Lucene search
K

1237 matches found

The Hacker News
The Hacker News
added 2024/06/15 8:13 a.m.41 views

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks

A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written ...

7.8CVSS8.6AI score0.88106EPSS
Exploits100
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.7 views

Fedora: Security Advisory for qt5-qtx11extras (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.0097EPSS
Exploits0References2
Fedora
Fedora
added 2024/06/02 3:39 a.m.12 views

[SECURITY] Fedora 39 Update: rust-speakersafetyd-0.1.9-3.fc39

Speaker protection daemon for embedded Linux systems...

7.4AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/05/31 3:14 a.m.3 views

SUSE CVE-2024-33899

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences...

7.3CVSS8.6AI score0.00817EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.9 views

Fedora: Security Advisory for rust-speakersafetyd (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Saint
Saint
added 2024/05/23 12:0 a.m.214 views

Mirth Connect deserialization vulnerability

Added: 05/23/2024 Background Mirth Connect is an application which translates message standards for healthcare systems. Problem A deserialization vulnerability in Mirth Connect allows remote attackers to execute arbitrary commands by sending a specially crafted API request. Resolution Upgrade to...

9.8CVSS10AI score0.82708EPSS
Exploits21
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.4 views

Google gVisor 安全漏洞

Google gVisor is a user-space kernel written in the Go language for use in Linux systems. A security vulnerability exists in Google gVisor. An attacker exploited the vulnerability to cause a denial of service on the system...

6.5CVSS4.7AI score0.00165EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2024/04/03 10:19 p.m.247 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 Checker The CVE-2024-3094 Checker is a powerful...

10CVSS9.8AI score0.85974EPSS
Exploits39
OSV
OSV
added 2024/03/26 6:32 p.m.44 views

GHSA-CFF3-5QRP-HQX7 Apache Airflow Improper Preservation of Permissions vulnerability

Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

5.3CVSS5.1AI score0.0146EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2024/03/22 3:6 a.m.25 views

Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded 'AcidPour' Malware

The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russi...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.3 views

PT-2024-2008

Name of the Vulnerable Software and Affected Versions pgAdmin versions prior to 8.4 Description The issue is related to a path-traversal vulnerability in the session handling code of pgAdmin, which can lead to unsafe deserialization and remote code execution. This vulnerability can be exploited b...

9.9CVSS7.5AI score0.79326EPSS
Exploits4References33
GithubExploit
GithubExploit
added 2024/01/17 10:55 p.m.146 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 PoC de Polkit ¿En qué consiste Polkit? Policy...

7.8CVSS7.4AI score0.94921EPSS
Exploits151
The Hacker News
The Hacker News
added 2024/01/06 8:19 a.m.41 views

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

Telecommunication, media, internet service providers ISPs, information technology IT-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the...

7.5AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/14 5:21 p.m.34 views

Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Operations Analytics Predictive Insights

Summary IBM Operations Analytics Predictive Insights uses Apache ActiveMQ software, as a core module in processing analytics data. The vulnerability CVE-2023-46604 found in Apache ActiveMQ could be exploited to download and infect Linux systems with the Kinsing malware. This bulletin identifies t...

10CVSS9.5AI score0.99654EPSS
Exploits31Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/04 12:0 a.m.6 views

PT-2023-7577

Name of the Vulnerable Software and Affected Versions Insyde InsydeH2O versions 5.2 through 5.60.47 Acer, HP, Fujitsu, and Lenovo devices affected versions not specified Description A LogoFAIL issue exists in the BmpDecoderDxe component of Insyde InsydeH2O UEFI firmware. This flaw stems from an...

6.1CVSS6.4AI score0.01858EPSS
Exploits1References35
HackRead
HackRead
added 2023/11/22 6:49 p.m.8 views

Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw

By Deeba Ahmed Patches for all affected versions of Apache ActiveMQ have been released, and clients are strongly advised to upgrade their systems. This is a post from HackRead.com Read the original post: Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw...

7.6AI score
Exploits0
Cvelist
Cvelist
added 2023/11/16 8:15 a.m.40 views

CVE-2023-26031 Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems

Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote authenticated users, this MAY permit remote users to gain root privileges. Hadoop 3.3.0 updated the "...

7.9AI score0.02089EPSS
Exploits0References4
hivepro
hivepro
added 2023/10/31 5:56 a.m.39 views

Attacks, Vulnerabilities and Actors 23 October to 29 October 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and three exploited...

4.9CVSS7.4AI score0.73445EPSS
Exploits2
The Hacker News
The Hacker News
added 2023/10/23 11:34 a.m.63 views

DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan

The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are als...

7.2AI score
Exploits0
Snyk
Snyk
added 2023/09/12 7:57 p.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

6.5CVSS7AI score0.04661EPSS
Exploits0References2
Rows per page
Query Builder