Hacking Groups & Hackers
Hacking Groups & Hackers
Latest Cyber News
admin@338 - admin@338 is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Ajax Security Team - Ajax Security Team is a group that has been active since at least 2010 and believed to be operating out of Iran. By 2014 Ajax Security Team transitioned from website defacement operations to malware-based cyber espionage campaigns targeting the US ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
ALLANITE - ALLANITE is a suspected Russian cyber espionage group, that has primarily targeted the electric utility sector within the United States and United Kingdom. The group's tactics and techniques are reportedly similar to Dragonfly, although ALLANITEs ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Andariel - Andariel is a North Korean state-sponsored threat group that has been active since at least 2009. Andariel has primarily focused its operations--which have included destructive attacks--against South Korean government agencies, military ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Aoqin Dragon - Aoqin Dragon is a suspected Chinese cyber espionage threat group that has been active since at least 2013. Aoqin Dragon has primarily targeted government, education, and telecommunication organizations in Australia, Cambodia, Hong Kong, Singapore, ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT-C-36 - APT-C-36 is a suspected South America espionage group that has been active since at least 2018. The group mainly targets Colombian government institutions as well as important corporations in the financial sector, petroleum industry, and professional ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT1 - APT1 is a Chinese threat group that has been attributed to the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department, commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT12 - APT12 is a threat group that has been attributed to China. The group has targeted a variety of victims including but not limited to media outlets, high-tech companies, and multiple governments. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT16 - APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT17 - APT17 is a China-based threat group that has conducted network intrusions against U.S. government entities, the defense industry, law firms, information technology companies, mining companies, and non-government organizations. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT18 - APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT19 - APT19 is a Chinese-based threat group that has targeted a variety of industries, including defense, finance, energy, pharmaceutical, telecommunications, high tech, education, manufacturing, and legal services. In 2017, a phishing campaign was used to ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT28 - APT28 is a threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165. This group has been active since at least 2004.APT28 reportedly compromised ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT29 - APT29 is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR). They have operated since at least 2008, often targeting government networks in Europe and NATO member countries, research institutes, and think tanks. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT3 - APT3 is a China-based threat group that researchers have attributed to China's Ministry of State Security. This group is responsible for the campaigns known as Operation Clandestine Fox, Operation Clandestine Wolf, and Operation Double Tap. As of ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT30 - APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT32 - APT32 is a suspected Vietnam-based threat group that has been active since at least 2014. The group has targeted multiple private sector industries as well as foreign governments, dissidents, and journalists with a strong focus on Southeast Asian ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT33 - APT33 is a suspected Iranian threat group that has carried out operations since at least 2013. The group has targeted organizations across multiple industries in the United States, Saudi Arabia, and South Korea, with a particular interest in the ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT37 - APT37 is a North Korean state-sponsored cyber espionage group that has been active since at least 2012. The group has targeted victims primarily in South Korea, but also in Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and other parts ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT38 - APT38 is a North Korean state-sponsored threat group that specializes in financial cyber operations; it has been attributed to the Reconnaissance General Bureau. Active since at least 2014, APT38 has targeted banks, financial institutions, casinos, ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT39 - APT39 is one of several names for cyber espionage activity conducted by the Iranian Ministry of Intelligence and Security (MOIS) through the front company Rana Intelligence Computing since at least 2014. APT39 has primarily targeted the travel, ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
APT41 - APT41 is a threat group that researchers have assessed as Chinese state-sponsored espionage group that also conducts financially-motivated operations. Active since at least 2012, APT41 has been observed targeting healthcare, telecom, technology, and ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Aquatic Panda - Aquatic Panda is a suspected China-based threat group with a dual mission of intelligence collection and industrial espionage. Active since at least May 2020, Aquatic Panda has primarily targeted entities in the telecommunications, technology, and ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Axiom - Axiom is a suspected Chinese cyber espionage group that has targeted the aerospace, defense, government, manufacturing, and media sectors since at least 2008. Some reporting suggests a degree of overlap between Axiom and Winnti Group but the two ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
BackdoorDiplomacy - BackdoorDiplomacy is a cyber espionage threat group that has been active since at least 2017. BackdoorDiplomacy has targeted Ministries of Foreign Affairs and telecommunication companies in Africa, Europe, the Middle East, and Asia. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
BITTER - BITTER is a suspected South Asian cyber espionage threat group that has been active since at least 2013. BITTER has primarily targeted government, energy, and engineering organizations in Pakistan, China, Bangladesh, and Saudi Arabia. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
BlackOasis - BlackOasis is a Middle Eastern threat group that is believed to be a customer of Gamma Group. The group has shown interest in prominent figures in the United Nations, as well as opposition bloggers, activists, regional news correspondents, and think ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
BlackTech - BlackTech is a suspected Chinese cyber espionage group that has primarily targeted organizations in East Asia--particularly Taiwan, Japan, and Hong Kong--and the US since at least 2013. BlackTech has used a combination of custom malware, dual-use ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Blue Mockingbird - Blue Mockingbird is a cluster of observed activity involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems. The earliest observed Blue Mockingbird tools were created in December 2019. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Bouncing Golf - Bouncing Golf is a cyberespionage campaign targeting Middle Eastern countries. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
BRONZE BUTLER - BRONZE BUTLER is a cyber espionage group with likely Chinese origins that has been active since at least 2008. The group primarily targets Japanese organizations, particularly those in government, biotechnology, electronics manufacturing, and ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Carbanak - Carbanak is a cybercriminal group that has used Carbanak malware to target financial institutions since at least 2013. Carbanak may be linked to groups tracked separately as Cobalt Group and FIN7 that have also used Carbanak malware. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Chimera - Chimera is a suspected China-based threat group that has been active since at least 2018 targeting the semiconductor industry in Taiwan as well as data from the airline industry. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Cleaver - Cleaver is a threat group that has been attributed to Iranian actors and is responsible for activity tracked as Operation Cleaver. Strong circumstantial evidence suggests Cleaver is linked to Threat Group 2889 (TG-2889). ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Cobalt Group - Cobalt Group is a financially motivated threat group that has primarily targeted financial institutions since at least 2016. The group has conducted intrusions to steal money via targeting ATM systems, card processing, payment systems and SWIFT ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Confucius - Confucius is a cyber espionage group that has primarily targeted military personnel, high-profile personalities, business persons, and government organizations in South Asia since at least 2013. Security researchers have noted similarities between ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
CopyKittens - CopyKittens is an Iranian cyber espionage group that has been operating since at least 2013. It has targeted countries including Israel, Saudi Arabia, Turkey, the U.S., Jordan, and Germany. The group is responsible for the campaign known as Operation ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
CURIUM - CURIUM is an Iranian threat group first reported in November 2021 that has invested in building a relationship with potential targets via social media over a period of months to establish trust and confidence before sending malware. Security ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Dark Caracal - Dark Caracal is threat group that has been attributed to the Lebanese General Directorate of General Security (GDGS) and has operated since at least 2012. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Darkhotel - Darkhotel is a suspected South Korean threat group that has targeted victims primarily in East Asia since at least 2004. The group's name is based on cyber espionage operations conducted via hotel Internet networks against traveling executives and ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
DarkHydrus - DarkHydrus is a threat group that has targeted government agencies and educational institutions in the Middle East since at least 2016. The group heavily leverages open-source tools and custom payloads for carrying out attacks. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
DarkVishnya - DarkVishnya is a financially motivated threat actor targeting financial institutions in Eastern Europe. In 2017-2018 the group attacked at least 8 banks in this region. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Deep Panda - Deep Panda is a suspected Chinese threat group known to target many industries, including government, defense, financial, and telecommunications. The intrusion into healthcare company Anthem has been attributed to Deep Panda. This group is also ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Dragonfly - Dragonfly is a cyber espionage group that has been attributed to Russia's Federal Security Service (FSB) Center 16. Active since at least 2010, Dragonfly has targeted defense and aviation companies, government entities, companies related to ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
DragonOK - DragonOK is a threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to have a direct or indirect relationship with the threat group Moafee. It is ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Earth Lusca - Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Elderwood - Elderwood is a suspected Chinese cyber espionage group that was reportedly responsible for the 2009 Google intrusion known as Operation Aurora. The group has targeted defense organizations, supply chain manufacturers, human rights and ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Ember Bear - Ember Bear is a suspected Russian state-sponsored cyber espionage group that has been active since at least March 2021. Ember Bear has primarily focused their operations against Ukraine and Georgia, but has also targeted Western European and North ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Equation - Equation is a sophisticated threat group that employs multiple remote access tools. The group is known to use zero-day exploits and has developed the capability to overwrite the firmware of hard disk drives. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Evilnum - Evilnum is a financially motivated threat group that has been active since at least 2018. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
EXOTIC LILY - EXOTIC LILY is a financially motivated group that has been closely linked with Wizard Spider and the deployment of ransomware including Conti and Diavol. EXOTIC LILY may be acting as an initial access broker for other malicious actors, and has ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Ferocious Kitten - Ferocious Kitten is a threat group that has primarily targeted Persian-speaking individuals in Iran since at least 2015. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
FIN10 - FIN10 is a financially motivated threat group that has targeted organizations in North America since at least 2013 through 2016. The group uses stolen data exfiltrated from victims to extort organizations. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
FIN13 - FIN13 is a financially motivated cyber threat group that has targeted the financial, retail, and hospitality industries in Mexico and Latin America, as early as 2016. FIN13 achieves its objectives by stealing intellectual property, financial data, ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
FIN4 - FIN4 is a financially-motivated threat group that has targeted confidential information related to the public financial market, particularly regarding healthcare and pharmaceutical companies, since at least 2013. FIN4 is unique in that they do not ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
FIN5 - FIN5 is a financially motivated threat group that has targeted personally identifiable information and payment card information. The group has been active since at least 2008 and has targeted the restaurant, gaming, and hotel industries. The group is ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
FIN6 - FIN6 is a cyber crime group that has stolen payment card data and sold it for profit on underground marketplaces. This group has aggressively targeted and compromised point of sale (PoS) systems in the hospitality and retail sectors. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
FIN7 - FIN7 is a financially-motivated threat group that has been active since 2013. FIN7 has primarily targeted the retail, restaurant, hospitality, software, consulting, financial services, medical equipment, cloud services, media, food and beverage, ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
FIN8 - FIN8 is a financially motivated threat group that has been active since at least January 2016, and known for targeting organizations in the hospitality, retail, entertainment, insurance, technology, chemical, and financial sectors. In June 2021, ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Fox Kitten - Fox Kitten is threat actor with a suspected nexus to the Iranian government that has been active since at least 2017 against entities in the Middle East, North Africa, Europe, Australia, and North America. Fox Kitten has targeted multiple industrial ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
GALLIUM - GALLIUM is a cyberespionage group that has been active since at least 2012, primarily targeting telecommunications companies, financial institutions, and government entities in Afghanistan, Australia, Belgium, Cambodia, Malaysia, Mozambique, the ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Gallmaker - Gallmaker is a cyberespionage group that has targeted victims in the Middle East and has been active since at least December 2017. The group has mainly targeted victims in the defense, military, and government sectors. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Gamaredon Group - Gamaredon Group is a suspected Russian cyber espionage threat group that has targeted military, NGO, judiciary, law enforcement, and non-profit organizations in Ukraine since at least 2013. The name Gamaredon Group comes from a misspelling of the ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
GCMAN - GCMAN is a threat group that focuses on targeting banks for the purpose of transferring money to e-currency services. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
GOLD SOUTHFIELD - GOLD SOUTHFIELD is a financially motivated threat group active since at least 2018 that operates the REvil Ransomware-as-a Service (RaaS). GOLD SOUTHFIELD provides backend infrastructure for affiliates recruited on underground forums to perpetrate ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Gorgon Group - Gorgon Group is a threat group consisting of members who are suspected to be Pakistan-based or have other connections to Pakistan. The group has performed a mix of criminal and targeted attacks, including campaigns against government organizations in ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Group5 - Group5 is a threat group with a suspected Iranian nexus, though this attribution is not definite. The group has targeted individuals connected to the Syrian opposition via spearphishing and watering holes, normally using Syrian and Iranian themes. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
HAFNIUM - HAFNIUM is a likely state-sponsored cyber espionage group operating out of China that has been active since at least January 2021. HAFNIUM primarily targets entities in the US across a number of industry sectors, including infectious disease ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
HEXANE - HEXANE is a cyber espionage threat group that has targeted oil & gas, telecommunications, aviation, and internet service provider organizations since at least 2017. Targeted companies have been located in the Middle East and Africa, including ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Higaisa - Higaisa is a threat group suspected to have South Korean origins. Higaisa has targeted government, public, and trade organizations in North Korea; however, they have also carried out attacks in China, Japan, Russia, Poland, and other nations. Higaisa ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Inception - Inception is a cyber espionage group active since at least 2014. The group has targeted multiple industries and governmental entities primarily in Russia, but has also been active in the United States and throughout Europe, Asia, Africa, and the ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
IndigoZebra - IndigoZebra is a suspected Chinese cyber espionage group that has been targeting Central Asian governments since at least 2014. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Indrik Spider - Indrik Spider is a Russia-based cybercriminal group that has been active since at least 2014. Indrik Spider initially started with the Dridex banking Trojan, and then by 2017 they began running ransomware operations using BitPaymer, WastedLocker, and ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Ke3chang - Ke3chang is a threat group attributed to actors operating out of China. Ke3chang has targeted oil, government, diplomatic, military, and NGOs in Central and South America, the Caribbean, Europe, and North America since at least 2010. ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Kimsuky - Kimsuky is a North Korea-based cyber espionage group that has been active since at least 2012. The group initially focused on targeting South Korean government entities, think tanks, and individuals identified as experts in various fields, and ...
11 months ago Attack.mitre.org
11 months ago Attack.mitre.org
Trending Cyber News (last 7 days)
CVE-2024-9832 - There is no limit on the number of failed login attempts permitted with the Clinician Password or the Serial Number Clinician Password. An attacker could execute a brute-force attack to gain unauthorized access to the ventilator, and then make ...
6 days ago Tenable.com
6 days ago Tenable.com
CVE-2024-52409 - Deserialization of Untrusted Data vulnerability in Phan An AJAX Random Posts allows Object Injection.This issue affects AJAX Random Posts: from n/a through 0.3.3. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2023-34049 - The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-6628 - The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.9.9. This is due to missing or incorrect nonce validation when deleting ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-11118 - The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the updatePluginSettings() function. This makes it possible for ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-50983 - FlightPath 7.5 contains a Cross Site Scripting (XSS) vulnerability, which allows authenticated remote attackers with administrative rights to inject arbitrary JavaScript in the web browser of a user by including a malicious payload into the Last Name ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-52867 - guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns (e.g., for setuid and setgid programs) are properly addressed. The vulnerability can be remediated ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2023-0657 - A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data ...
3 days ago Tenable.com
3 days ago Tenable.com
CVE-2024-8856 - The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-10533 - The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function in all versions up to, and including, 3.6.8. This makes it possible for authenticated ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2017-13310 - In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-52876 - Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions (in broadcast mode) via multiple read operations on the ASTM Remote ID (0xFFFA) GATT. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52872 - In Flagsmith before 2.134.1, the get_document endpoint is not correctly protected by permissions. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52397 - Unrestricted Upload of File with Dangerous Type vulnerability in Davor Zeljkovic Convert Docx2post allows Upload a Web Shell to a Web Server.This issue affects Convert Docx2post: from n/a through 1.4. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52415 - Cross-Site Request Forgery (CSRF) vulnerability in Skpstorm SK WP Settings Backup allows Object Injection.This issue affects SK WP Settings Backup: from n/a through 1.0. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52386 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Business Directory Team by RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-9887 - The Login using WordPress Users ( WP as SAML IDP ) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.15.6 due to insufficient escaping on the user supplied parameter and ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-10146 - The Simple File List WordPress plugin before 6.1.13 does not sanitise and escape a generated URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against admins. ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-40408 - Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges. ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-40404 - Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established. ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-10728 - The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-45610 - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-52416 - Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through 2.2. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52408 - Unrestricted Upload of File with Dangerous Type vulnerability in Team PushAssist Push Notifications for WordPress by PushAssist allows Upload a Web Shell to a Web Server.This issue affects Push Notifications for WordPress by PushAssist: from n/a ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52407 - Unrestricted Upload of File with Dangerous Type vulnerability in codeSavory BasePress Migration Tools allows Upload a Web Shell to a Web Server.This issue affects BasePress Migration Tools: from n/a through 1.0.0. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52399 - Unrestricted Upload of File with Dangerous Type vulnerability in Clarisse K. Writer Helper allows Upload a Web Shell to a Web Server.This issue affects Writer Helper: from n/a through 3.1.6. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-10645 - The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’ parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2023-43091 - A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code. ...
3 days ago Tenable.com
3 days ago Tenable.com
CVE-2024-40410 - Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption. ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-40405 - Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request. ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-50956 - A buffer overflow in the RecvSocketData function of Inovance HCPLC_AM401-CPU1608TPTN 21.38.0.0, HCPLC_AM402-CPU1608TPTN 41.38.0.0, and HCPLC_AM403-CPU1608TN 81.38.0.0 allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-52550 - Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2024-10614 - The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, 5.61.0. This makes it possible for authenticated ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-9935 - The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-9192 - The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvr_rate_request_result() function in all versions up to, and ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-8873 - The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.6.9. This makes it possible ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-10147 - The Steel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btn shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-52414 - Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through 5.3.18. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52413 - Deserialization of Untrusted Data vulnerability in DMC Airin Blog allows Object Injection.This issue affects Airin Blog: from n/a through 1.6.1. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52412 - Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This issue affects Xin: from n/a through 1.0.8.1. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52406 - Unrestricted Upload of File with Dangerous Type vulnerability in Wibergs Web CSV to html allows Upload a Web Shell to a Web Server.This issue affects CSV to html: from n/a through 3.04. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52403 - Unrestricted Upload of File with Dangerous Type vulnerability in WPExperts User Management allows Upload a Web Shell to a Web Server.This issue affects User Management: from n/a through 1.1. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-52400 - Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through 1.01. ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-10592 - The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2024-39610 - Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product. ...
6 days ago Tenable.com
6 days ago Tenable.com
CVE-2024-10113 - The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpadcenter_ad shortcode in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output ...
6 days ago Tenable.com
6 days ago Tenable.com
CVE-2024-50564 - Threat actors can gain access to a plain text encryption key that is saved as part of the FortiClient services executable files. Accessing this results in the decryption of sensitive information. ...
6 days ago Tenable.com
6 days ago Tenable.com
CVE-2024-49776 - A negative-size-param in tsMuxer version nightly-2024-04-05-01-53-02 allows attackers to cause Denial of Service (DoS) via a crafted TS video file. ...
6 days ago Tenable.com
6 days ago Tenable.com
CVE-2024-9849 - The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'r3dfb_save_thumbnail_callback' function in all versions up to, ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-9839 - The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before ...
5 days ago Tenable.com
5 days ago Tenable.com