If the government truly wants to protect the US's most vital assets, it must rethink its cybersecurity policies and prioritize proactive, coordinated, and enforceable measures.
Microsoft Power Pages Leak Millions of Private Records
Less-experienced users of Microsoft's website building platform may not understand all the implications of the access controls in its low- or no-code environment.
NA - CVE-2024-5083 - A stored Cross-site Scripting vulnerability has...
A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1.
NA - CVE-2024-5082 - A Remote Code Execution vulnerability has been...
A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2. This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1.
NA - CVE-2023-34049 - The Salt-SSH pre-flight option copies the...
The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and...
NA - CVE-2024-10146 - The Simple File List WordPress plugin before...
The Simple File List WordPress plugin before 6.1.13 does not sanitise and escape a generated URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could...
NA - CVE-2024-9186 - The Recover WooCommerce Cart Abandonment,...
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin before 3.3.0 does not sanitize and escape the bwfan-track-id parameter...
NA - CVE-2024-7787 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows...
