Cross-Domain Misconfiguration

Home/Alerts/Alert detail/

Top Security News

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

CWE top 25 most dangerous software weaknesses

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

Hackers now use AppDomain Injection to drop CobaltStrike beacons

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

Microsoft disrupts ONNX phishing-as-a-service infrastructure

Common Alerts

Latest CVE List

CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability

CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability

CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability

CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability

CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability

CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability

CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability

CVE-2024-9474 Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability

CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability

CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability

Common CWEs

CWE-1236 Improper Neutralization of Formula Elements in a CSV File

CWE-145 Improper Neutralization of Section Delimiters

CWE-348 Use of Less Trusted Source

CWE-622 Improper Validation of Function Hook Arguments

CWE-36 Absolute Path Traversal

CWE-405 Asymmetric Resource Consumption (Amplification)

CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Free security scan for your website

Don't show website scan report rating on the leaderboard