Lucene search
K

771 matches found

Ubuntu
Ubuntu
added 2025/06/24 12:36 a.m.9 views

USN-7592-1: Linux kernel vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.3AI score0.02033EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.6 views

The vulnerability of the software for configuring and setting up Universal Relay (UR) devices from GE Vernova Enervista UR Setup lies in the authentication procedures’ deficiencies, which allow attackers to influence the integrity of the protected information.

The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to compromise the integrity of the protected...

8CVSS5.5AI score0.00177EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.7 views

The vulnerability of the IBM Verify Identity Access Digital Credentials access control system lies in the shortcomings of its error reporting mechanism, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Verify Identity Access Digital Credentials access control system is related to deficiencies in the error reporting mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00273EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.4 views

Open Source, Open Threats? Investigating Security Challenges in Open-Source Software

Open-source software OSS has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to increased exposure to vulnerabilities and attack surfaces...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.14 views

The vulnerability of the Task Scheduler in Windows operating systems allows a malicious individual to escalate their privileges.

The vulnerability of the Task Scheduler in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...

8.4CVSS5.4AI score0.00429EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/17 12:0 a.m.10 views

The vulnerability of the Local Security Authority (LSA) service on Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Local Security Authority LSA service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

7.8CVSS5.5AI score0.01406EPSS
Exploits0References2
hivepro
hivepro
added 2025/06/12 2:0 p.m.4 views

No CWE? No Excuse. Why Classification Gaps Are a Hacker’s Dream

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! In cybersecurity, we obsess over...

7.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/11 12:0 a.m.7 views

The vulnerability of the Update Handler component in Mozilla Firefox, Mozilla Firefox ESR, and the Mozilla Thunderbird email client allows a hacker to escalate their privileges.

The vulnerability of the Update Handler component in Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

9CVSS7.7AI score0.00534EPSS
Exploits0References15Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.4 views

Vulnerabilities of operating systems visionOS, iOS, iPadOS, tvOS, and macOS, related to deficiencies in authentication mechanisms, allow attackers to circumvent existing security restrictions.

The vulnerability of the visionOS operating system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows an attacker to circumvent existing security restrictions...

7.7CVSS8AI score0.00343EPSS
Exploits0References8Affected Software5
Ubuntu
Ubuntu
added 2025/06/05 8:52 a.m.5 views

USN-7550-5: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Sun RPC protocol; CVE-2024-56608, CVE-2024-56551, CVE-2024-53168...

7.8CVSS7.1AI score0.00232EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/02 12:0 a.m.8 views

The vulnerability of the ViewState mechanism of the ConnectWise ScreenConnect remote access software allows a perpetrator to execute arbitrary code.

The vulnerability of the ViewState mechanism of the ConnectWise ScreenConnect remote access software lies in the deficiencies of the authentication process. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted ViewState request...

8.1CVSS8.6AI score0.03292EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.3 views

Devolutions Server 访问控制错误漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. An Access Control Error vulnerability exists in Devolutions Server version 2025.1.7.0 and prior versions, which stems from improper access control for...

8.8CVSS6.7AI score0.00465EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.6 views

CVE-2023-41928

The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses...

5.3CVSS6.9AI score0.00133EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.4 views

CVE-2023-41927

The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic weaknesses...

5.3CVSS6.9AI score0.00133EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:31 p.m.12 views

CVE-2021-27501

Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities...

9.8CVSS7AI score0.00888EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:42 p.m.4 views

CVE-2021-37059

There is a Weaknesses Introduced During Design...

9.8CVSS7AI score0.00741EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.8 views

CVE-2020-27020

Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information for example, time of password generation...

7.5CVSS6.7AI score0.00739EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:52 a.m.11 views

CVE-2019-8113

Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration...

5.3CVSS7AI score0.0092EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.27 views

VMware ESXi和VMware vCenter Server 安全漏洞

VMware ESXi and VMware vCenter Server are both products of VMware, Inc.VMware ESXi is a server virtualization platform that can be installed directly on physical servers.VMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platform...

4.3CVSS5.5AI score0.00785EPSS
Exploits2References2
Packet Storm News
Packet Storm News
added 2025/05/16 12:0 a.m.7 views

Side Channel Analysis in Homomorphic Encryption

Homomorphic encryption provides many opportunities for privacy-aware processing, including with methods related to machine learning. Many of our existing cryptographic methods have been shown in the past to be susceptible to side channel attacks. With these, the implementation of the cryptographi...

6.8AI score
Exploits0
Rows per page
Query Builder