Lucene search
+L

962 matches found

Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.10 views

PT-2025-49177

Name of the Vulnerable Software and Affected Versions Microsoft Edge for iOS affected versions not specified Description A flaw in the user interface UI of Microsoft Edge for iOS can allow an attacker to perform spoofing attacks over a network by misrepresenting critical information. This could...

4.3CVSS6.2AI score0.00401EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2025/11/20 10:18 p.m.2 views

CVE-2025-62459

Microsoft Defender Portal Spoofing Vulnerability...

8.3CVSS5.4AI score0.00269EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/20 9:58 a.m.17 views

Security Bulletin: Due to the use of Swagger UI, IBM Security SOAR is vulnerable to spoofing attacks..

Summary IBM Security SOAR uses Swagger-UI internally. CVE-2025-25031 Vulnerability Details CVEID:CVE-2018-25031 DESCRIPTION: Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this...

4.3CVSS6.2AI score0.42326EPSS
Exploits4Affected Software1
Redos
Redos
added 2025/11/17 12:0 a.m.6 views

ROS-20251117-05

A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...

8.8CVSS7.1AI score0.00541EPSS
Exploits9
Redos
Redos
added 2025/11/17 12:0 a.m.10 views

ROS-20251117-04

A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...

8.8CVSS7.1AI score0.00541EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2025/11/16 12:0 a.m.5 views

SUSE SLES15 Security Update : bind (SUSE-SU-2025:4107-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4107-1 advisory. - CVE-2025-40778: Address various spoofing attacks bsc1252379. - CVE-2025-40780: Cache-poisoning due to weak pseudo-random number...

8.6CVSS6.6AI score0.00509EPSS
Exploits1References7
OSV
OSV
added 2025/11/11 6:15 p.m.4 views

CVE-2025-62211

Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...

8.7CVSS5.8AI score0.00587EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 6:15 p.m.4 views

CVE-2025-62211

Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...

8.7CVSS0.00587EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/11/11 8:0 a.m.7 views

Dynamics 365 Field Service (online) Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...

8.7CVSS5.4AI score0.00587EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.4 views

Microsoft Dynamics 365 跨站脚本漏洞

Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. It is used for financial management, production management and business intelligence management. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 Field Service...

8.7CVSS5AI score0.00587EPSS
Exploits0References1
Redos
Redos
added 2025/11/10 12:0 a.m.4 views

ROS-20251110-03

Vulnerability in Google Chrome browser is related to insufficient input data validation when processing DOM elements. Exploitation of the vulnerability allows a remote attacker to launch a spoofing attack or cause a denial of service. Spoofing attack or cause a denial of service Vulnerability in...

8.8CVSS5.6AI score0.00315EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.2 views

SUSE SLES12: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2025:3976-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3976-1 advisory. - CVE-2025-40778: Address various spoofing attacks bsc1252379. Tenable has extracted the preceding description block directly from the SUSE security...

8.6CVSS6.7AI score0.00509EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.7 views

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system from the FreeBSD Foundation. A security vulnerability exists in FreeBSD, which stems from the kernel adding sockets to a load balancing group without checking the connection state, and matching load balancing group sockets while connected, which could lead ...

5.4CVSS6.3AI score0.00197EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/10/14 6:30 p.m.34 views

Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate

Summary Use of curl with the -k or --insecure flag in installer scripts allows attackers to deliver arbitrary executables via Man-in-the-Middle MitM attacks. This can lead to full system compromise, as the downloaded files are installed as privileged applications. Details The following scripts in...

5.3CVSS7.8AI score0.0022EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/10/14 5:16 p.m.3 views

CVE-2025-59284

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally...

5.5CVSS5.8AI score0.00965EPSS
Exploits1References1
NVD
NVD
added 2025/10/14 5:16 p.m.14 views

CVE-2025-59288

Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network...

5.3CVSS0.0022EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:16 p.m.4 views

CVE-2025-59288

Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network...

5.3CVSS6.7AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:16 p.m.6 views

CVE-2025-59244

External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.8AI score0.00764EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

Microsoft NTLM 安全漏洞

Microsoft NTLM is a Microsoft USA authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. A security vulnerability exists in Microsoft NTLM that originates from an attacker exploiting the vulnerability to perform a spoofing...

6.5CVSS9.2AI score0.00764EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.5 views

Microsoft NTLM 安全漏洞

Microsoft NTLM is a Microsoft USA authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. A security vulnerability exists in Microsoft NTLM that originates from an attacker exploiting the vulnerability to perform a spoofing...

6.5CVSS9.2AI score0.01062EPSS
Exploits0References1
Rows per page
Query Builder