Lucene search
K

40449 matches found

Malwarebytes
Malwarebytes
added 2025/05/29 12:37 p.m.10 views

Take back control of your browser—Malwarebytes Browser Guard now blocks search hijacking attempts

Search hijacking, often referred to as browser hijacking, occurs when cybercriminals modify users’ browser settings without their consent. This often results in users being redirected to potentially malicious websites, such as fake customer service offerings. Search hijacking commonly happens...

7.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2025/05/29 10:30 a.m.8 views

The US Is Storing Migrant Children’s DNA in a Criminal Database

Customs and Border Protection has swabbed the DNA of migrant children as young as 4, whose genetic data is uploaded to an FBI-run database that can track them if they commit crimes in the future...

7.2AI score
Exploits0
OSV
OSV
added 2025/05/29 1:9 a.m.4 views

MINI-7X3P-C79F-R6J4

Bulletin has no description...

8.7CVSS8.5AI score0.00792EPSS
Exploits0
OSV
OSV
added 2025/05/29 1:9 a.m.1 views

MINI-7HJ5-V8WJ-V2Q8

Bulletin has no description...

4.9CVSS7.2AI score0.00716EPSS
Exploits0
OSV
OSV
added 2025/05/29 1:8 a.m.2 views

MINI-5J9M-85V6-GC24

Bulletin has no description...

3.7CVSS5.7AI score0.01018EPSS
Exploits0
OSV
OSV
added 2025/05/29 1:8 a.m.3 views

MINI-9FF4-9C66-M479

Bulletin has no description...

4.9CVSS9.5AI score0.01021EPSS
Exploits0
OSV
OSV
added 2025/05/29 1:8 a.m.2 views

MINI-3FVV-8F63-VFRV

Bulletin has no description...

5.5CVSS8.1AI score0.00197EPSS
Exploits0
OSV
OSV
added 2025/05/29 1:5 a.m.1 views

MINI-2JC9-HR3W-8C8X

Bulletin has no description...

3.7CVSS7.6AI score0.01108EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.5 views

The vulnerability of the Shamir’s secret platform implementation for archiving corporate information, HashiCorp Vault and Vault Enterprise, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Shamir’s secret platform implementation for archiving corporate information, both HashiCorp Vault and Vault Enterprise, is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an intruder to gain unauthorized access to the...

4.7CVSS5.9AI score0.0021EPSS
Exploits0References4Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.20 views

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, as well as in the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

9CVSS6.1AI score0.00525EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/29 12:0 a.m.5 views

DLA-4190-1 mydumper - security update

Bulletin has no description...

5.1CVSS7.2AI score0.00657EPSS
Exploits0
OSV
OSV
added 2025/05/28 5:43 p.m.2 views

DRUPAL-CONTRIB-2025-072

This module addresses the General Data Protection Regulation GDPR and the EU Directive on Privacy and Electronic Communications. The module doesn't sufficiently verify whether "disabled JavaScript" entries are valid or correspond to actual scripts on the page. As a result, an attacker could injec...

5CVSS7.1AI score0.00182EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/28 4:24 p.m.47 views

CVE-2024-47056 Mautic does not shield .env files from web traffic

SummaryThis advisory addresses a security vulnerability in Mautic where sensitive .env configuration files may be directly accessible via a web browser. This exposure could lead to the disclosure of sensitive information, including database credentials, API keys, and other critical system...

5.1CVSS0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.2 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosur...

5.3CVSS5.9AI score0.00294EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.5 views

The vulnerability of the include() function in Twig template rendering handlers allows attackers to circumvent existing security restrictions.

The vulnerability of the include function in Twig template rendering engines is related to a breach of data protection mechanisms. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions remotely...

8.6CVSS7.7AI score0.00826EPSS
Exploits0References7Affected Software4
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.3 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosur...

4.3CVSS6.1AI score0.00249EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/28 12:0 a.m.9 views

PT-2025-23098 · Apache +2 · Apache +2

Name of the Vulnerable Software and Affected Versions: Mautic affected versions not specified Description: The issue concerns the potential exposure of sensitive information, including database credentials, API keys, and other critical system configurations, due to the direct accessibility of .en...

5.1CVSS6.2AI score0.00103EPSS
Exploits0References10
Patchstack
Patchstack
added 2025/05/28 12:0 a.m.7 views

Drupal EU Cookie Compliance (GDPR Compliance) module < 1.26.0 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module EU Cookie Compliance GDPR Compliance versions 1.26.0...

5CVSS6.1AI score0.00182EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2025/05/28 12:0 a.m.7 views

CVE-2025-32802

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

6.1CVSS5.8AI score0.00194EPSS
Exploits0References3
OSV
OSV
added 2025/05/28 12:0 a.m.2 views

DLA-4183-1 setuptools - security update

Bulletin has no description...

8.8CVSS7.2AI score0.01479EPSS
Exploits4
Rows per page
Query Builder