integratus systems

Exchange Platform Services

 
  • Join Now-Sign Up
  • Log In
Category : Uncategorized

Six Things You Always Wanted to Know about Security Intelligence but Were Afraid to Ask

Clear answers to practical questions about Security Intelligence:   What is Security Intelligence and why does it matter today? How […]

  • Blog
  • Editor Paper Extracts
  • Editor Picks Articles
  • Editor Picks Maps
  • Editor Picks Reports
  • IS Competitive Intelligence Briefings
  • IS Intelligence Work Group
  • IS Partners
  • IS Projects Work Group
  • IS Reports
  • IS Security Work Group
  • IS Working Group Briefings
  • Uncategorized

IS Security Alerts Advisories

  • 93.04324
    Newly Added (1)Android/FakeWallet.KV!trModified (2)Android/Agent.MGV!trAndroid/Agent.MHV!tr ... read more
  • CVE-2024-10762 | lunary-ai lunary up to 1.5.8 Delete Request /v1/evaluators/ authorization
    A vulnerability, which was classified as problematic, has been found in lunary-ai lunary up to 1.5.8. Affected by this issue is some unknown functionality of the file /v1/evaluators/ of the ... read more
  • CVE-2007-1458 | CARE2X config_options_mascot.php root_path privileges management (EDB-3472 / XFDB-32981)
    A vulnerability, which was classified as critical, has been found in CARE2X. Affected by this issue is some unknown functionality of the file main/config_options_mascot.php. The manipulation of the argument root_path ... read more
  • CVE-2012-6069 | 3s-software CODESYS Runtime System 2.3.9.8 Listener path traversal (ID 42396 / BID-56300)
    A vulnerability was found in 3s-software CODESYS Runtime System 2.3.9.8 and classified as problematic. This issue affects some unknown processing of the component Listener. The manipulation leads to path traversal. ... read more
  • CVE-2014-0769 | Festo CECX-X-M1 Modular Controller improper authentication (XFDB-92893 / SBV-48477)
    A vulnerability was found in Festo CECX-X-M1 Modular Controller. It has been classified as problematic. This affects an unknown part. The manipulation leads to improper authentication. This vulnerability is uniquely ... read more
  • CVE-2014-0760 | Festo CECX-X-M1 Modular Controller improper authentication (XFDB-92892 / SBV-47322)
    A vulnerability was found in Festo CECX-X-M1 Modular Controller and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper authentication. This vulnerability is ... read more
  • CVE-2022-31631 | PHP up to 8.0.26/8.1.14/8.2.1 SQLite Driver sqlite_driver.c PDO::quote integer overflow (Bug 81740 / Nessus ID 234513)
    A vulnerability was found in PHP up to 8.0.26/8.1.14/8.2.1. It has been classified as critical. Affected is the function PDO::quote of the file ext/pdo_sqlite/sqlite_driver.c of the component SQLite Driver. The ... read more
  • CVE-2023-4104 | Mozilla VPN Client 2.14.1 on Linux vpndaemon improper authentication
    A vulnerability classified as critical was found in Mozilla VPN Client 2.14.1 on Linux. Affected by this vulnerability is an unknown functionality of the component vpndaemon. The manipulation leads to ... read more
  • CVE-2024-10273 | lunary-ai lunary up to 1.5.6 PATCH Endpoint privileges management
    A vulnerability classified as critical was found in lunary-ai lunary up to 1.5.6. This vulnerability affects unknown code of the component PATCH Endpoint. The manipulation leads to improper privilege management. ... read more
  • CVE-2024-10274 | lunary-ai lunary up to 1.5.6 Organization /users/me/org improper authorization
    A vulnerability, which was classified as critical, has been found in lunary-ai lunary up to 1.5.6. This issue affects some unknown processing of the file /users/me/org of the component Organization ... read more
  • CVE-2024-10275 | lunary-ai lunary up to 1.5.6 RBAC access control
    A vulnerability, which was classified as critical, was found in lunary-ai lunary up to 1.5.6. Affected is an unknown function of the component RBAC. The manipulation leads to improper access ... read more
  • CVE-2024-10330 | lunary-ai lunary up to 1.5.6 /v1/evaluators/ access control
    A vulnerability has been found in lunary-ai lunary up to 1.5.6 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /v1/evaluators/. The manipulation leads ... read more
  • Navigating Heightened Cyber Risks from Iranian Threats
    Recent geopolitical tensions have undeniably elevated the global cybersecurity risk landscape. While we haven't yet observed a widespread surge in direct Iranian cyberattacks, the potential for increased cyber operations from ... read more
  • CVE-2025-53195 | JetEngine Plugin up to 3.7.0 on WordPress cross site scripting
    A vulnerability was found in JetEngine Plugin up to 3.7.0 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to ... read more
  • CVE-2025-53316 | wp-gdpr-cookie-consen Plugin up to 1.0.0 on WordPress cross-site request forgery
    A vulnerability was found in wp-gdpr-cookie-consen Plugin up to 1.0.0 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. ... read more
  • Cisco Services and Support Demos at Cisco Live: A Recap!
    Look back at the Cisco Customer Experience team’s services demos from Cisco Live 2025. ... read more
  • 93.04323
    Newly Added (1)Android/Agent.HRO!tr ... read more
  • CVE-2025-53195 | JetEngine Plugin bis 3.7.0 auf WordPress Cross Site Scripting
    In JetEngine Plugin bis 3.7.0 für WordPress wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht näher bekannte Funktion. Durch Beeinflussen mit unbekannten Daten kann eine Cross Site Scripting-Schwachstelle ... read more
  • CVE-2025-53316 | wp-gdpr-cookie-consen Plugin bis 1.0.0 auf WordPress Cross Site Request Forgery
    Es wurde eine problematische Schwachstelle in wp-gdpr-cookie-consen Plugin bis 1.0.0 für WordPress ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf. Durch das Beeinflussen mit unbekannten Daten kann eine Cross Site Request ... read more
  • CVE-2025-34092 | Google Chrome 127.x/128.x AppBound chrome.exe improper authentication
    A vulnerability was found in Google Chrome 127.x/128.x and classified as critical. This issue affects some unknown processing of the file chrome.exe of the component AppBound. The manipulation leads to ... read more
  • Multiples vulnérabilités dans les produits Trend Micro (27 juin 2025)
    De multiples vulnérabilités ont été découvertes dans les produits Trend Micro. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de ... read more
  • 93.04116
    Modified (7)Adware/Pircob!AndroidAndroid/Agent.COK!tr.spyAndroid/Agent.DMH!tr.spyAndroid/Agent.MST!trAndroid/Hiddad.AYE!trAndroid/Vapor.C!trRiskware/Application!Android ... read more
  • Multiples vulnérabilités dans ClamAV (19 juin 2025)
    De multiples vulnérabilités ont été découvertes dans ClamAV ClamAV. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à ... read more
  • Multiple vulnerabilities in RICOH Streamline NX PC Client
    RICOH Streamline NX PC Client provided by Ricoh Company, Ltd. contains multiple vulnerabilities. ... read more
  • 93.03850
    Newly Added (1)Android/NGate.S!trModified (3)Adware/Agent!AndroidAdware/SpyLoan!AndroidAndroid/KillFiles.QL!tr ... read more
  • CVE-2025-4863 | Advaya Softech GEMS ERP Portal 2.1 studentLogin.action userId sql injection
    A vulnerability, which was classified as critical, was found in Advaya Softech GEMS ERP Portal 2.1. This affects an unknown part of the file /studentLogin/studentLogin.action. The manipulation of the argument ... read more
  • CVE-2022-4363 | Wholesale Market Plugin prior 2.2.2 on WordPress Setting cross-site request forgery
    A vulnerability, which was classified as problematic, has been found in Wholesale Market Plugin and Wholesale Market for WooCommerce Plugin on WordPress. Affected by this issue is some unknown functionality ... read more
  • CVE-2025-47945 | donetick up to 0.1.43 JSON Web Token variable initialization (GHSA-hjjg-vw4j-986x)
    A vulnerability was found in donetick up to 0.1.43. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component JSON Web Token Handler. ... read more
  • CVE-2025-47786 | Emlog 2.5.13 /admin/comment.php perpage_num cross site scripting (GHSA-82qc-9vg7-2c6c)
    A vulnerability classified as problematic has been found in Emlog 2.5.13. Affected is an unknown function of the file /admin/comment.php. The manipulation of the argument perpage_num leads to cross site ... read more
  • CVE-2025-47785 | Emlog up to 2.5.9 admin/article_save.php origContent sql injection (GHSA-939m-47f7-m559)
    A vulnerability has been found in Emlog up to 2.5.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/article_save.php. The manipulation of the ... read more
  • CVE-2025-2203 | FunnelKit Plugin up to 3.10.1 on WordPress sql injection (EUVD-2025-15210)
    A vulnerability classified as critical has been found in FunnelKit Plugin up to 3.10.1 on WordPress. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is ... read more
  • CVE-2025-4871 | PCMan FTP Server 2.0.7 REST Command buffer overflow
    A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component REST Command Handler. The manipulation leads ... read more
  • CVE-2025-4866 | weibocom rill-flow 0.1.18 Management Console code injection (Issue 102)
    A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical. Affected is an unknown function of the component Management Console. The manipulation leads to code injection. ... read more
  • CVE-2025-32407 | Samsung Internet for Galaxy Watch 5.0.9 TLS Certificate channel accessible (EUVD-2025-15549)
    A vulnerability classified as problematic was found in Samsung Internet for Galaxy Watch 5.0.9. Affected by this vulnerability is an unknown functionality of the component TLS Certificate Handler. The manipulation ... read more
  • CVE-2025-4872 | FreeFloat FTP Server 1.0 CCC Command buffer overflow
    A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component CCC Command Handler. The manipulation leads to buffer ... read more
  • CVE-2025-4190 | CSV Mass Importer Plugin up to 1.2 on WordPress unrestricted upload (EUVD-2025-15569)
    A vulnerability was found in CSV Mass Importer Plugin up to 1.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation ... read more
  • CVE-2025-48187 | infiniflow ragflow up to 0.18.1 excessive authentication (EUVD-2025-15586)
    A vulnerability was found in infiniflow ragflow up to 0.18.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper restriction ... read more
  • CVE-2025-47273 | pypa setuptools up to 78.1.0 PackageIndex path traversal (ID 4946 / EUVD-2025-15591)
    A vulnerability, which was classified as critical, has been found in pypa setuptools up to 78.1.0. Affected by this issue is some unknown functionality of the component PackageIndex. The manipulation ... read more
  • CVE-2025-1454 | Ninja Pages Plugin up to 1.4.2 on WordPress Admin Settings cross site scripting
    A vulnerability was found in Ninja Pages Plugin up to 1.4.2 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Admin Settings. ... read more
  • 93.03849
    Modified (7)Adware/Agent!AndroidAndroid/Agent.EHJ!tr.spyAndroid/Agent.FBE!trAndroid/Agent.FJL!trAndroid/Banker.CNB!tr.spyAndroid/KillFiles.QL!trAndroid/KillFiles.QM!tr ... read more
  • ISC Stormcast For Friday, June 13th, 2025 https://isc.sans.edu/podcastdetail/9492, (Fri, Jun 13th)
    ... read more
  • 93.03848
    Newly Added (1)Android/KillFiles.YL!trModified (16)Adware/Fyben!AndroidAdware/Keylogger!AndroidAdware/SpyLoan!AndroidAndroid/Agent.DUU!tr.spyAndroid/Agent.EHJ!tr.spyAndroid/Agent.EIG!tr.spyAndroid/Agent.FJL!trAndroid/Agent.JZJ!trAndroid/Banker.BGB!tr.spyAndroid/Banker.CHE!tr.spyAndroid/Banker.DOJ!tr.spyAndroid/GriftHorse.B!trAndroid/KillFiles.BS!trAndroid/KreditSpy.S!tr.spyRiskware/Application!AndroidRiskware/Spamtool!Android ... read more
  • SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;
    Automated Tools to Assist with DShield Honeypot Investigations https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypot%20Investigations%20%5BGuest%20Diary%5D/32038 EchoLeak: Zero-Click Microsoft 365 Copilot Data Leak Microsoft fixed a vulnerability in Copilot that could have been abused to exfiltrate data ... read more
  • CVE-2025-1791 | Zorlan SkyCaiji 2.9 Tool.php fileAction save_data unrestricted upload
    A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads ... read more
  • CVE-2025-45238 | FoxCMS 1.2.5 delRestoreSerie denial of service
    A vulnerability was found in FoxCMS 1.2.5. It has been rated as problematic. This issue affects the function delRestoreSerie. The manipulation leads to denial of service. The identification of this ... read more
  • CVE-2025-45240 | FoxCMS 1.2.5 DataBackup.php executeCommand sql injection (EUVD-2025-13452)
    A vulnerability, which was classified as critical, was found in FoxCMS 1.2.5. This affects the function executeCommand of the file DataBackup.php. The manipulation leads to sql injection. This vulnerability is ... read more
  • CVE-2025-45239 | FoxCMS 2.0.6 Restore DataBackup.php path traversal
    A vulnerability, which was classified as critical, was found in FoxCMS 2.0.6. Affected is an unknown function of the file DataBackup.php of the component Restore Handler. The manipulation leads to ... read more
  • CVE-2025-48797 | GIMP TGA Image Parser Pufferüberlauf
    In GIMP wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht näher bekannte Funktion der Komponente TGA Image Parser. Durch Beeinflussen mit unbekannten Daten kann eine Pufferüberlauf-Schwachstelle ausgenutzt werden. ... read more
  • CVE-2025-48057 | Icinga icinga2 bis 2.12.11/2.13.11/2.14.5 VerifyCertificate Remote Code Execution
    In Icinga icinga2 bis 2.12.11/2.13.11/2.14.5 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion VerifyCertificate. Durch Manipulieren mit unbekannten Daten kann eine Remote Code Execution-Schwachstelle ... read more
  • CVE-2025-3704 | DBAR Productions Volunteer Sign Up Sheets Plugin bis 5.5.4 auf WordPress Cross Site Scripting
    Es wurde eine problematische Schwachstelle in DBAR Productions Volunteer Sign Up Sheets Plugin bis 5.5.4 für WordPress gefunden. Es geht dabei um eine nicht klar definierte Funktion. Dank Manipulation mit ... read more

integratus systems © 2025

KAVI IS iCOMMEX Platform v 02.25 Thursday, July 3, 2025

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

Security Briefing Search

PDF Library Search

Uncategorized Search

Reset Password

Reset Password

You have no permission to access this content