Lucene search
K

287 matches found

OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Configure Audit Rules for Privilege-Escalated Commands

Users can call privilege-escalated commands that is, commands with SUID/SGID bits to obtain the super administrator permissions. This operation is risky and often exploited by attackers. You are advised to audit and monitor privilege-escalated commands for future tracing. By default, audit rules...

7.1AI score
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Avoid the .forward File in the Home Directory

An email address can be configured in the .forward file. When a user receives an email, the email is automatically forwarded to the email address. If there are no email forwarding scenarios, you are advised to delete the .forward file. If the .forward file exists, emails containing sensitive...

6.6AI score
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.1 views

Correctly Configure the Log Records of Each Service

Logs should be configured so that important system behaviors and security-related information are recorded by rsyslog. The configuration files /etc/rsyslog.conf and /etc/rsyslog.d/.conf specify the rules for logging and the files for recording specific types of logs. If logging is not configured,...

6.7AI score
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Do Not Install Network Sniffing Tools

If network sniffing tools exist in the production environment, attackers may use them for network analysis and attacks. Therefore, in the production environment, do not install network sniffing, packet capturing, or analysis tools, such as tcpdump, Ethereal, and Wireshark. SPDX-FileCopyrightText:...

7AI score
Exploits0References3
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Ensure That Partitions without Executable Files Are Mounted Using noexec

A data drive only stores data generated during service running. No command is executed in the data drive. Therefore, you can mount the drive or partition using noexec to improve security and reduce the attack surface. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be...

7.1AI score
Exploits0References4
Talos Blog
Talos Blog
added 2025/05/06 10:0 a.m.12 views

Proactive threat hunting with Talos IR

At Cisco Talos, we understand that effective cybersecurity isn't just about responding to incidents -- it's about preventing them from happening in the first place. One of the most powerful ways we do this is through proactive threat hunting. Our Talos Incident Response Talos IR team works closel...

7.3AI score
Exploits0
CNVD
CNVD
added 2024/08/23 12:0 a.m.7 views

IBM Global Configuration Management Access Control Error Vulnerability

IBM Global Configuration Management is a Web-based tool from International Business Machines IBM. It can be used to assemble configurations from other IBM Engineering Lifecycle Management ELM applications into a global configuration. An Access Control Error vulnerability exists in IBM Global...

6.5CVSS6.3AI score0.00282EPSS
Exploits0References1
OSV
OSV
added 2024/08/20 8:15 p.m.4 views

CVE-2024-41773

IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References2
NVD
NVD
added 2024/08/20 8:15 p.m.45 views

CVE-2024-41773

IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls...

6.5CVSS0.00282EPSS
Exploits0References2
CVE
CVE
added 2024/08/20 7:26 p.m.65 views

CVE-2024-41773

CVE-2024-41773 affects IBM Global Configuration Management (GCM) versions 7.0.2 and 7.0.3. The root cause is improper access controls that could allow an authenticated user to archive a global baseline. Public sources in the connected documents corroborate this description and assign a CVSS base ...

6.5CVSS6.3AI score0.00282EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.5 views

IBM Global Configuration Management 安全漏洞

IBM Global Configuration Management is a Web-based tool from International Business Machines IBM. It can be used to assemble configurations from other IBM Engineering Lifecycle Management ELM applications into a global configuration. An Access Control Error vulnerability exists in IBM Global...

6.5CVSS6.5AI score0.00282EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.6 views

PT-2024-29557 · Ibm · Ibm Global Configuration Management

Name of the Vulnerable Software and Affected Versions: IBM Global Configuration Management versions 7.0.2 through 7.0.3 Description: The issue is related to improper access controls, allowing an authenticated user to archive a global baseline. This could potentially lead to privilege escalation d...

6.5CVSS7.2AI score0.00282EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.6 views

PT-2024-26926 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 4.0.0 OpenHarmony version 4.0.0 Description: The issue allows a remote attacker to execute arbitrary code in pre-installed apps through out-of-bounds read and write. Recommendations: For OpenHarmony versions prio...

9.8CVSS8.1AI score0.00569EPSS
Exploits0References3
OSV
OSV
added 2024/06/25 12:29 p.m.4 views

MAL-2024-1815 Malicious code in bc-baseline (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 004f716d6faa9713997578e5ad3b8a25eb483ce027b32e3a4ef6eb05179c430c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:29 p.m.3 views

Malicious code in bc-baseline (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 004f716d6faa9713997578e5ad3b8a25eb483ce027b32e3a4ef6eb05179c430c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References2
Schneier on Security
Schneier on Security
added 2024/06/05 11:0 a.m.24 views

Online Privacy and Overfishing

Microsoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions werent about how hackers were using the tools that was utterly predictable, but about how Microsoft figured it out. The natural conclusion wa...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/04/02 12:0 a.m.5 views

PT-2024-19260 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 4.0.0 OpenHarmony version 4.0.0 Description: The issue allows a local attacker to cause a denial of service DOS through a use after free exploit. Recommendations: For OpenHarmony versions prior to 4.0.0, update t...

5.5CVSS7AI score0.00153EPSS
Exploits0References3
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/11/06 5:0 p.m.13 views

Automatic Conditional Access policies in Microsoft Entra streamline identity protection

Extending our commitment to help customers be secure by default, today were announcing the auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage. Weve designed these policies based on our deep knowledge of t...

7.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/07/20 2:45 p.m.17 views

Part I: Implementing Effective Cyber Security Metrics That Reduce Risk Realistically

As a CISO or business leader, some burning questions that often come to your mind are: How vulnerable is our cybersecurity posture? Are we better protected than we were three months or a year ago? Have our investments improved the cybersecurity posture and yielded any tangible benefits? Are my...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2023/07/12 2:13 p.m.71 views

Exploit for Race Condition in Microsoft

This is a PoC exploit for CVE-2023-36884, a vulnerability in Mic...

7.5CVSS7AI score0.99083EPSS
Exploits3
Rows per page
Query Builder