Lucene search
K

299 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2025-19634

Malicious code in bioql PyPI...

9CVSS6.6AI score0.00446EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31761

Malicious code in bioql PyPI...

9.9CVSS6.5AI score0.00697EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2025/09/29 8:38 p.m.4 views

CVE-2025-34233

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a protection mechanism failure vulnerability within the filegetcontents function. When an administrator configures a printer’s hostname or...

8.5CVSS5.7AI score0.00554EPSS
Exploits1References5
VMware
VMware
added 2025/09/29 12:0 a.m.72 views

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

Advisory ID: | VMSA-2025-0015.1 ---|--- Advisory Severity: | Important CVSSv3 Range: | 4.9 -7.8 Synopsis: | VMware Aria Operations and VMware Tools updates address multiple vulnerabilities CVE-2025-41244,CVE-2025-41245, CVE-2025-41246 Issue date: | 2025-09-29 Updated on: | 2025-10-30 CVEs |...

7.8CVSS6.8AI score0.0788EPSS
Exploits3References5
Packet Storm News
Packet Storm News
added 2025/09/17 12:0 a.m.6 views

The Cybersecurity of a Humanoid Robot

The rapid advancement of humanoid robotics presents unprecedented cybersecurity challenges that existing theoretical frameworks fail to adequately address. This report presents a comprehensive security assessment of a production humanoid robot platform, bridging the gap between abstract security...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.4 views

CVE-2025-49264

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On...

7.5CVSS5.9AI score0.00455EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.15 views

CVE-2025-49264

CVE-2025-49264 is a Local File Inclusion in the WordPress plugin Cloud SAML SSO – Single Sign On Login (versions up to 1.0.18). The flaw stems from improper control of the filename used by Include/Require, enabling potential PHP local file inclusion. Affected product version range is from n/a thr...

7.5CVSS5.9AI score0.00455EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.11 views

CVE-2025-49264 WordPress Cloud SAML SSO - Single Sign On Login <= 1.0.18 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On...

7.5CVSS0.00455EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/03 3:22 p.m.14 views

CVE-2025-34064

A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket onelogin-adc-logs-production without validating bucket ownership. An attacker who registers this unclaimed bucket can begin receiving log files from other OneLogin tenants. The...

9CVSS7AI score0.00446EPSS
Exploits0References1
NVD
NVD
added 2025/07/01 3:15 p.m.28 views

CVE-2025-34064

A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket onelogin-adc-logs-production without validating bucket ownership. An attacker who registers this unclaimed bucket can begin receiving log files from other OneLogin tenants. The...

9CVSS0.00446EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/01 2:49 p.m.29 views

CVE-2025-34064 OneLogin AD Connector Log S3 Bucket Hijack Leading to Cross-Tenant Data Leakage

A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket onelogin-adc-logs-production without validating bucket ownership. An attacker who registers this unclaimed bucket can begin receiving log files from other OneLogin tenants. The...

9CVSS0.00446EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.14 views

PT-2025-27552 · Onelogin · Onelogin Ad Connector

Name of the Vulnerable Software and Affected Versions: OneLogin AD Connector affected versions not specified Description: A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket onelogin-adc-logs-production without validating bucket...

9CVSS5.9AI score0.00446EPSS
Exploits0References9
The Hacker News
The Hacker News
added 2025/06/12 1:6 p.m.8 views

AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar

AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you're not paying attention. Behind every AI agent, chatbot, or automation script lies a growing number of non-human...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/06 5:21 p.m.21 views

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...

9.9CVSS7.2AI score0.01046EPSS
Exploits0References1
NCSC
NCSC
added 2025/06/05 10:25 a.m.5 views

Vulnerability fixed in Cisco Identity Services Engine for cloud platforms

Cisco has fixed a vulnerability in Identity Services Engine ISE for cloud platforms. The vulnerability involves a flaw in automatic password generation when Cisco ISE is installed on a cloud platform. This causes the same passwords to be used in different ISE cloud environments. This allows an...

9.9CVSS7AI score0.01046EPSS
Exploits0References1
OSV
OSV
added 2025/06/04 5:15 p.m.5 views

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...

9.8CVSS5.9AI score0.01046EPSS
Exploits0References1
NVD
NVD
added 2025/06/04 5:15 p.m.21 views

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...

9.9CVSS0.01046EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.4 views

CVE-2023-23917

A prototype pollution vulnerability exists in Rocket.Chat server 5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may...

8.8CVSS6.2AI score0.00978EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:54 p.m.8 views

CVE-2022-21503

Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle...

4.9CVSS5.7AI score0.00797EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:1 p.m.5 views

CVE-2021-2320

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

9.1CVSS6.9AI score0.01074EPSS
Exploits0References1
Rows per page
Query Builder