Microsoft Defender 授权问题漏洞

Microsoft Defender is a threat protection software from Microsoft Corporation USA. An authorization issue vulnerability exists in Microsoft Defender. An attacker exploits this vulnerability to perform spoofing attacks...

PT-2025-20940 · Microsoft · Defender For Identity

Name of the Vulnerable Software and Affected Versions: Microsoft Defender for Identity affected versions not specified Description: The issue is related to improper authentication in Microsoft Defender for Identity, allowing an unauthorized attacker to perform spoofing over an adjacent network...

Microsoft/Windows Defender Detection (Windows SMB Login)

Detects and gathers information of Microsoft/Windows Defender on Windows operating systems. Supports Windows 7 and Server 2008 onwards. The information is retrieved via Powershell. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...

Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape

In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using...

Malicious code in telepycore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dcd0a2a8162a703ef9d7b90566e4c55116a7f4f4d3b8759ca0d2640acd4ee4 Package can only be used requires additional triggering to install a remote executable, ensure it starts on logon and name mimic network service. Though...

CVE-2024-22314

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers

Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing ...

CVE-2024-22314

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-22314

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-22314

IBM Storage Defender – Resiliency Service 2.0.0–2.0.12 uses weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The issue affects the Defender Resiliency Service and is documented across multiple sources (CVE-2024-22314). According to IBM/Red Hat ...

CVE-2024-22314 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-22314 IBM Storage Defender - Resiliency Service information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

Security Bulletin: A denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-26699 DESCRIPTION: An issue was discovered in Django 5.1 before...

IBM Storage Defender 加密问题漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. An encryption issue vulnerability exists in IBM Storage Defender - Resiliency Service 2.0.12 and prior versions, which stems from the use of a weak encryption algorithm that could...

PT-2025-16784 · Ibm · Ibm Storage Defender - Resiliency Service

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.12 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...

Security Bulletin: Denial of service, directory traversal, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, directory traversal, and others. The vulnerabilities have been addressed. CVE-2024-49767, CVE-2024-49766, CVE-2024-39614, CVE-2024-38875, CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, CVE-2024-47119,...

Explore how to secure AI by attending our Learn Live Series

As organizations develop, use, and increasingly rely on AI applications, they must address new and amplified security risks. Are you prepared to secure your environment for AI adoption? How about identifying threats to your AI and safeguarding data? Register to attend one or all our Learn Live...

CVE-2025-26678

Improper access control in Windows Defender Application Control WDAC allows an unauthorized attacker to bypass a security feature locally...

The vulnerability of Windows Defender Application Control (WDAC) in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of Windows Defender Application Control WDAC on Windows operating systems is related to errors in access control. Exploiting this vulnerability can allow a hacker to bypass existing security restrictions...

How cyberattackers exploit domain controllers using ransomware

In recent years, human-operated cyberattacks have undergone a dramatic transformation. These attacks, once characterized by sporadic and opportunistic attacks, have evolved into highly sophisticated, targeted campaigns aimed at causing maximum damage to organizations, with the average cost of a...