RockyLinux 10 : openssl (RLSA-2026:1472)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1472 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...

Oracle Linux 10 : openssl (ELSA-2026-1472)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1472 advisory. - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420...

CVE-2026-1472

creationtimestamp| type| source ---|---|--- 2026-01-27 19:12:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdghojzdxq2m...

MiracleLinux 7 : glibc-2.17-105.el7 (AXSA:2015-569:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-569:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

EUVD-2012-3242

Malware in sbrugna...

Exploit for CVE-2020-1472

ZeroLogon-CVE-2020-1472 Explicação e demonstração da vulnerabi...

Exploit for CVE-2020-1472

ZeroLogon testing script A Python script that uses the Impacket library to test vulnerability for the Zerologon exploit CVE-2020-1472. It attempts to perform the Netlogon authentication bypass. The script will immediately terminate when successfully performing the bypass, and not perform any...

CVE-2024-1472

The WP Maintenance plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.1.6 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's maintenance mode obtain post and page content via REST API...

CVE-2022-1472

The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection...

CVE-2025-1472

Mattermost versions 9.11.x = 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the Viewer role configured with No Access to Reporting to still view team and site statistics...

CVE-2025-1472

creationtimestamp| type| source ---|---|--- 2025-03-19 18:43:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtnbtwmc2s 2025-03-19 18:49:35+00:00| seen| https://t.me/cvedetector/20656...

CVE-2025-1472

Mattermost versions 9.11.x = 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the Viewer role configured with No Access to Reporting to still view team and site statistics...

CVE-2025-1472 Unauthorized View Access to Site Statistics and Team Statistics

Mattermost versions 9.11.x = 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the Viewer role configured with No Access to Reporting to still view team and site statistics...

CVE-2025-1472 Unauthorized View Access to Site Statistics and Team Statistics

Mattermost versions 9.11.x = 9.11.8 fail to properly perform authorization of the Viewer role which allows an attacker with the Viewer role configured with No Access to Reporting to still view team and site statistics...

CVE-2025-1472

CVE-2025-1472 corresponds to Mattermost where versions 9.11.x up to 9.11.8 suffer from an authorization flaw in the Viewer role (configured with No Access to Reporting) that allows viewing team/site statistics. The CVE entry indicates a CVSSv3.1 base score of 4.3 (Medium) with Network attack vect...

Linux Distros Unpatched Vulnerability : CVE-2020-1472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the...

RHSA-2024:1472

creationtimestamp| type| source ---|---|--- 2025-01-13 09:11:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1356 2025-05-12 23:29:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16071...

CVE-2020-1472 affecting package samba for versions less than 4.18.3-1

CVE-2020-1472 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses SMBs in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously...

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...