Lantronix EDS5000
Lantronix EDS5000 Code Injection Vulnerability — Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are exe
Every confirmed data breach we've indexed across 25803+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.
Lantronix EDS5000 Code Injection Vulnerability — Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are exe
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Great
368,418 records exposed — Dates of birth, Email addresses, Government issued IDs, Job titles and 4 more
Splunk Enterprise Missing Authentication for Critical Function Vulnerability — Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create o
248,235 records exposed — Email addresses, Employers, Job titles, Names and 2 more
139,903 records exposed — Age groups, Email addresses, Genders, Names and 1 more
Widget Factory Joomla Content Editor Improper Access Control Vulnerability — Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code v
Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability — Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a
LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability — LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access
How the Anubis ransomware group stole and leaked an Italian Adriatic port authority's data
137,123 records exposed — Email addresses, Employers, Job titles, Names and 4 more
305,216 records exposed — Email addresses, Employers, Names, Phone numbers and 1 more
Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability — Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which c
Ivanti Sentry OS Command Injection Vulnerability — Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed
454,635 records exposed — Academic records, Citizenship statuses, Dates of birth, Disabilities and 11 more
Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability — Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerab
Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability — Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch
Google Chromium V8 Out-of-Bounds Read and Write Vulnerability — Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HT
Check Point Security Gateway Improper Authentication Vulnerability — Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacke
BerriAI LiteLLM Command Injection Vulnerability — BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrar
102,935 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 1 more
SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability — SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: de
396,313 records exposed — Email addresses, Employers, Job titles, Names and 3 more