CVE-2023-44976

Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023...

CVE-2023-44976

Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023...

CVE-2023-44976

Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023...

PT-2025-31640 · Hangzhou Shunwang · Hangzhou Shunwang Rentdrv2

Name of the Vulnerable Software and Affected Versions: Hangzhou Shunwang Rentdrv2 versions prior to 2024-12-24 Description: Hangzhou Shunwang Rentdrv2 is susceptible to a local privilege escalation issue. An attacker can terminate Endpoint Detection and Response EDR processes using a...

CVE-2025-53074

Out-of-bounds Read vulnerability in Samsung Open Source rLottie allows Overflow Buffers.This issue affects rLottie: V0.2...

CVE-2022-50156

In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112xfer Smatch warnings: drivers/hid/hid-cp2112.c:793 cp2112xfer error: memcpy 'data-block1' too small 33 vs 255 drivers/hid/hid-cp2112.c:793 cp2112xfer error: memcpy 'buf' too small 6...

CVE-2025-22664

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:21+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedywq5uj2f 2025-02-04 18:54:34+00:00| seen| https://t.me/cvedetector/17215...

AlmaLinux 8 : mariadb:10.5 (ALSA-2025:0739)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:0739 advisory. mysql: InnoDB unspecified vulnerability CPU Oct 2023 CVE-2023-22084 mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096 Tenable...

BIT-NODE-MIN-2023-44487

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

CVE-2024-43752 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-49913

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for toppipetoprogram in commitplanesforstream This commit addresses a null pointer dereference issue in the commitplanesforstream function at line 4140. The issue could occur when toppipetoprogram ...

Remote Desktop client for Windows RCE (October 2024)

The Windows Remote Desktop client for Windows installed on the remote host is missing security updates. It is, therefore, affected by a remote-code execution vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

Security Updates for Azure CLI (October 2024)

The Azure CLI is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'...

Truist bank confirms data breach

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name "Sp1d3r" offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets...

BIT-JENKINS-2023-44487

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

Security Bulletin: IBM Copy Services manager is affected by IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023 - Includes Oracle October 2023 CPU plus CVE-2023-5676

Summary IBM Copy Services Manager is affected by All applicable Java SE CVEs published by Oracle as part of their October 2023 Critical Patch Update plus CVE-2023-5676. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager - Oracle October 2023 CPU (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in October 2023. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms - Includes Oracle October 2023 CPU (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by v4.1.0.4 to v4.1.1.1 of IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in October 2023. Vulnerability Details Refer to the security bulletins...

Hackers Leak Alleged Partial Facebook Marketplace Database

By Waqas The alleged data breach took place on October 2023. However, the database was only made public earlier today, on Sunday, February 11, 2024. This is a post from HackRead.com Read the original post: Hackers Leak Alleged Partial Facebook Marketplace Database...

BIT-KONG-2023-44487

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...