Lucene search
K

299 matches found

NVD
NVD
added 2024/11/22 8:15 p.m.22 views

CVE-2024-6248

Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The...

7.5CVSS0.01186EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.24 views

CVE-2024-6248 Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability

Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The...

7.5CVSS0.01186EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.22 views

CVE-2024-6248 Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability

Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The...

7.5CVSS7.9AI score0.01186EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.74 views

CVE-2024-6248

CVE-2024-6248 affects Wyze Cam v3 via the cloud infrastructure’s run_action_batch endpoint. The vulnerability results from using the device MAC address as the sole authentication credential, enabling network-adjacent attackers to execute arbitrary code with root context without authentication. Mu...

7.5CVSS7.9AI score0.01186EPSS
Exploits0References2Affected Software1
HackRead
HackRead
added 2024/11/05 5:11 p.m.7 views

Canada Arrests Suspected Hacker Linked to Snowflake Data Breaches

Canadian authorities arrest a suspect linked to the Snowflake data breach, exposing vulnerabilities in cloud infrastructure. The breach…...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/10/31 4:1 p.m.29 views

Announcing TotalCloud Attack Path, Cloud Workflow Automation, and 3-Step Simplified User Onboarding for Qualys TotalCloud CNAPP

The shift of business applications and infrastructure to the cloud has heightened the need for security teams to manage cyber risks comprehensively, ensuring visibility and control across diverse cloud environments. As organizations increasingly adopt multi-cloud environments, they often find...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/09/25 3:20 p.m.10 views

Addressing Cloud Identity Risks With TotalCloud CIEM

As organizations continue to embrace multi-cloud environments, leveraging platforms such as Amazon Web Services AWS, Microsoft Azure, Google Cloud Platform GCP, and Oracle Cloud Infrastructure OCI, the complexity of cloud security has increased exponentially. In cloud environments, machines are...

7.3AI score
Exploits0
Fedora
Fedora
added 2024/08/08 2:44 a.m.27 views

[SECURITY] Fedora 40 Update: opentofu-1.8.0-1.fc40

OpenTofu lets you declaratively manage your cloud infrastructure...

8.4CVSS8.7AI score0.00973EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/08 12:0 a.m.17 views

Fedora: Security Advisory (FEDORA-2024-35147eb6ad)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.00973EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/08/08 12:0 a.m.14 views

Fedora: Security Advisory (FEDORA-2024-c83208238d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.00973EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2024/07/25 5:47 a.m.153 views

Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins

Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins AuthZ under specific circumstances. Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating...

9.9CVSS7.3AI score0.16496EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/07/22 12:26 p.m.25 views

PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing

A Latin America LATAM-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. "Serverless architectures are attractiv...

7.3AI score
Exploits0
Securelist
Securelist
added 2024/07/08 7:0 a.m.32 views

CloudSorcerer – A new APT targeting Russian government entities

In May 2024, we discovered a new advanced persistent threat APT targeting Russian government entities that we dubbed CloudSorcerer. Its a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud...

7.2AI score
Exploits0
Akamai Blog
Akamai Blog
added 2024/06/26 1:0 p.m.10 views

Companies Optimize Cloud Costs and Deliver Superior Experiences on Akamai

Learn how Akamai’s customers optimize their cloud computing costs and deliver engaging customer experiences with our open and affordable cloud infrastructure...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:30 p.m.6 views

Malicious code in OCI.DotNetSDK.Waf.Net (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:30 p.m.6 views

Malicious code in OCI.DotNetSDK.Usage.Net (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:30 p.m.6 views

Malicious code in OCI.DotNetSDK.Osuborganizationsubscription.Net (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:30 p.m.5 views

Malicious code in OCI.DotNetSDK.Osubbillingschedule.Net (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:30 p.m.5 views

Malicious code in OCI.DotNetSDK.Net (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:30 p.m.6 views

Malicious code in OCI.DotNetSDK.Dashboard.service (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Rows per page
Query Builder