Lucene search
K

58 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8309

Malware in sbrugna...

5.5CVSS5.5AI score0.00166EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-3644

Malware in sbrugna...

1.9CVSS6.4AI score0.00282EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-5892

Malware in sbrugna...

7.5CVSS7.5AI score0.01027EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-50321

Malicious code in bioql PyPI...

7.3CVSS5.8AI score0.00165EPSS
Exploits0References1
OSV
OSV
added 2024/11/17 11:15 a.m.3 views

DEBIAN-CVE-2023-6110

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials...

5.5CVSS5.6AI score0.00493EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/11/17 11:15 a.m.1 views

CVE-2023-6110

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials...

5.5CVSS5.7AI score0.00493EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/05/22 8:14 p.m.5 views

openstack: deleting a non existing access rule deletes another existing access rule in it's scope

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials...

5.5CVSS5.7AI score0.00493EPSS
Exploits0References6
Securelist
Securelist
added 2024/05/22 10:0 a.m.15 views

Stealers, stealers and more stealers

Introduction Stealers are a prominent threat in the malware landscape. Over the past year we published our research into several stealers see here, here and here, and for now, the trend seems to persist. In the past months, we wrote several private reports on stealers as we discovered Acrid a new...

7.7AI score
Exploits0
OSV
OSV
added 2024/02/14 12:0 a.m.3 views

UBUNTU-CVE-2023-6110

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials...

5.5CVSS5.7AI score0.00493EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/01/25 8:27 p.m.41 views

CVE-2023-6110

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials...

5.5CVSS7AI score0.00493EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2023/06/22 1:15 p.m.3 views

Generative-AI apps & ChatGPT: Potential risks and mitigation strategies

Losing sleep over Generative-AI apps? You're not alone or wrong. According to the Astrix Security Research Group, mid size organizations already have, on average, 54 Generative-AI integrations to core systems like Slack, GitHub and Google Workspace and this number is only expected to grow. Contin...

7AI score
Exploits0
NVD
NVD
added 2022/02/11 7:15 p.m.24 views

CVE-2022-22766

Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for information that could be used to decrypt application credentials or gain access to electronic...

7CVSS0.00228EPSS
Exploits0References2
Hacker One
Hacker One
added 2020/10/25 5:47 p.m.89 views

Kubernetes: Development Application Credentials + Information Exposed

Issue Description When I browsed through all the JS files on prow.k8s.io I came across a link called /config which contains a configuration disclosure for the development files URL Vulnerabilities https://prow.k8s.io/config Proof On Concept javascript - continuous-integration/travis-ci kubespray:...

7AI score
Exploits0
Prion
Prion
added 2020/06/15 7:15 p.m.14 views

Server side request forgery (ssrf)

An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery SSRF that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to ...

5CVSS7.5AI score0.01027EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/03/28 2:29 p.m.23 views

Code injection

When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges...

4CVSS7.1AI score0.0129EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2019/03/26 8:19 p.m.29 views

CVE-2019-3869

When running Tower on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges...

7.2CVSS4.1AI score0.0129EPSS
Exploits0References4
OSV
OSV
added 2018/10/12 2:29 p.m.4 views

CVE-2018-17900

Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers...

9.8CVSS5.8AI score0.01865EPSS
Exploits0References2
Prion
Prion
added 2018/09/26 7:29 p.m.14 views

Code injection

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. The Philips e-Alert communication channel is not encrypted which could therefore lead to...

3.3CVSS8.5AI score0.0057EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder