EUVD-2026-32280

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

PT-2026-43708

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

📄 EfficientLab Controlio DLL Hijacking

EfficientLab Controlio versions prior to 1.3.95 suffer from dll hijacking vulnerabilities. SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: DLL Hijacking product: EfficientLab Controlio cloud-based employee monitoring...

EUVD-2022-31718

Malicious code in bioql PyPI...

MAL-2025-47699 Malicious code in nodejs-example-google-cloud-monitoring (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in nodejs-example-google-cloud-monitoring (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-53520 EG4 Electronics EG4 Inverters Download of Code Without Integrity Check

The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring Center remote, cloud-connected interface or via a serial connection, and can install these files without integrity checks. The TTComp archive format...

AIOps - Revolutionizing Incident Management with Advanced Automation and LLM Integration

AIOps - Revolutionizing Incident Management with Advanced Automation and LLM Integration By Trellix · November 14, 2024 Contributed by Chalapathy Jampal, Siddhesh Shinde, Alagiri Annadurai, Lakshmi Ram Teja Eluri and Anil Pokhrel Managing infrastructure and applications across a complex IT...

With Imperva’s DRA and ServiceNow, you can avoid burning out your cyber security employees

In todays world, CIOs and CISOs are facing a tough reality when it comes to the security staff shortage situation. With the deflating economy, nationalism, cybercrime, and nation-led adversaries, the demand for security personnel has increased, making it challenging for organizations to find and...

New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure...

CVE-2022-27183

The Monitoring Console app configured in Distributed mode allows for a Reflected XSS in a query parameter in Splunk Enterprise versions before 8.1.4. The Monitoring Console app is a bundled app included in Splunk Enterprise, not for download on SplunkBase, and not installed on Splunk Cloud Platfo...

Squaredup 代码问题漏洞

Squaredup is a Web service from Squaredup UK that provides data monitoring capabilities for cloud environments. SSRF vulnerabilities exist in SquaredUp for SCOM, and no detailed vulnerability details are available...

ZOHO ManageEngine DesktopCentral Licensing Issue Vulnerability

ZOHO ManageEngine DesktopCentral is used by ZOHO for cloud-scale monitoring to reduce complexity.ZOHO ManageEngine DesktopCentral suffers from an authorization issue vulnerability that could be exploited by attackers to obtain APIKEY of valid users without authentication...

IBM Monitoring File Tampering Vulnerability

IBM Monitoring is an application service from IBM USA. It provides a cloud monitoring feature. IBM Monitoring suffers from a file tampering vulnerability that allows an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI. No detailed vulnerability...

Squaredup Cross-Site Scripting Vulnerability

Squaredup is a web service from Squaredup UK that provides data monitoring capabilities for cloud environments. A cross-site scripting vulnerability exists in SquaredUp versions prior to 4.6.0, which can be exploited by a user to create a dashboard, execute malicious content in an iframe, or uplo...

Squaredup 安全漏洞

Squaredup, a Web service from Squaredup UK that provides data monitoring capabilities for cloud environments, has a security vulnerability that could be exploited by attackers to guess a valid user name...

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using...

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using...

Code injection

Arbitrary camera access and monitoring via cloud in Hanwha Techwin Smartcams...

CVE-2018-6301

Arbitrary camera access and monitoring via cloud in Hanwha Techwin Smartcams...