Lucene search
K

213 matches found

Ubuntu
Ubuntu
added 2025/03/03 6:44 p.m.23 views

USN-7294-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

9.1CVSS7.5AI score0.03301EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2025/02/25 1:55 p.m.9 views

Uncovering and Protecting Sensitive Data Across Cloud Environments with Exposure Command

Modern organizations grapple with the complex task of securing sensitive data in sprawling hybrid and multi-cloud environments. Due to insufficient visibility and governance, data is often misplaced, duplicated, or left exposed. This fragmented environment makes it difficult for teams to accurate...

7.2AI score
Exploits0
Wiz blog
Wiz blog
added 2025/02/17 12:0 p.m.2 views

The Role of Runtime Security in Cloud Environments

Discover how Wiz's innovative hybrid approach revolutionizes runtime security for the modern cloud era...

7.4AI score
Exploits0
NVD
NVD
added 2025/02/03 10:15 p.m.22 views

CVE-2024-47770

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an...

8CVSS0.00244EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2025/02/03 1:0 p.m.12 views

Qualys TotalAppSec Delivers AI-powered Unified Application Risk Management for Modern Web Apps and APIs

" If you can’t measure it, you can’t manage it." - This adage rings truer than ever in the world of cybersecurity. Today, the modern attack surface has exploded, fueled by APIs that now drive 83% of all web traffic, powering critical integrations, microservices, and digital experiences. Security...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 5:35 a.m.16 views

TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. "This actor engaged in a variety of threat activity, including cryptocurrency mining operations on...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/01/05 12:0 a.m.5 views

The vulnerability of the Command Line Interface (CLI) of the Skupper package, a software management and microservice integration tool for cloud and hybrid environments under Red Hat Service Interconnect, allows an attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Command Line Interface CLI of the Skupper package, a software tool for managing and integrating microservices in cloud and hybrid environments of Red Hat Service Interconnect, relates to the bypassing of authentication by using the default mode. Exploiting this...

7.5CVSS7.1AI score0.00484EPSS
Exploits0References5Affected Software1
Ubuntu
Ubuntu
added 2024/11/14 4:8 p.m.14 views

USN-7110-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - HW tracing; - ISDN/mISDN subsystem; - Media drivers; - Network drivers; - SCSI drivers; - USB...

7.8CVSS6.9AI score0.00622EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/11/02 5:32 a.m.20 views

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar

Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It's a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using...

7.3AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/10/31 4:1 p.m.28 views

Announcing TotalCloud Attack Path, Cloud Workflow Automation, and 3-Step Simplified User Onboarding for Qualys TotalCloud CNAPP

The shift of business applications and infrastructure to the cloud has heightened the need for security teams to manage cyber risks comprehensively, ensuring visibility and control across diverse cloud environments. As organizations increasingly adopt multi-cloud environments, they often find...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/10/22 9:15 p.m.9 views

Modernizing Data Security: Imperva and IBM Z in Action

As data security continues to evolve, businesses require solutions that scale to modern environments. Imperva and IBM Z have partnered to deliver a comprehensive approach to securing data within IBM z/OS environments while supporting the agility, resource availability, and cost-efficiency that...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/22 12:0 a.m.19 views

LangChain < 0.2.9 SSRF

The remote host contains a langchain version that is prior to 0.2.9. It is, therefore, affected by a Server-Side Request Forgery vulnerability in the Web Research Retriever component in langchain-community langchain-community.retrievers.webresearch.WebResearchRetriever. The vulnerability arises...

7.7CVSS6.4AI score0.00691EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2024/10/15 10:13 p.m.26 views

USN-7069-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - CPU frequency scaling framework; - HW tracing; - ISDN/mISDN subsystem; -...

7.8CVSS7.3AI score0.02701EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2024/10/07 7:57 p.m.12 views

Qualys VMDR Rated as the Only Leader and Outperformer by Independent Analyst Firm for the Second Consecutive Year

Qualys VMDR received the highest possible scores for risk-based assessment, cloud-native and serverless function scanning, and flexibility of deployment, among 20 vendors evaluated in this report. As the threat landscape evolves, vulnerability management remains a cornerstone of security...

7.3AI score
Exploits0
Wiz blog
Wiz blog
added 2024/09/26 12:33 p.m.23 views

Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments

Critical severity vulnerability CVE-2024-0132 affecting NVIDIA Container Toolkit and GPU Operator presents high risk to AI workloads and environments...

9CVSS7.2AI score0.37055EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2024/09/25 3:20 p.m.9 views

Addressing Cloud Identity Risks With TotalCloud CIEM

As organizations continue to embrace multi-cloud environments, leveraging platforms such as Amazon Web Services AWS, Microsoft Azure, Google Cloud Platform GCP, and Oracle Cloud Infrastructure OCI, the complexity of cloud security has increased exponentially. In cloud environments, machines are...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/09/25 12:0 a.m.5 views

PT-2024-6648

Name of the Vulnerable Software and Affected Versions NVIDIA Container Toolkit versions 1.16.1 and earlier Description The NVIDIA Container Toolkit contains a Time-of-check Time-of-Use TOCTOU vulnerability when used with default configuration, allowing a specifically crafted container image to ga...

9.9CVSS8.1AI score0.97781EPSS
Exploits21References301
The Hacker News
The Hacker News
added 2024/09/19 1:27 p.m.14 views

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server VPS infrastructures based on the CentOS operating system. "The initial access was accomplished via a Secure Shell SSH brute force attack on the victim's assets, during whi...

7.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/09/03 6:23 p.m.24 views

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.5 security and bug fix update

Red Hat Advanced Cluster Management for Kubernetes 2.10.5 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.5CVSS6.8AI score0.01592EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2024/08/21 5:53 p.m.75 views

USN-6972-1: Linux kernel vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

8.8CVSS6.6AI score0.01167EPSS
Exploits0
Rows per page
Query Builder