CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2024/11/30 4:24 p.m.•1 views

MAL-2024-12324 Malicious code in pipcolorpkgv2 (PyPI)

6.9AI score

HackRead•added 2024/11/08 12:3 a.m.•9 views

New SteelFox Malware Posing as Popular Software to Steal Browser Data

SteelFox malware targets software pirates through fake activation tools, stealing credit card data and deploying crypto miners. Learn…...

7.4AI score

OSV•added 2024/11/06 5:15 p.m.•1 views

CVE-2024-20511

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user o...

6.1CVSS6AI score0.00447EPSS

The Hacker News•added 2024/10/30 1:0 p.m.•17 views

Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute an information stealer known as SYS01stealer. "The hackers behind the campaign use trusted brands to expand their reach," Bitdefender Labs...

7.3AI score

BDU FSTEC•added 2024/10/29 12:0 a.m.•1 views

The vulnerability in the web interface of the Cisco Unified Contact Center Management Portal allows a attacker to execute arbitrary code within the context of the vulnerable interface, or gain access to confidential information through the browser.

The vulnerability in the web interface for managing Cisco Unified Contact Center Management Portal exists due to the lack of security measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the vulnerable interface ...

6.4CVSS5.9AI score0.00447EPSS

6.1CVSS6.5AI score0.00155EPSS

Cisco Firepower Management Center 安全漏洞

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A cross-site scripting vulnerability exists in Cisco Firepower Management Center, which arises from insufficient validation of user-supplied input in the web management interface, and can ...

CNNVD•added 2024/10/23 12:0 a.m.•2 views

Cisco Firepower Management Center 安全漏洞

6.1CVSS6.5AI score0.00161EPSS

5.4CVSS6.5AI score0.00185EPSS

Cisco Firepower Management Center 跨站脚本漏洞

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. Cisco Firepower Management Center suffers from a cross-site scripting vulnerability that originates from the Web management interface not properly validating user-supplied input, which can...

Exploits0References2

5.4CVSS6.5AI score0.00109EPSS

Cisco Firepower Management Center 安全漏洞

CNNVD•added 2024/10/23 12:0 a.m.•3 views

Cisco Firepower Management Center 安全漏洞

6.1CVSS6.5AI score0.00346EPSS

Positive Technologies•added 2024/10/23 12:0 a.m.•3 views

PT-2024-7466 · Cisco · Cisco Secure Firewall Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Management Center formerly Cisco Firepower Management Center versions affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management...

6.1CVSS6.2AI score0.00155EPSS

Exploits0References5

5.4CVSS6.6AI score0.00057EPSS

Cisco Firepower Management Center 安全漏洞

5.4CVSS6.5AI score0.00104EPSS

Cisco Firepower Management Center 安全漏洞

5.4CVSS6.5AI score0.00107EPSS

Cisco Firepower Management Center 安全漏洞

The Hacker News•added 2024/08/21 11:10 a.m.•14 views

Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details

In what's a case of an operational security OPSEC lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative o...

7.3AI score

HackRead•added 2024/06/20 11:15 a.m.•17 views

New Fickle Stealer Exploits Software Flaws to Steal Crypto, Browser Data

Fortinet's FortiGuard Labs exposes the Fickle Stealer, a malware using multiple attack methods to steal logins, financial details, and more. Learn how to protect yourself from this evolving threat...

7.2AI score

Securelist•added 2024/05/22 10:0 a.m.•13 views

Stealers, stealers and more stealers

Introduction Stealers are a prominent threat in the malware landscape. Over the past year we published our research into several stealers see here, here and here, and for now, the trend seems to persist. In the past months, we wrote several private reports on stealers as we discovered Acrid a new...

7.7AI score

OSV•added 2024/05/15 6:15 p.m.•1 views

CVE-2024-20392

A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some parameters that are passed to t...

6.1CVSS6AI score0.00308EPSS