Lucene search
K

341 matches found

RedhatCVE
RedhatCVE
added 2025/09/13 8:29 a.m.12 views

CVE-2025-9918

A Path Traversal vulnerability in the archive extraction component in Google SecOps SOAR Server versions 6.3.54.0, 6.3.53.2, and all prior versions allows an authenticated attacker with permissions to import Use Cases to achieve Remote Code Execution RCE via uploading a malicious ZIP archive...

8.7CVSS7.1AI score0.00575EPSS
Exploits0References1
Gitee
Gitee
added 2025/09/13 4:36 a.m.85 views

threat-detection-as-code

This repository is a community-driven set of security analytics for auditing cloud usage and detecting threats to data & workloads in Google Cloud. It provides a list of sample security analytics for auditing cloud usage and for detecting threats to your data & workloads in Google Cloud. The...

7.4AI score
Exploits0
NVD
NVD
added 2025/09/11 8:15 a.m.35 views

CVE-2025-9918

A Path Traversal vulnerability in the archive extraction component in Google SecOps SOAR Server versions 6.3.54.0, 6.3.53.2, and all prior versions allows an authenticated attacker with permissions to import Use Cases to achieve Remote Code Execution RCE via uploading a malicious ZIP archive...

8.7CVSS0.00575EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/11 7:37 a.m.3 views

CVE-2025-9918 Zip Slip in Google SecOps SOAR allows for Remote Code Execution

A Path Traversal vulnerability in the archive extraction component in Google SecOps SOAR Server versions 6.3.54.0, 6.3.53.2, and all prior versions allows an authenticated attacker with permissions to import Use Cases to achieve Remote Code Execution RCE via uploading a malicious ZIP archive...

8.7CVSS6.7AI score0.00575EPSS
Exploits0References2
Schneier on Security
Schneier on Security
added 2025/09/09 11:2 a.m.4 views

New Cryptanalysis of the Fiat-Shamir Protocol

A couple of months ago, a new paper demonstrated some new attacks against the Fiat-Shamir transformation. Quanta published a good article that explains the results. This is a pretty exciting paper from a theoretical perspective, but I don't see it leading to any practical real-world cryptanalysis...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/09/04 11:23 p.m.4 views

SUSE CVE-2025-38708

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two-primaries enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they en...

7.8CVSS6.3AI score0.00157EPSS
Exploits0References3
NVD
NVD
added 2025/08/22 4:15 p.m.8 views

CVE-2025-38658

In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails Have nvmetreqinit and req-execute complete failed commands. Description of the problem: nvmetreqinit calls nvmetreqcomplete internally upon failure, e.g.,...

5.5CVSS0.00128EPSS
Exploits0References2
HackRead
HackRead
added 2025/08/19 11:41 a.m.6 views

96,000 UK Police Bodycam Videos Lost After Data Transfer Mishap

The UK's South Yorkshire Police lost 96,000 bodycam videos in a data transfer mishap, impacting 126 cases. Poor…...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2025/08/19 10:0 a.m.11 views

Ransomware incidents in Japan during the first half of 2025

In the first half of 2025, the number of ransomware attacks in Japan increased by approximately 1.4 times compared to the previous year. Ransomware attackers continue to primarily target small and medium-sized enterprises in Japan. The most affected industry remains manufacturing, unchanged from...

7.9AI score
Exploits0
Akamai Blog
Akamai Blog
added 2025/08/05 1:0 p.m.8 views

AI in Cloud Computing: How AI Is Revolutionizing the Landscape

Discover how AI in cloud computing is transforming industries. Learn about the differences between cloud AI and edge AI — their benefits, use cases, and solutions...

7AI score
Exploits0
OSV
OSV
added 2025/07/10 9:15 a.m.8 views

DEBIAN-CVE-2025-38344

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and...

5.5CVSS5.6AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 8:15 a.m.10 views

CVE-2025-38344 ACPICA: fix acpi parse and parseext cache leaks

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and...

5.5CVSS6.5AI score0.0016EPSS
Exploits0References13
HackRead
HackRead
added 2025/07/07 7:50 p.m.4 views

ICC Contained Cyberattack Amid Espionage Threats and Pressure

International Criminal Court suffered new "sophisticated" cyberattack in The Hague. Occurring near the NATO summit...

7.3AI score
Exploits0
Gitee
Gitee
added 2025/07/06 2:38 a.m.843 views

Exploit for Out-of-bounds Write in F5 Nginx

Disclosures Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts URL: https://github.com/badd1e/Disclosures List CVE-2009-2629: nginx http module Buffer Underflow Remote Code Execution Vulnerability Patch analysis, testcase, notes CVE-2013-0007: Microsoft XML Core...

9.3CVSS8.4AI score0.75079EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2025/06/16 7:1 a.m.12 views

A week in security (June 9 – June 15)

Last week on Malwarebytes Labs: Been scammed online? Here’s what to do How and where to report an online scam Google bug allowed phone number of almost any user to be discovered 44% of people encounter a mobile scam every single day, Malwarebytes finds GirlsDoPorn owner faces life in jail after...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/16 12:0 a.m.10 views

Specification and Evaluation of Multi-Agent LLM Systems -- Prototype and Cybersecurity Applications

Recent advancements in LLMs indicate potential for novel applications, e.g., through reasoning capabilities in the latest OpenAI and DeepSeek models. For applying these models in specific domains beyond text generation, LLM-based multi-agent approaches can be utilized that solve complex tasks by...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.5 views

Amazon Linux 2023 : screen (ALAS2023-2025-1006)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1006 advisory. TTY Hijacking while Attaching to a Multiuser Session in the screen package Has potential to break some reattach use cases, but the specific use case was broken already before.screen in Debian not...

6CVSS7.2AI score0.0019EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/03 12:0 a.m.5 views

VPI-Bench: Visual Prompt Injection Attacks for Computer-Use Agents

Computer-Use Agents CUAs with full system access enable powerful task automation but pose significant security and privacy risks due to their ability to manipulate files, access user data, and execute arbitrary commands. While prior work has focused on browser-based agents and HTML-level attacks,...

7.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/24 12:0 a.m.5 views

Anonymity-Washing

Anonymization is a foundational principle of data privacy regulation, yet its practical application remains riddled with ambiguity and inconsistency. This paper introduces the concept of anonymity-washing -- the misrepresentation of the anonymity level of sanitized'' personal data -- as a critica...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:13 a.m.13 views

CVE-2023-41145

Autodesk users who no longer have an active license for an account can still access cases for that account...

5.3CVSS7AI score0.00495EPSS
Exploits0References1
Rows per page
Query Builder