Lucene search
K

89 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2026/05/11 12:0 a.m.8 views

Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America

TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and financial organizations in Latin America, marking these among the first cases we have observed of AI agents executing...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.71-1.b15.AXS4 (AXSA:2016-040:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-040:01 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2015-7575 Mozilla Network Security Services NSS before 3.20.2, as used ...

10CVSS7.7AI score0.14714EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

MiracleLinux 8 : mariadb:10.3 (AXSA:2026-040:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-040:01 advisory. mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 Tenable has extracted the preceding...

7CVSS7.7AI score0.00414EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-15372 Malicious code in banana-040-project (npm)

The package banana-040-project was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in banana-040-project (npm)

The package banana-040-project was found to contain malicious code...

7AI score
Exploits0
CVE
CVE
added 2025/04/16 4:32 p.m.62 views

CVE-2025-3739

CVE-2025-3739 : A vulnerability in Drupal 8 Google Optimize Hide Page affects the Drupal 8 Google Optimize Hide Page module. The CVSSv3.1 metrics indicate a network attack vector, high attack complexity, and that an attacker requires high privileges with no user interaction to achieve a Confident...

5.9CVSS5.7AI score0.00282EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/20 12:0 a.m.51 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2024-040 (ALASECS-2024-040)

The version of containerd installed on the remote host is prior to 1.7.20-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-040 advisory. The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This...

9.8CVSS7.2AI score0.01956EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/08/01 12:0 a.m.50 views

Amazon Linux 2 : docker (ALASDOCKER-2024-040)

The version of docker installed on the remote host is prior to 25.0.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2024-040 advisory. 2025-01-04: CVE-2024-36620 was added to this advisory. 2025-01-04: CVE-2024-36623 was added to this advisory...

9.9CVSS7.6AI score0.16496EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/04/01 12:0 a.m.38 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-040)

The version of kernel installed on the remote host is prior to 5.15.152-100.162. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-040 advisory. 2024-09-12: CVE-2024-27431 was added to this advisory. 2024-09-12: CVE-2024-27415 was added to this...

8CVSS7AI score0.00983EPSS
Exploits0References70
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.49 views

Amazon Linux 2023 : openjpeg2, openjpeg2-devel, openjpeg2-tools (ALAS2023-2023-040)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-040 advisory. There is a flaw in the opj2compress program in openjpeg2. An attacker who is able to submit a large number of image files to be processed in a directory by opj2compress, could trigger a heap...

5.5CVSS7AI score0.0156EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2022/12/14 12:0 a.m.48 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-040)

The version of kernel installed on the remote host is prior to 5.4.226-129.415. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-040 advisory. A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request...

5.5CVSS6.5AI score0.03681EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2022/08/04 10:24 a.m.217 views

Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage

A threat actor is said to have "highly likely" exploited a security flaw in an outdated Atlassian Confluence server to deploy a never-before-seen backdoor against an unnamed organization in the research and technical services sector. The attack, which transpired over a seven-day-period during the...

9.8CVSS1.9AI score0.99999EPSS
Exploits175
Tenable Nessus
Tenable Nessus
added 2021/04/20 12:0 a.m.83 views

Dell OpenManage Server Administrator Authentication Bypass (DSA-2021-040)

Binary data dellomsacve-2021-21513.nbin...

9.8CVSS9.7AI score0.0574EPSS
Exploits1References2
0day.today
0day.today
added 2021/03/23 12:0 a.m.70 views

Advantech iView Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated configuration change combined with an unauthenticated file write primitive, leading to an arbitrary file write that allows for remote code execution as the user running iView, which is typically NT AUTHORITY\SYSTEM. This issue was demonstrated in...

9.8CVSS0.6AI score0.36845EPSS
Exploits4
OpenVAS
OpenVAS
added 2021/03/08 12:0 a.m.18 views

Nextcloud Server < 20.0.0 Multiple Vulnerabilities (NC-SA-2020-040, NC-SA-2020-041, NC-SA-2021-006)

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

8.1CVSS5.8AI score0.00727EPSS
Exploits4References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:45 p.m.31 views

Security Bulletin: Vulnerability in OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application (CVE-2015-5174)

Summary Apache Tomcat could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ in the getResource, getResourceAsStream and getResourcePaths ServletContext methods to obtain a directory listing f...

4.3CVSS1.4AI score0.12555EPSS
Exploits0Affected Software1
Microsoft KB
Microsoft KB
added 2018/04/24 7:15 p.m.140 views

MS07-040: Vulnerabilities in the .NET Framework could allow remote code execution

Resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems that have the .NET Framework installed. One could allow information disclosure on Web servers that are running ASP.NET.INTRODUCTIONMicrosoft has released security...

9.3CVSS7.2AI score0.77716EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2018/04/23 12:54 a.m.18 views

MS03-040: October, 2003, Cumulative Patch for Internet Explorer

Technical Updates October 1, 2003: Originally published.October 15, 2003: Updated the "Prerequisites" section to indicate that you can install the security patch on Windows NT Workstation 4.0 SP6a and Windows 2000 SP2.Symptoms This is a cumulative security patch for Microsoft Internet Explorer th...

0.1AI score
Exploits0
Drupal
Drupal
added 2017/04/12 12:0 a.m.9 views

@Base - Critical - Unsupported - SA-CONTRIB-2017-040

Provide some more API for developer to work with Drupal 7. The security team is marking this module unsupported. There is a known security issue with the module that has not been fixed by the maintainer. If you would like to maintain this module, please read: https://www.drupal.org/node/251466...

7.2AI score
Exploits0References8
Microsoft KB
Microsoft KB
added 2017/03/30 12:0 a.m.43 views

MS06-040: Vulnerability in Server service could allow remote code execution

MS06-040: Vulnerability in Server service could allow remote code execution INTRODUCTION Microsoft has released security bulletin MS06-040. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment...

7AI score
Exploits0
Rows per page
Query Builder