Lucene search
K

38 matches found

The Hacker News
The Hacker News
added 2026/03/24 12:1 p.m.7 views

The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills

Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and...

6AI score
Exploits0
EUVD
EUVD
added 2025/11/19 9:31 p.m.2 views

EUVD-2025-198164

Campcodes Online Hospital Management System 1.0 is vulnerable to SQL Injection in /admin/index.php via the parameter username...

7.5AI score0.00177EPSS
Exploits1References2
Talos Blog
Talos Blog
added 2025/09/24 10:0 a.m.6 views

What happens when you engage Cisco Talos Incident Response?

In today's world, cybersecurity incidents are not a matter of if, but when and how. From ransomware attacks to data breaches exposing sensitive information, organizations face a changing threat landscape. As a result of cybersecurity attacks, organizations can experience downtime, financial losse...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of the GLPI system’s request and incident handling process, related to incorrect validation of input data, allows attackers to compromise the integrity of the system.

The vulnerability of the GLPI system for handling requests and incidents is related to incorrect validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the system...

6.8CVSS7.1AI score0.00477EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.5 views

The vulnerability of the GLPI system’s request and incident handling process, related to improper neutralization of special elements used in SQL commands, allows attackers to compromise the integrity of the system.

The vulnerability of the GLPI request and incident handling system lies in the lack of proper validation of input requests within the plugin controller, and the use of low-level plugin APIs for access. Exploitation of this vulnerability could allow a malicious actor to scan server ports or...

9.4CVSS7.1AI score0.00698EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of the GLPI system’s handling of requests and incidents stems from the lack of measures taken to protect the website structure. This allows attackers to carry out cross-site scripting attacks.

The vulnerability in the GLPI request and incident handling system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

5.5CVSS6.8AI score0.00408EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of the GLPI system’s request and incident handling capabilities, related to insufficient session duration, allows attackers to compromise the integrity of the system.

The vulnerability of the GLPI system for handling requests and incidents is related to insufficient session duration. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the system...

9CVSS7.7AI score0.00385EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of the GLPI request and incident handling system lies in its ability to gain access to the debugging panel through an update script of GLPI. This allows a malicious actor to compromise the integrity of the system.

The vulnerability of the GLPI request and incident handling system relates to the possibility of gaining access to the debugging panel through a GLPI update script. Exploiting this vulnerability could allow an attacker operating remotely to compromise the integrity of the system...

4.3CVSS6.7AI score0.00426EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.5 views

The vulnerability of the GLPI system’s request and incident handling functionality lies in the lack of HTML tag neutralization during website generation. This allows attackers to carry out cross-site scripting attacks.

The vulnerability of the GLPI system’s request and incident handling functionality relates to the absence of HTML tag neutralization during the generation of web pages. Exploiting this vulnerability allows a malicious actor to carry out cross-site scripting attacks...

5.5CVSS5.6AI score0.00589EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of the GLPI system’s request and incident handling process, related to improper elimination of input data during the generation of web pages, allows a perpetrator to store arbitrary codes in the reference links.

The vulnerability of the GLPI system for handling requests and incidents is related to the improper elimination of input data during the generation of the web page. Exploiting this vulnerability allows a malicious actor to insert arbitrary codes into the reference documents...

5.5CVSS6.3AI score0.00577EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.5 views

The vulnerability of the GLPI system’s request and incident handling process, related to improper elimination of input data during the generation of web pages, allows a malicious actor to create malicious external links.

The vulnerability of the GLPI system for handling requests and incidents is related to the improper elimination of input data during the generation of the web page. Exploiting this vulnerability allows a malicious actor to create a malicious external link...

4.8CVSS6.1AI score0.0062EPSS
Exploits0References3Affected Software2
Redos
Redos
added 2024/07/29 12:0 a.m.17 views

ROS-20240729-07

Vulnerability in the GLPI request and incident handling system related to improper privilege management. privileges. Exploitation of the vulnerability could allow an attacker acting remotely to steal confidential information Vulnerability in the GLPI reporting plugin is related to improper...

6.8CVSS6.9AI score0.0073EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.8 views

The vulnerability of the GLPI system’s handling of requests and incidents lies in the lack of measures taken to protect the SQL query structure used in SQL commands. This allows attackers to carry out SQL injection attacks.

The vulnerability of the GLPI system’s request and incident handling capabilities is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to scan server or service ports and perform SQL injection attacks...

10CVSS7.8AI score0.00945EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.5 views

The vulnerability of the GLPI system’s request and incident handling capabilities, related to improper management of privileges, allows a perpetrator to disclose protected information.

The vulnerability of the GLPI system for handling requests and incidents is related to improper management of privileges. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

6.8CVSS6.5AI score0.0073EPSS
Exploits0References3Affected Software2
Redos
Redos
added 2024/07/26 12:0 a.m.32 views

ROS-20240726-01

A vulnerability in GLPI's request and incident handling system is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the system integrity A vulnerability in the GLPI request and incident handling system is associated with the...

10CVSS7.7AI score0.50889EPSS
Exploits6
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.6 views

The vulnerability of the GLPI system’s handling of requests and incidents is related to incorrect input cancellation during the creation of web pages. This allows a malicious attacker to execute XSS attacks.

The vulnerability in the GLPI request and incident handling system relates to improper input validation during the creation of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

6.1CVSS5.4AI score0.00665EPSS
Exploits0References5Affected Software2
Redos
Redos
added 2024/05/03 12:0 a.m.25 views

ROS-20240503-06

Vulnerability in the GLPI request and incident handling system related to incorrect input neutralization during web page creation. during the creation of a web page. Exploitation of the vulnerability could allow an attacker acting remotely, perform an XSS attack...

4.8CVSS6.1AI score0.00665EPSS
Exploits0
Kitploit
Kitploit
added 2024/01/18 11:30 a.m.28 views

FalconHound - A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time...

6.5AI score
Exploits0References12
OpenVAS
OpenVAS
added 2023/12/01 12:0 a.m.14 views

Microsoft Windows: Virtual Secure Mode

When using Virtual Secure Mode VSM SHOULD It should be taken into account that forensic investigations, e.g. B. for security incident handling be restricted or made more difficult. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...

7.5AI score
Exploits0References2
Talos Blog
Talos Blog
added 2023/11/16 1:0 p.m.17 views

7 common mistakes companies make when creating an incident response plan and how to avoid them

Cisco Talos recently covered the basics of NIS2, a new set of requirements for cybersecurity and security incident disclosures set to take effect next year in the European Union. As part of these new guidelines, organizations with operations in the EU must have up-to-date "incident handling"...

6.9AI score
Exploits0
Rows per page
Query Builder