CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
CVE-2024-25286 - RedSys - A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Authorization Method of 3DSecure 2.0
Full Disclosure mailing list archives CVE-2024-25286 - RedSys - A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Authorization Method of 3DSecure 2.0 From: RUBEN LOPEZ HERRERA < ...
-
seclists.org
CVE-2024-25285 - RedSys - 3DSecure 2.0 is vulnerable to form action hijacking
Full Disclosure mailing list archives CVE-2024-25285 - RedSys - 3DSecure 2.0 is vulnerable to form action hijacking From: RUBEN LOPEZ HERRERA <ruben.lopezherrera () telefonica com> Date: Tue, 10 Sep 2 ...
-
seclists.org
CVE-2024-25284 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in the 3DS Authorization Method of 3DSecure 2.0
Full Disclosure mailing list archives CVE-2024-25284 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in the 3DS Authorization Method of 3DSecure 2.0 From: RUBEN LOPEZ HERRERA ...
-
seclists.org
CVE-2024-25283 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities exist in the 3DS Authorization Challenge of 3DSecure 2.0
Full Disclosure mailing list archives CVE-2024-25283 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities exist in the 3DS Authorization Challenge of 3DSecure 2.0 From: RUBEN LOPEZ ...
-
seclists.org
CVE-2024-25282 - RedSys - 3DSecure 2.0 is vulnerable to Cross-Site Scripting (XSS) in its 3DSMethod Authentication
Full Disclosure mailing list archives CVE-2024-25282 - RedSys - 3DSecure 2.0 is vulnerable to Cross-Site Scripting (XSS) in its 3DSMethod Authentication From: RUBEN LOPEZ HERRERA <ruben.lopezherrera ( ...
-
Cybersecurity News
GitLab Issues Critical Security Patch for CVE-2024-6678 (CVSS 9.9), Urges Immediate Update
In a recent security advisory, GitLab announced the release of critical security patches for its Community Edition (CE) and Enterprise Edition (EE). The patches address several vulnerabilities, includ ...
-
Cybersecurity News
CVE-2024-45409 (CVSS 10): Critical Ruby-SAML Flaw Leaves User Accounts Exposed
A critical security vulnerability, CVE-2024-45409, has been identified in the Ruby-SAML library, a widely used tool for implementing SAML (Security Assertion Markup Language) authorization on the clie ...
-
Cybersecurity News
CosmicBeetle’s ScRansom Ransomware: A Growing Threat to European and Asian Businesses
Encryption scheme utilized by the latest ScRansom samples | Image: ESETIn a significant development tracked by ESET researchers, the threat actor known as CosmicBeetle has intensified its ransomware o ...
-
Cybersecurity News
PAN-OS Vulnerabilities: Command Injection (CVE-2024-8686) and GlobalProtect Exposure (CVE-2024-8687)
Palo Alto Networks, a leading cybersecurity solutions provider, has recently released a critical security advisory, urging its customers to take immediate action to address several vulnerabilities dis ...
-
TheCyberThrone
Ivanti fixes critical vulnerability in EPM -CVE-2024-29847
Ivanti fixed a critical vulnerability in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core serverThe vulnerability tracked as CVE-2024-29847 with ...