Integria IMS version 5.0 MR56 Package 58, likely earlie

In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does n

It is possible for a malware application installed on an Android device to send local push notifications

A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Contro

A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and C

Fraud investigators say they've uncovered a sophisticated new breed of credit card skimmers being instal

The U.S. government — along with a number of leading security companies — recently warned about a series

Federal authorities this week arrested a North Carolina man who allegedly ran with a group of online hoo

Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities i

Email provider VFEmail has suffered what the company is calling "catastrophic destruction" at the hands

A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last

Prosecutors in Northern California have charged two men with using unauthorized SIM swaps to steal and e

Godaddy.com, the world's largest domain name registrar, recently addressed an authentication weakness th

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by

The Justice Department has filed criminal charges against three U.S. men accused of swatting, or making

Given you’re here, you’re likely new to this topic, so please be aware in that fileless ma

Cybersecurity has three pillars of people, process, and technology. Enterprises have historically had

New infographic! The full report is here.       

What a wild week it’s been. There have been assaults on researchers (ok, just one that I know of

Security Have and Have-Nots Way back in around the 2010 / 2011 timeframe Wendy Nather coined the phra

Image Source: Pixabay Online trading is on the rise as many consumers take control of their own i

Security information and event management (SIEM) technology is transforming the way IT teams identi

Hello February! I was doing some research last night and was surprised to discover that the Target bre

Threat Actors That Don’t Discriminate When it comes to threat actors and the malware variant

With the constant barrage of headlines regarding breaches in the last few years, it seems that soci