Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-08-16 15:15:11 |
CVE-2023-40341 (lien direct) |
Une vulnérabilité de contrefaçon de demande croisée (CSRF) dans le plugin de Jenkins Blue Ocean 1.27.5 et plus tôt permet aux attaquants de se connecter à une URL spécifiée par l'attaquant, capturant les informations d'identification GitHub associées à un travail spécifié par l'attaquant.
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job. |
Vulnerability
|
APT 32
|
|
|
2023-04-06 14:15:07 |
CVE-2023-23891 (lien direct) |
Auth.(Contributeur +) Vulnérabilité des scripts croisés (XSS) dans le plugin supplémentaire OceanWP Ocean |
Vulnerability
|
APT 32
|
|
|
2023-03-30 12:15:07 |
CVE-2023-24399 (lien direct) |
Auth.(Contributeur +) Vulnérabilité des scripts croisés (XSS) dans le plugin supplémentaire OceanWP Ocean |
Vulnerability
|
APT 32
|
|
|
2022-12-04 23:15:09 |
CVE-2022-35730 (lien direct) |
Cross-Site Request Forgery (CSRF) vulnerability in Oceanwp sticky header plugin |
Vulnerability
|
APT 32
|
|
|
2022-05-17 15:15:09 |
CVE-2022-30953 (lien direct) |
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server. |
Vulnerability
|
APT 32
|
★★★★
|
|
2021-04-29 14:35:46 |
DigitalOcean Discloses Breach Involving Billing Information (lien direct) |
Cloud solutions provider DigitalOcean has started informing some customers that their billing information may have been compromised after someone exploited a vulnerability in the company's systems.
|
Vulnerability
|
APT 32
|
|
|
2020-03-04 09:00:00 |
Zero-Day Bug Allowed Attackers to Register Malicious Domains (lien direct) |
A zero-day vulnerability impacting Verisign and several SaaS services including Google, Amazon, and DigitalOcean could have allowed attackers to register .com and .net homograph domain names (among others) that could be used in insider, phishing, and social-engineering attacks against organizations. [...] |
Vulnerability
|
APT 32
|
|
|
2018-06-27 17:57:01 |
Another Local Government Agency Hacked (lien direct) |
The latest local government data breach has occurred in Midland, Texas where hackers leveraged a vulnerability in Superion's Click2Gov function in the payment server used to make online payments for utilities. Other cities might be affected as well including Beaumont, California, Oceanside California and Goodyear, Arizona. Ryan Wilk, VP of Customer Success: “Hackers will leverage …
The ISBuzz Post: This Post Another Local Government Agency Hacked |
Data Breach
Vulnerability
|
APT 32
|
|