1622 matches found
GHSA-G59M-GF8J-GJF5 AWS SDK for Rust v1 adopted defense in depth enhancement for region parameter value
Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...
DriveLock 安全漏洞
DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock 24.1 and prior versions 24.1.x, 24.2.8 and prior versions 24.2.8, and 25.1.6 and prior versions 24.1.x. The vulnerability stems from an agent that creates files and...
PubNet 安全漏洞
PubNet is a self-hosted package repository for the individual developer Ricardo Boss. A security vulnerability exists in PubNet versions prior to 1.1.3, which stems from an unauthenticated /api/storage/upload endpoint that could lead to identity spoofing and elevation of privilege...
CVE-2025-64984
Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux any version with anti-virus databases prior to 18.11.2025, Kaspersky Industrial CyberSecurity for Linux Nodes any version with anti-virus databases prior to 18.11.2025, and Kaspersky Endpoint Security for Mac 12.0.0.325...
EUVD-2025-198259
Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux any version with anti-virus databases prior to 18.11.2025, Kaspersky Industrial CyberSecurity for Linux Nodes any version with anti-virus databases prior to 18.11.2025, and Kaspersky Endpoint Security for Mac 12.0.0.325...
CVE-2025-64984
Affected products: Kaspersky Endpoint Security for Linux (any version with anti-virus databases prior to 18.11.2025), Kaspersky Industrial CyberSecurity for Linux Nodes (any version with anti-virus databases prior to 18.11.2025), and Kaspersky Endpoint Security for Mac (12.0.0.325, 12.1.0.553, 12...
CVE-2025-64984
Kaspersky has fixed a security issue in Kaspersky Endpoint Security for Linux any version with anti-virus databases prior to 18.11.2025, Kaspersky Industrial CyberSecurity for Linux Nodes any version with anti-virus databases prior to 18.11.2025, and Kaspersky Endpoint Security for Mac 12.0.0.325...
Kaspersky Endpoint Security和Kaspersky Industrial CyberSecurity for Linux Nodes 安全漏洞
Kaspersky Endpoint Security and Kaspersky Industrial CyberSecurity for Linux Nodes are both products of the Swiss company Kaspersky.Kaspersky Endpoint Security is an endpoint protection software. Kaspersky Industrial CyberSecurity for Linux Nodes is an industrial network security software. A...
EUVD-2025-74033
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac BEST before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the...
CVE-2025-5317
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac BEST before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the...
CVE-2025-5317 Improper access restriction to critical folder in Bitdefender Endpoint Security Tools for Mac
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac BEST before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the...
Bitdefender Endpoint Security Tool 安全漏洞
Bitdefender Endpoint Security Tool is an endpoint security management tool from the Romanian company Bitdefender. A security vulnerability exists in versions prior to Bitdefender Endpoint Security Tool 7.20.52.200087, which stems from improperly restricting folder access and could allow a...
Endpoint Security Agent: A Comprehensive Approach to Real-Time System Monitoring and Threat Detection
As cyber threats continue to evolve in complexity and frequency, robust endpoint protection is essential for organizational security. This paper presents "Endpoint Security Agent: A Comprehensive Approach to Real-time System Monitoring and Threat Detection" a modular, real-time security solution...
PT-2025-45071
Name of the Vulnerable Software and Affected Versions AI Engine plugin for WordPress versions prior to 3.1.4 AI Engine versions 2.8.x and 2.9.x prior to 2.9.5 Description The AI Engine plugin for WordPress has a Sensitive Information Exposure issue via the /mcp/v1/ REST API endpoint. When the...
AhnLab EPP 安全漏洞
AhnLab EPP is a set of endpoint security protection platform from AhnLab, Korea. A security vulnerability exists in AhnLab EPP version 1.0.15, which stems from an incorrect manipulation of the parameter preview and could lead to an SQL injection attack...
CVE-2025-62399 Moodle: password brute force risk when mobile/web services enabled
Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks...
Independent Results Confirm Rapid7’s NGAV Delivers Strong, Reliable Protection
At Rapid7, we measure success by how well we protect our customers in the real world. That’s why independent testing like the AV-Comparatives Business Security Test matters. It’s a trusted benchmark for how endpoint security products perform against today’s constantly evolving threats, and how th...
CVE-2025-11529
A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit...
Disrupting threats targeting Microsoft Teams
The extensive collaboration features and global adoption of Microsoft Teams make it a high-value target for both cybercriminals and state-sponsored actors. Threat actors abuse its core capabilities – messaging chat, calls and meetings, and video-based screen-sharing – at different points along th...
EUVD-2021-10818
Malware in sbrugna...