CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

hivepro•added 2023/03/09 1:13 p.m.•15 views

Sharp Panda A Sophisticated Cyber-Espionage Campaign Targeting Governments

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Sharp Panda cyber-espionage campaign, which has been active for a considerable period, focuses on infiltrating government entities in Southeast Asia. This operatio...

1.4AI score

SUSE CVE•added 2023/03/09 4:7 a.m.•3 views

SUSE CVE-2019-14734

AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load in mtk.cpp...

8.8CVSS7.3AI score0.01866EPSS

Exploits1References2

HackRead•added 2023/03/08 6:25 p.m.•23 views

Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware

By Deeba Ahmed Currently, scammers are using DBatLoader malware loader to distribute Remcos RAT to businesses and institutions across Eastern Europe. This is a post from HackRead.com Read the original post: Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware...

2.7AI score

The Hacker News•added 2023/03/08 7:57 a.m.•42 views

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the...

0.2AI score

hivepro•added 2023/03/02 11:55 a.m.•25 views

Snip3 Crypter an Advanced RAT Loader Targeting Multiple Industries

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A multi-stage remote access trojan RAT loader called Snip3 crypter was recently discovered deploying RAT families, including QuasarRAT and DcRAT, to target victims...

1.3AI score

RedHat Linux•added 2023/03/01 10:2 p.m.•3 views

loader-utils: Regular expression denial of service

A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service ReDoS, affecting the availability of the affected component...

RedHat Linux•added 2023/03/01 9:58 p.m.•4 views

loader-utils: Regular expression denial of service

RedHat Linux•added 2023/03/01 9:45 p.m.•2 views

loader-utils: Regular expression denial of service

RedHat Linux•added 2023/03/01 9:45 p.m.•5 views

loader-utils: Regular expression denial of service

CNNVD•added 2023/03/01 12:0 a.m.•6 views

Alphabet YouTube Embedded 安全漏洞

Alphabet YouTube Embedded is a video sharing application from Alphabet USA. A security vulnerability exists in the Alphabet YouTube Embedded version 1.2 SDK, which stems from a ClassLoader that the SDK can load for malicious applications...

7.3CVSS7.3AI score0.00111EPSS

Exploits0References2

RedHat Linux•added 2023/02/28 12:50 a.m.•46 views

Important: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS6.8AI score0.14663EPSS

Exploits7References31

The Hacker News•added 2023/02/23 11:47 a.m.•4 views

Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete...

7.1AI score

Rockylinux•added 2023/02/22 1:8 a.m.•20 views

grub2 bug fix and enhancement update

An update is available for grub2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a...

0.8AI score

hivepro•added 2023/02/21 10:21 a.m.•20 views

The Intricate Evolution of SoulSearcher Loader for Multi-Stage Malware Execution

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SoulSearcher is a second-stage loader that has been seen in the wild since October 2017, and it is responsible for executing the Soul module payload and parsing its configuration. The samples found in th...

1.8AI score