Lucene search
K

672 matches found

Vulnrichment
Vulnrichment
added 2025/05/13 3:9 p.m.8 views

CVE-2025-22460

Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges...

7.8CVSS6.7AI score0.00326EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 3:9 p.m.18 views

CVE-2025-22460

Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges...

7.8CVSS0.00326EPSS
Exploits0References1
CVE
CVE
added 2025/05/13 3:9 p.m.56 views

CVE-2025-22460

Ivanti Cloud Services Application (CSA) is affected by CVE-2025-22460 due to default credentials in versions prior to 5.0.5. The vulnerability enables a local, authenticated attacker to escalate privileges (local privilege escalation) with high impact. The CVSS vector indicates LOCAL attack, low ...

7.8CVSS7AI score0.00326EPSS
Exploits0References1Affected Software1
Ivanti
Ivanti
added 2025/05/13 2:0 p.m.14 views

Security Advisory Ivanti Cloud Services Application (CVE-2025-22460)

Summary: Ivanti has released updates for Ivanti Cloud Services Application which addresses one high severity vulnerability. Successful exploitation could lead to local privilege escalation. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

7.8CVSS7.4AI score0.00326EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

Ivanti Cloud Services Application 安全漏洞

The Ivanti Cloud Services Application CSA is a locally deployed virtual appliance designed to simplify and enhance the integration of Ivanti products with cloud services. An elevation of privilege vulnerability exists in Ivanti Cloud Services Application, which is derived from default credentials...

7.8CVSS7AI score0.00326EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.8 views

PT-2025-20907 · Ivanti · Ivanti Cloud Services Application

Name of the Vulnerable Software and Affected Versions: Ivanti Cloud Services Application versions prior to 5.0.5 Description: The issue concerns default credentials in the Ivanti Cloud Services Application, allowing a local authenticated attacker to escalate their privileges. Recommendations: For...

7.8CVSS6.2AI score0.00326EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.10 views

PT-2025-20253 · Cisco · Cisco Catalyst Sd-Wan Manager

Name of the Vulnerable Software and Affected Versions: Cisco Catalyst SD-WAN Manager versions affected versions not specified Description: A vulnerability in certificate validation processing could allow an unauthenticated, remote attacker to gain access to sensitive information. This issue is du...

5.9CVSS6.3AI score0.00242EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2025/04/30 6:0 p.m.7 views

14 secure coding tips: Learn from the experts at Microsoft Build

Hey friends! If you are a developer, you know that writing clean and efficient code is just the starting point. Now, with AI playing a bigger role, secure coding isn't just a 'nice-to-have'—it's a must. Whether you're building web apps, working on cloud services, or adding AI to your projects,...

8AI score
Exploits0
Fedora
Fedora
added 2025/04/23 1:49 a.m.14 views

[SECURITY] Fedora 42 Update: trafficserver-10.0.5-1.fc42

Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...

7.5CVSS7.7AI score0.00626EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.8 views

The vulnerability in the web console of the network device Ivanti Cloud Services Application allows a hacker to execute arbitrary code.

The vulnerability of the web console of the network device Ivanti Cloud Services Application exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.1CVSS8.5AI score0.21303EPSS
Exploits0References2Affected Software1
Wired Threat Level
Wired Threat Level
added 2025/03/24 6:0 a.m.12 views

Trump’s Aggression Sours Europe on US Cloud Giants

Companies in the EU are starting to look for ways to ditch Amazon, Google, and Microsoft cloud services amid fears of rising security risks from the US. But cutting ties won’t be easy...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.10 views

CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-29195)

The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29195 advisory. - The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This...

8.1CVSS6.9AI score0.04967EPSS
Exploits0References2
CNVD
CNVD
added 2025/03/18 12:0 a.m.12 views

SQL Injection Vulnerability in UFIDA BIP of UFIDA Network Technology Co.

UFIDA is a leading provider of management software, ERP software, group management software, human resource management software, customer relationship management software, small business management software, financial and administrative institution management software, automotive industry...

7.8AI score
Exploits0
Fedora
Fedora
added 2025/03/14 4:39 a.m.18 views

[SECURITY] Fedora 41 Update: trafficserver-9.2.9-1.fc41

Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...

6.3CVSS6.5AI score0.00846EPSS
Exploits0
HackRead
HackRead
added 2025/03/05 5:25 p.m.8 views

Chinese Silk Typhoon Group Targets IT Tools for Network Breaches

Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-29195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication...

8.1CVSS6.7AI score0.04967EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/03/04 11:34 a.m.354 views

Exploit for OS Command Injection in Ivanti Cloud_Services_Appliance

CVE-2024-8190 unauthenticated Description Combining CVE-...

9.4CVSS8.8AI score0.98557EPSS
Exploits3
Talos Blog
Talos Blog
added 2025/02/27 11:0 a.m.11 views

Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools

Cisco Talos discovered multiple cyber espionage campaigns that target government, manufacturing, telecommunications and media, delivering Sagerunex and other hacking tools for post-compromise activities. Talos attributes these attacks to the threat actor known as Lotus Blossom. Lotus Blossom has...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/25 5:51 a.m.9 views

FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services

Various industrial organizations in the Asia-Pacific APAC region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network CDN myqcloud and the Youdao Cloud...

7.1AI score
Exploits0
OSV
OSV
added 2025/02/12 9:15 p.m.4 views

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...

9.1CVSS6.2AI score0.98417EPSS
Exploits8References8
Rows per page
Query Builder