Lucene search
K

253 matches found

CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Email parameter in the “Recover password” section, which may lead ...

6.1CVSS5.6AI score0.00227EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:54 a.m.4 views

CVE-2025-59379

DwyerOmega Isensix Advanced Remote Monitoring System ARMS 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from...

7.5CVSS7.6AI score0.00341EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.3 views

PT-2026-1459

Name of the Vulnerable Software and Affected Versions DwyerOmega Isensix Advanced Remote Monitoring System ARMS version 1.5.7 Description The software allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the...

7.5CVSS7.2AI score0.00341EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202446

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...

10CVSS7.7AI score0.00603EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.4 views

Medtronic CareLink Network 安全漏洞

Medtronic CareLink Network is an open source platform for remote monitoring of cardiac patients by Medtronic in the United States. A security vulnerability exists in versions of Medtronic CareLink Network prior to December 4, 2025, which stems from a local attacker being able to view plaintext...

4.1CVSS6.3AI score0.00095EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2025/12/03 2:12 p.m.12 views

How attackers use real IT tools to take over your computer

A new wave of attacks is exploiting legitimate Remote Monitoring and Management RMM tools like LogMeIn Resolve formerly GoToResolve and PDQ Connect to remotely control victims’ systems. Instead of dropping traditional malware, attackers trick people into installing these trusted IT support progra...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/20 4:57 p.m.6 views

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that's targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code retrieved from a command-and-control C2 server, Kaspersky researcher Lisandro Ubiedo said in an...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/06 7:39 p.m.4 views

Hackers commit highway robbery, stealing cargo and goods

There’s a modern-day train heist happening across America, and this time, some of the bandana-masked robbers are sitting behind screens. According to new research, a group of cybercriminals has been attacking trucking, freight, and logistics companies for months, impersonating brands and even...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/05 11:20 a.m.4 views

Mysterious 'SmudgedSerpent' Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions

A never-before-seen threat activity cluster codenamed UNKSmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel. "UNKSmudgedSerpent...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/03 1:18 p.m.9 views

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management RMM software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according t...

6.6AI score
Exploits0
SUSE Linux
SUSE Linux
added 2025/10/17 12:2 p.m.4 views

Security update for chrony

This update for chrony fixes the following issues: Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

6.9AI score
Exploits0References2
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.7 views

ConnectWise Automate Agent 安全漏洞

ConnectWise Automate Agent is a remote monitoring and management software from ConnectWise USA. A security vulnerability exists in ConnectWise Automate Agent that stems from not fully verifying the authenticity of files downloaded from a server, which could lead to a man-in-the-middle attack...

8.8CVSS6.9AI score0.00212EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-10905

Malware in sbrugna...

6.5CVSS7.8AI score0.01397EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-1426

Malware in sbrugna...

5CVSS6.4AI score0.01285EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-19532

Malware in sbrugna...

9.8CVSS9.2AI score0.01032EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-33855

Malicious code in bioql PyPI...

7CVSS5.3AI score0.00209EPSS
Exploits0References2
HackRead
HackRead
added 2025/09/15 12:23 p.m.5 views

Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites

New research from Red Canary and Zscaler shows phishing lures now drop RMM tools like ITarian and Atera,…...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-14324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remot...

10CVSS8.3AI score0.04343EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-23985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If an attacker is able to alter specific about:config values for example malware running on the user's computer, the Devtools remote debugging feature could hav...

6.5CVSS7.5AI score0.01397EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/06/27 12:0 a.m.6 views

One Video to Steal Them All: 3D-Printing IP Theft through Optical Side-Channels

The 3D printing industry is rapidly growing and increasingly adopted across various sectors including manufacturing, healthcare, and defense. However, the operational setup often involves hazardous environments, necessitating remote monitoring through cameras and other sensors, which opens the do...

6.9AI score
Exploits0
Rows per page
Query Builder