Lucene search
K

84 matches found

Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.11 views

PT-2026-48474

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-697 Incorrect Comparison Summary AWS IAM trust policies can list more than one federated identity provider — for example, a role that accepts BOTH GitHub Actions OIDC and Google's OIDC. The G OIDC 1 and G OIDC 2 policy rule...

8.3CVSS5.5AI score0.0004EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.12 views

Strengthening Polymorphic Prompt Assembling: Dynamic Separator Generation against Emerging Prompt Injection Attacks

Polymorphic Prompt Assembling PPA defends LLM agents against prompt injections by randomly selecting separator pairs from a fixed pool to isolate user input from system instructions. Although effective, static pool reuse exposes a blast-radius vulnerability: once a separator leaks, it can be...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/22 2:59 p.m.8 views

CLSA-2026-1779461988 krb5: Fix of 3 CVEs

CVE-2024-3596: generate and verify Message-Authenticator MACs in libkrad to mitigate the BlastRADIUS attack on the RADIUS protocol; includes follow-up fix for uninitialized pointer dereference in kradpacketdecoderequest - CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap...

9.1CVSS6AI score0.14859EPSS
Exploits2References1
Packet Storm News
Packet Storm News
added 2026/05/09 12:0 a.m.10 views

AI Native Asset Intelligence

Modern security environments generate fragmented signals across cloud resources, identities, configurations, and third-party security tools. Although AI-native security assistants improve access to this data, they remain largely reactive: users must ask the right questions and interpret...

5.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2026/04/07 3:0 p.m.8 views

Signals from the Cloud Security Forecast 2026: Cloud Risk Is Scaling through Design, Not Disruption

Key Takeaways Identity and permissions now determine what is reachable, making them the primary drivers of cloud risk. Runtime exposure, not individual findings, determines how low-risk issues combine into real impact. SaaS and OAuth integrations extend the control plane and amplify blast radius...

6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2026/04/02 12:0 p.m.5 views

Compliance Won’t Save Healthcare: Reducing the Blast Radius Will

...

5.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2026/03/24 12:0 p.m.4 views

Microsegmentation and Zero Trust: Control the Blast Radius by Design

...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.5 views

CVE-2019-12968

A vulnerability was found in the Sonic Robo Blast 2 SRB2 plugin EPVersions 9 to 11 inclusive distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowing a remote attacker to...

5.3CVSS7.1AI score0.02617EPSS
Exploits0References1
HackRead
HackRead
added 2025/11/24 1:0 p.m.9 views

Elite Cyber Veterans Launch Blast Security with $10M to Turn Cloud Detection into Prevention

Tel Aviv, Israel, 24th November 2025, CyberNewsWire...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-4543

Malware in sbrugna...

5.3CVSS5.5AI score0.02617EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-5745

Malware in sbrugna...

5.4CVSS6.4AI score0.00271EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-30252

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00632EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2640

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.00584EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27524

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00157EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/09/21 7:24 p.m.12 views

CVE-2025-34204

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...

9.8CVSS7AI score0.00632EPSS
Exploits1References1
NVD
NVD
added 2025/09/19 7:15 p.m.8 views

CVE-2025-34204

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...

9.8CVSS0.00632EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/19 6:41 p.m.5 views

CVE-2025-34204 Vasion Print (formerly PrinterLogic) Processes Running as Root Inside Docker Instances

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...

8.7CVSS6.7AI score0.00632EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/09/19 6:41 p.m.11 views

CVE-2025-34204 Vasion Print (formerly PrinterLogic) Processes Running as Root Inside Docker Instances

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...

8.7CVSS0.00632EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.7 views

PT-2025-38602

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application affected versions not specified Description The Vasion Print Virtual Appliance Host and Application VA and SaaS deployments utilizes Docker containers that execute prima...

8.7CVSS6.7AI score0.00632EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/09/12 7:11 a.m.5 views

CVE-2025-9622

The WP Blast | SEO & Performance Booster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.6. This is due to missing or incorrect nonce validation on multiple administrative actions in the Settings class. This makes it possible for...

4.3CVSS5.5AI score0.00157EPSS
Exploits0References1
Rows per page
Query Builder