Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

CNVD
CNVDadded 2022/05/16 12:0 a.m.13 views

M-Files Server Cross-Site Scripting Vulnerability

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in versions of M-Files Server prior to 22.2.11051.0, which stems from an administrative tool that allows the use of scripts to store configuration data that can then be run by other library...

3.5CVSS4.9AI score0.00392EPSS
Exploits0Affected Software1
Talos Blog
Talos Blogadded 2019/10/07 9:29 a.m.143 views

How Tortoiseshell created a fake veteran hiring website to host malware

By Warren Mercer and Paul Rascagneres with contributions from Jungsoo An. Introduction Cisco Talos recently discovered a threat actor attempting to take advantage of Americans who may be seeking a job, especially military veterans. The actor, previously identified by Symantec as Tortoiseshell,...

0.1AI score
Exploits0
Talos Blog
Talos Blogadded 2019/09/30 8:35 a.m.99 views

Open Document format creates twist in maldoc landscape

By Warren Mercer and Paul Rascagneres. Introduction Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines. This can happen across other file formats, but today, we are showing a change of approach for an actor who has deemed...

7.1AI score
Exploits0
Talos Blog
Talos Blogadded 2019/04/24 7:33 a.m.89 views

DNSpionage brings out the Karkoff

Warren Mercer and Paul Rascagneres authored this post. Update 4/24: The C2 section below now includes details around the XOR element of the C2 communication system. Executive summary In November 2018, Cisco Talos discovered an attack campaign, called DNSpionage, in which threat actors created a n...

Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:7 a.m.15 views

Security Bulletin: IBM Business Process Manager (BPM) document store is affected by clickjacking vulnerability in administrative tool for BPM document store (CVE-2013-5462)

Summary A clickjacking vulnerability has been reported for the administrative tool ACCE of the embedded component used by IBM BPM document store. Vulnerability Details CVEID: CVE-2013-5462 DESCRIPTION: The IBM Content Navigator application URL can be opened within a frame in a Web page. In this...

4.3CVSS0.6AI score0.00246EPSS
Exploits0Affected Software3
Packet Storm
Packet Stormadded 2005/12/26 12:0 a.m.33 views

hcXSS.txt

In GOD We Trust Kachal667 Under9round Team KuT Hi, Here's myLrK new advisory about Hosting Controller. Hosting Controller - CSS vulnerabilities Found date : Pri8 Public Date: 02/11/2005 Summary ------- Hosting Controller is an all-in-one administrative hosting tool for Windows. It automates a wid...

7.4AI score
Exploits0
Rows per page
Query Builder