Lucene search
+L

744 matches found

ics
ics
added 2024/03/12 12:0 a.m.49 views

Siemens SINEMA Remote Connect Server

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS7.9AI score0.00833EPSS
Exploits5References12
thn
thn
added 2024/02/20 10:53 a.m.26 views

New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide

North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world. In a joint advisory published by Germany's Federal Office for the Protection of the Constitution BfV and South Korea's National Intelligence Service NIS, th...

9.8CVSS9.9AI score0.12661EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/02/15 12:0 a.m.9 views

CVE-2024-23674

The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 allows authentication bypass by spoofing. A man-in-the-middle attacker can assume a victim's identify for access to government, medical, and financial resources, and can also extract personal data from...

7.2AI score0.0073EPSS
Exploits0References4
ics
ics
added 2024/02/13 12:0 a.m.47 views

Siemens Polarion ALM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS8.1AI score0.00589EPSS
Exploits0References12
ics
ics
added 2024/02/01 7:0 a.m.38 views

Gessler GmbH WEB-MASTER

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable Remotely/Low attack complexity Vendor : Gessler GmbH Equipment : WEB-MASTER Vulnerabilities : Use of Weak Credentials, Use of Weak Hash 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a user to take...

9.8CVSS7AI score0.00719EPSS
Exploits0References10
cnnvd
cnnvd
added 2024/01/24 12:0 a.m.4 views

REGIFY Regipay Security Breach

REGIFY Regipay is an application about payroll from REGIFY Germany. A security vulnerability exists in REGIFY Regipay version 4.5.1.0, which stems from allowing DLL hijacking and can be exploited by attackers to execute arbitrary code...

7.8CVSS7.4AI score0.00199EPSS
Exploits0References2
ics
ics
added 2024/01/16 7:0 a.m.85 views

SEW-EURODRIVE MOVITOOLS MotionStudio

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION : Low attack complexity Vendor : SEW-EURODRIVE Equipment : MOVITOOLS MotionStudio Vulnerability : Improper Restriction of XML EXTERNAL Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could result in open access...

7.5CVSS7.6AI score0.00541EPSS
Exploits0References8
openbugbounty
openbugbounty
added 2024/01/15 8:38 a.m.12 views

germany.leadec-services.com Cross Site Scripting vulnerability OBB-3834859

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
thn
thn
added 2024/01/15 5:55 a.m.33 views

DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023

The environmental services industry witnessed an "unprecedented surge" in HTTP-based distributed denial-of-service DDoS attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare sai...

6.8AI score
Exploits0
openbugbounty
openbugbounty
added 2024/01/09 2:12 p.m.11 views

spd-kassel-land.de Cross Site Scripting vulnerability OBB-3830514

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ics
ics
added 2024/01/09 12:0 a.m.38 views

Siemens SICAM A8000

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.2CVSS6.9AI score0.00547EPSS
Exploits0References12
ics
ics
added 2024/01/09 12:0 a.m.40 views

Siemens SIMATIC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

10CVSS9.4AI score0.00646EPSS
Exploits0References12
ics
ics
added 2024/01/09 12:0 a.m.53 views

Siemens SIMATIC CN 4100

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS9.9AI score0.00597EPSS
Exploits0References12
openbugbounty
openbugbounty
added 2023/12/16 5:32 p.m.3 views

deutschland-tankt-strom.de Improper Access Control vulnerability OBB-3816310

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
cnvd
cnvd
added 2023/12/14 12:0 a.m.17 views

SAP Biller Direct Cross-Site Scripting Vulnerability

SAP Biller Direct is a Web application from SAP Germany. It is used to present customer accounts in an Internet portal. A cross-site scripting vulnerability exists in SAP Biller Direct versions 635 and 750, which stems from the application's lack of effective filtering and escaping of user-suppli...

6.1CVSS6.3AI score0.00446EPSS
Exploits0References1
packetstorm
packetstorm
added 2023/12/13 12:0 a.m.1745 views

PDF24 Creator 11.15.1 Local Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: PDF24 Creator geek Software GmbH vulnerable version: =11.15.1 fixed version: 11.15.2 CVE number: CVE-2023-49147...

7.4AI score0.00483EPSS
Exploits2
thn
thn
added 2023/12/12 9:55 a.m.31 views

New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam

A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. "This malware is a Python-based information stealer compressed with cx-Freeze to evade detection," Fortinet FortiGuard Labs...

6.8AI score
Exploits0
ptsecurity
ptsecurity
added 2023/12/07 12:0 a.m.8 views

PT-2023-18914 · Undefined · Undefined

ParsedReport CompletenessMedium 07-12-2023 Fighting Ursa Aka APT28: Illuminating a Covert Campaign https://unit42.paloaltonetworks.com/russian-apt-fighting-ursa-exploits-cve-2023-233397 Report completeness: Medium Actors/Campaigns: Fancy bear Forest blizzard Threats: Wildfire Victims: Organizatio...

9.8CVSS8.3AI score0.97408EPSS
Exploits18References1
thn
thn
added 2023/12/05 2:58 p.m.25 views

Russia's AI-Powered Disinformation Operation Targeting Ukraine, U.S., and Germany

The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts. These campaigns are designed to amplify content designed to undermine Ukraine as well as propagate anti-LGBTQ+...

6.8AI score
Exploits0
thn
thn
added 2023/10/26 1:0 p.m.106 views

Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw

Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service DDoS attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second RPS. "The campaign contributed to an overall increase of...

7.5CVSS7.7AI score0.99999EPSS
Exploits19
Rows per page
Query Builder