5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack
A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running ...
Tag: security vulnerability
PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers
The malware takes aim at PostgreSQL database servers with never-before-seen techniques. Source link
VMware Rolls a Fix for Formerly Critical Zero-Day Bug
VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to "important." Source link
Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and ...
German COVID-19 Contact-Tracing Vulnerability Allowed RCE
Bug hunters at GitHub Security Labs help shore up German contact tracing app security, crediting open source collaboration. Source link
GO SMS Pro Android App Exposes Private Photos, Videos and Messages
The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to link to private content. ...
Dating Site Bumble Leaves Swipes Unsecured for 100M Users
Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and ...
Nvidia Warns Windows Gamers of GeForce NOW Flaw
Both Nvidia and Intel faced severe security issues this week - including a high-severity bug in Nvidia's GeForce NOW. Source ...
WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug
The shopping cart application contains a PHP object-injection bug. Source link
Containerd Bug Exposes Cloud Account Credentials
The flaw (CVE-2020-15157) is located in the container image-pulling process. Source link
