Lucene search
K

189 matches found

Microsoft KB
Microsoft KB
added 2025/08/21 7:0 a.m.29 views

July 8, 2025—KB5062570 (OS Build 25398.1732)

July 8, 2025—KB5062570 OS Build 25398.1732 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the past...

9.8CVSS7AI score0.2188EPSS
Exploits10
CNVD
CNVD
added 2025/06/05 12:0 a.m.6 views

Binary Vulnerability in Unisys UOS Desktop Professional Edition by Unisys Software Technology Co.

Unisys UOS Desktop Professional Edition is a commercial desktop operating system based on Linux kernel, which supports all CPU architectures including AMD64, ARM64, LoongArch64, SW64 and other mainstream architectures, and is suitable for domestic CPU platforms e.g., Haikuang, Zhaoshen, etc.. The...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/24 11:27 a.m.23 views

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The threat actors behind the Darcula phishing-as-a-service PhaaS platform have released new updates to their cybercrime suite with generative artificial intelligence GenAI capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/09/03 12:0 a.m.44 views

openSUSE 15 Security Update : cacti, cacti-spine (openSUSE-SU-2024:0274-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0274-1 advisory. - cacti 1.2.27: CVE-2024-34340: Authentication Bypass when using using older password hashes boo1224240 CVE-2024-25641: RCE vulnerability when...

9.1CVSS9.1AI score0.86303EPSS
Exploits26References31
Fedora
Fedora
added 2023/11/03 7:1 p.m.43 views

[SECURITY] Fedora 39 Update: fbthrift-2023.10.16.00-1.fc39

Thrift is a serialization and RPC framework for service communication. Thrift enables these features in all major languages, and there is strong support for C++, Python, Hack, and Java. Most services at Facebook are written using Thri ft for RPC, and some storage systems use Thrift for serializin...

7.5CVSS8.7AI score0.99999EPSS
Exploits19
Fedora
Fedora
added 2023/02/17 6:20 p.m.15 views

[SECURITY] Fedora 37 Update: phpMyAdmin-5.2.1-1.fc37

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and i...

8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/14 3:0 a.m.23 views

Android 14 developer preview highlights multiple security improvements

Android developers have been given a taste of whats to come in the next big step up in mobile land, thanks to Android 14 waiting on the horizon. The developer preview is a great way for those most familiar with the mobile operating system to see which changes theyll enjoy and what ones theyll hav...

7.9AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2022/10/17 12:0 a.m.26 views

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10152-1 Rating: important References: 1201720 1203086 1203306 1203370 1203735 1204019 Cross-References: CVE-2022-21554 CVE-2022-21571 CVSS scores: CVE-2022-21554 NVD : 4.4...

8.2CVSS6.7AI score0.00347EPSS
Exploits0References6
Fedora
Fedora
added 2022/07/04 1:35 a.m.26 views

[SECURITY] Fedora 36 Update: golang-github-googleapis-gnostic-0.5.3-6.fc36

This package contains a Go command line tool which converts JSON and YAML OpenAPI descriptions to and from equivalent Protocol Buffer representations. Protocol Buffers provide a language-neutral, platform-neutral, extensible mechanism for serializing structured data. gnostic's Protocol Buffer...

9.3CVSS8AI score0.05994EPSS
Exploits4
OSV
OSV
added 2022/06/25 6:1 p.m.3 views

OPENSUSE-SU-2022:10031-1 Security update for wdiff

This update for wdiff fixes the following issues: This update ships wdiff. Updated to 1.2.2: Updated Vietnamese, Swedish, Estonian, Chinese traditional, Brazilian Portuguese and Russian translations. Updated gnulib. Used more recent autotools: autoconf 2.69 and automake 1.14.1. updated to 1.2.1:...

4.4CVSS9.7AI score0.00474EPSS
Exploits1References2
OSV
OSV
added 2021/11/26 6:15 p.m.14 views

CVE-2021-41279

BaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the...

8.8CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2021/11/26 6:15 p.m.16 views

Path traversal

BaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the...

9CVSS8.6AI score0.01565EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/11/26 6:0 p.m.51 views

CVE-2021-41279

CVE-2021-41279 affects baserCMS; a path traversal vulnerability exists in the upload handling where users with upload privileges can upload crafted zip files to traverse host filesystem. Affected versions prior to the fix allow this, with impact described as path traversal on the host OS. Remedia...

9CVSS8.1AI score0.01565EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/08/25 6:15 p.m.24 views

CVE-2021-39136

baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are...

8.7CVSS0.00929EPSS
Exploits0References4
OSV
OSV
added 2021/08/25 6:15 p.m.19 views

CVE-2021-39136

baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are...

5.4CVSS6AI score
Exploits0References4
Prion
Prion
added 2021/08/25 6:15 p.m.12 views

Cross site scripting

baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are...

3.5CVSS5.2AI score0.00929EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/08/25 6:5 p.m.29 views

CVE-2021-39136 Cross-site scripting vulnerability in file upload

baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are...

8.7CVSS8.4AI score0.00929EPSS
Exploits0References4
CVE
CVE
added 2021/08/25 6:5 p.m.65 views

CVE-2021-39136

baserCMS (Japanese-focused open source CMS) contains a cross-site scripting (XSS) vulnerability in the file upload feature for affected versions prior to 4.5.1. The vulnerability arises in the management system’s file upload path, allowing arbitrary script execution in a user’s browser if exploit...

8.7CVSS5.5AI score0.00929EPSS
Exploits0References4Affected Software1
SonarSource Blog
SonarSource Blog
added 2021/06/15 12:0 a.m.233 views

7 more reasons to upgrade to SonarQube 8.9 LTS

SonarQube v8.9 LTS was just released and we hope you’ve already seen our announcement and are working on your upgrade! A new SonarQube LTS represents a huge amount of work. Since the release of the previous SonarQube LTS v7.9, in November 2019, there have been over 5200 development tickets merged...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/05/12 12:41 p.m.36 views

TeaBot Trojan Targets Banks via Hijacked Android Handsets

Researchers have discovered an Android trojan that can steal victims’ SMS messages and credentials and completely take over devices. The trojan, dubbed TeaBot, is aimed at committing fraud against at least 60 banks in Europe. Join Threatpost for “Fortifying Your Business Against Ransomware, DDoS ...

5.5AI score
Exploits0References13
Rows per page
Query Builder