Lucene search
K

213 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-21272

Malicious code in bioql PyPI...

4.9CVSS5.4AI score0.00549EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.4 views

PT-2025-39337

Name of the Vulnerable Software and Affected Versions Omni versions prior to 0.48.0 Description Omni, a Kubernetes management platform, has a potential issue where the Wireguard SideroLink component could be exploited to allow unauthorized packet transmission. The system establishes a peer-to-pee...

9.9CVSS9.4AI score0.02829EPSS
Exploits11References48
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.4 views

Wazuh 4.13.0

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.1AI score
Exploits0
CNVD
CNVD
added 2025/08/20 12:0 a.m.7 views

DELL CloudLink XML External Entity References Improperly Restricted Vulnerability

DELL CloudLink is a data encryption and key management solution from Dell that is targeted at enterprise-level users and supports public, private and hybrid cloud environments. DELL CloudLink suffers from an improperly restricted XML external entity reference vulnerability that can be exploited b...

5.5CVSS6.7AI score0.00275EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/08/14 11:25 a.m.7 views

Have You Turned Off Your Virtual Oven?

You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and stove were definitely turned off. Maybe even circle back again to confirm the front door was properly closed. These automatic safety checks give you peace of mind because you know the unlike...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.6 views

Dell CloudLink 代码问题漏洞

DELL CloudLink is a data encryption and key management solution from Dell that is targeted at enterprise-level users and supports public, private and hybrid cloud environments. DELL CloudLink suffers from an improperly restricted XML external entity reference vulnerability that can be exploited b...

5.5CVSS6.6AI score0.00275EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.5 views

PT-2025-31139 · Undefined · Undefined

URGENT: Patch QEMU now! CVE-2025-02530 CVSS 8.2 allows guest-to-host privilege escalation in @SUSE Linux. Impact: Cloud/hybrid environments Fix: zypper patch + config hardening Read more:👉 https://t.co/3PoKQoeDEU infosec SUSE https://t.co/kSt4wekVWd...

7.4AI score
Exploits0References1
Qualys Blog
Qualys Blog
added 2025/07/07 1:0 p.m.7 views

Qualys Named as a Major Player in the IDC MarketScape: Worldwide Cloud-Native Application Protection Platform, 2025

We’re proud to share that Qualys has been recognized as a Major Player in the IDC MarketScape: Worldwide Cloud-Native Application Protection Platform 2025 Vendor Assessment doc US53549925, June 2025. We believe this recognition reinforces our commitment to delivering game-changing innovation that...

7.2AI score
Exploits0
Wiz blog
Wiz blog
added 2025/06/11 12:0 p.m.6 views

AI Is Everywhere—But Security Teams Are Still Catching Up

Insights from 96 organizations on the state of AI security in the cloud...

7.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2025/06/05 2:0 p.m.7 views

Ensure PCI 4.0 Readiness with File Integrity Monitoring for Containers

Compliance isn’t optional. But it’s never been more complex. The rise of containers has revolutionized modern infrastructure—enabling faster innovation and greater scalability. But with this transformation comes a new wave of compliance challenges. PCI DSS 4.0 introduces stricter requirements for...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/04 12:0 a.m.16 views

Cisco Identity Services Engine (cisco-sa-ise-aws-static-cred-FPMjUcm7)

According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access...

9.9CVSS8.8AI score0.01046EPSS
Exploits0References3
Microsoft Secure
Microsoft Secure
added 2025/05/29 5:0 p.m.30 views

Defending against evolving identity attack techniques

In today’s evolving cyber threat landscape, threat actors are committed to advancing the sophistication of their attacks. The increasing adoption of essential security features like multifactor authentication MFA, passwordless solutions, and robust email protections has changed many aspects of th...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/23 12:0 a.m.6 views

Wazuh 4.10.2

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/08 12:0 a.m.2 views

Wazuh 4.12.0

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/16 12:0 a.m.5 views

The Evolution of Zero Trust Architecture (ZTA) from Concept to Implementation

Zero Trust Architecture ZTA is one of the paradigm changes in cybersecurity, from the traditional perimeter-based model to perimeterless. This article studies the core concepts of ZTA, its beginning, a few use cases and future trends. Emphasising the always verify and least privilege access, some...

7AI score
Exploits0
Ubuntu
Ubuntu
added 2025/04/09 6:36 p.m.24 views

USN-7429-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Drivers core; - HID subsystem; - Network drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - File systems...

7.8CVSS7.4AI score0.00809EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/04/02 2:24 p.m.99 views

USN-7406-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Wiz blog
Wiz blog
added 2025/03/31 3:13 p.m.41 views

CPU_HU: Fileless cryptominer targeting exposed PostgreSQL with over 1.5K victims

Cloud environments at risk: Attackers target weak PostgreSQL instances with fileless cryptominer payloads...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/24 6:55 p.m.66 views

Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication

A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet. The vulnerabilities...

9.8CVSS9.3AI score0.99098EPSS
Exploits21
Ubuntu
Ubuntu
added 2025/03/11 4:0 p.m.17 views

USN-7344-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

8.1CVSS7.9AI score0.03301EPSS
Exploits2
Rows per page
Query Builder