Lucene search
K

1237 matches found

Snyk
Snyk
added 2023/09/12 7:57 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

6.5CVSS7AI score0.04661EPSS
Exploits0References2
Snyk
Snyk
added 2023/09/12 7:57 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

6.5CVSS7AI score0.04661EPSS
Exploits0References2
Snyk
Snyk
added 2023/09/12 7:57 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

6.5CVSS7AI score0.04661EPSS
Exploits0References2
hivepro
hivepro
added 2023/08/10 12:40 p.m.16 views

Reptile Rootkit Targets Linux Systems in South Korea

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Reptile, an open-source Linux rootkit, goes beyond concealment, offering attackers a reverse shell and utilizing Port Knocking for control; observed in attacks including Chinese groups exploiting...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/24 9:10 a.m.179 views

New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded...

9.8CVSS7.9AI score0.89955EPSS
Exploits20
Positive Technologies
Positive Technologies
added 2023/06/30 12:0 a.m.5 views

PT-2023-21675 · Ubiquiti · Unifi

Name of the Vulnerable Software and Affected Versions: UniFi versions 7.3.83 and earlier Description: A backup file vulnerability found in UniFi applications running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored...

9.1CVSS7.6AI score0.00627EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2023/06/23 7:30 a.m.4 views

New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices

Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/23 7:30 a.m.58 views

New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices

Internet-facing Linux systems and Internet of Things IoT devices are being targeted as part of a new campaign designed to illicitly mine cryptocurrency. "The threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal...

9.8CVSS9.9AI score0.69663EPSS
Exploits1
HackRead
HackRead
added 2023/06/17 12:33 p.m.13 views

Warning: Fake GitHub Repos Delivering Malware as PoCs

By Waqas According to researchers, these fake accounts on GitHub and Twitter are spreading malware that infects both Windows- and Linux-based systems. This is a post from HackRead.com Read the original post: Warning: Fake GitHub Repos Delivering Malware as PoCs...

7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2023/06/14 4:44 p.m.106 views

NuGet Client Remote Code Execution Vulnerability

Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET and NuGet on Linux. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET 6.0, .NET 7.0...

7.1CVSS7.2AI score0.01148EPSS
Exploits0References5Affected Software6
Vulnrichment
Vulnrichment
added 2023/06/05 3:45 a.m.11 views

CVE-2023-0636 Remote Code Execution via Command Injection

Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

7.2CVSS7.2AI score0.0136EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/06/05 3:42 a.m.9 views

CVE-2023-0635 Privilege escalation to root

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

7.8CVSS6.9AI score0.00374EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/05/25 10:40 a.m.280 views

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn't develop its own ransomware, it does utilize what appears to be one custom-developed tool,...

9.8CVSS9.9AI score0.99999EPSS
Exploits44
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.5 views

The vulnerability of the ksmbd module in Linux operating systems allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ksmbd module in Linux operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures using the SMB2QUERYINFO and SMB2LOGOFF command...

7.5CVSS7.1AI score0.00504EPSS
Exploits0References6Affected Software1
The Hacker News
The Hacker News
added 2023/05/11 10:32 a.m.46 views

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems

Multiple threat actors have capitalized on the leak of Babuk aka Babak or Babyk ransomware code in September 2021 to build as many as nine different ransomware families capable of targeting VMware ESXi systems. "These variants emerged through H2 2022 and H1 2023, which shows an increasing trend o...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/04/27 1:19 p.m.11 views

New PingPull Malware Variant Targets Linux Systems

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The PingPull malware variant that targets Linux systems is linked to Alloy Taurus, and it communicates with a domain over HTTPS to receive encrypted commands for executing specific functions. To receive...

6.8AI score
Exploits0
OSV
OSV
added 2023/04/19 11:15 p.m.4 views

CVE-2023-2166

A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service...

5.5CVSS7.1AI score
Exploits0References1
The Hacker News
The Hacker News
added 2023/03/30 3:58 p.m.3 views

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range o...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2023/03/14 12:0 a.m.2 views

Duncaen OpenDoas 安全漏洞

Duncaen OpenDoas is a program from the individual developer Duncaen that provides limited Sudo functionality for Linux systems. A security vulnerability exists in OpenDoas 6.8.2 and earlier versions, which stems from sharing a terminal with the original session, and can be exploited by an attacke...

8.8CVSS7.8AI score0.00642EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.2 views

SUSE CVE-2019-18276

An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems th...

3.6CVSS7.6AI score0.02608EPSS
Exploits5References3
Rows per page
Query Builder