by Alyssa Portillo | May 23, 2020 | CVE Notifications
The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure.
by Alyssa Portillo | May 23, 2020 | SANS ISC Bulletins
Attackers are always trying to find new ways to deliver malicious code to their victims. Microsoft Word and Excel are documents that can be easily weaponized by adding malicious VBA macros. Today, they are one of the most common techniques to compromise a computer....
by Alyssa Portillo | May 22, 2020 | CVE Notifications
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
by Alyssa Portillo | May 22, 2020 | CVE Notifications
An issue was discovered in Aviatrix Controller before 5.4.1066. A Controller Web Interface session token parameter is not required on an API call, which opens the application up to a Cross Site Request Forgery (CSRF) vulnerability for password resets.
by Alyssa Portillo | May 22, 2020 | CVE Notifications
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software.
