Lucene search
K

56 matches found

CNNVD
CNNVD
added 2024/06/18 12:0 a.m.6 views

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from a securit...

7.5CVSS6.5AI score0.00443EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/11/07 11:56 a.m.44 views

Confidence in File Upload Security is Alarmingly Low. Why?

Numerous industries—including technology, financial services, energy, healthcare, and government—are rushing to incorporate cloud-based and containerized web applications. The benefits are undeniable; however, this shift presents new security challenges. OPSWAT's 2023 Web Application Security...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.4 views

CloudExplorer Lite License Issue Vulnerability

CloudExplorer Lite is CloudExplorer's platform that provides out-of-the-box basic functionality for cloud hosting management, cloud billing, operational analytics, and security compliance, as well as powerful extensibility to meet the customization needs of enterprises. An authorization issue...

9.8CVSS6.8AI score0.00615EPSS
Exploits1References2
hivepro
hivepro
added 2023/07/10 6:9 a.m.17 views

Charming Kitten’s Latest Malware Arsenal and Targeting Strategies

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Charming Kitten, an adaptable threat actor, has shifted to new malware tactics and targets by employing LNK infection chains and utilizing cloud hosting providers. This evolution in their approach poses ...

6.8AI score
Exploits0
NVD
NVD
added 2023/07/07 9:15 p.m.24 views

CVE-2023-37262

CC: Tweaked is a mod for Minecraft which adds programmable computers, turtles, and more to the game. Prior to versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3, if the cc-tweaked plugin is running on a Minecraft server hosted on a popular cloud hosting...

9.6CVSS9.5AI score0.00899EPSS
Exploits0References5
Prion
Prion
added 2023/07/07 9:15 p.m.30 views

Default credentials

CC: Tweaked is a mod for Minecraft which adds programmable computers, turtles, and more to the game. Prior to versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3, if the cc-tweaked plugin is running on a Minecraft server hosted on a popular cloud hosting...

6.5CVSS8.8AI score0.00899EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/07/07 8:17 p.m.35 views

CVE-2023-37262 CC: Tweaked SSRF to Cloud Services Metadata Services not Blocked by Default

CC: Tweaked is a mod for Minecraft which adds programmable computers, turtles, and more to the game. Prior to versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3, if the cc-tweaked plugin is running on a Minecraft server hosted on a popular cloud hosting...

9.6CVSS8.6AI score0.00899EPSS
Exploits0References7
CVE
CVE
added 2023/07/07 8:17 p.m.75 views

CVE-2023-37262

CC: Tweaked (Minecraft mod) contains an SSRF vulnerability where, before fixes, metadata service endpoints on cloud providers (AWS, GCP, Azure) were not blocked by default when the plugin runs on affected servers. This allowed any player to access sensitive information from cloud metadata service...

9.6CVSS9.2AI score0.00899EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2023/07/06 6:6 p.m.2 views

Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/05/27 2:30 p.m.7 views

cloudhostinggermany.com Cross Site Scripting vulnerability OBB-3365226

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/04/27 11:54 a.m.10 views

cloudhostinggermany.com Cross Site Scripting vulnerability OBB-3277193

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/03/23 11:5 a.m.17 views

Mass Ransomware Attack

A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However,...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/09/12 2:41 p.m.15 views

New Linux Cryptomining Malware

Its pretty nasty: The malware was dubbed "Shikitega" for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to "mutate" its code to avoid detection. Shikitega alters its code each time it runs through one of several decoding loops that AT&T said each...

1.3AI score
Exploits0
HackRead
HackRead
added 2022/07/01 12:21 a.m.19 views

Managed Cloud Hosting vs. Unmanaged Cloud Hosting: What’s the Difference?

By Owais Sultan Before deciding to transfer to the cloud, it is crucial to understand the main difference between managed vs… This is a post from HackRead.com Read the original post: Managed Cloud Hosting vs. Unmanaged Cloud Hosting: Whats the Difference?...

3.2AI score
Exploits0
Prion
Prion
added 2022/02/18 6:15 p.m.15 views

Design/Logic Flaw

This vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the server into accessing...

10CVSS9.4AI score0.0139EPSS
Exploits0References1Affected Software5
Vulnrichment
Vulnrichment
added 2022/02/18 5:50 p.m.7 views

CVE-2022-21215 Airspan Networks Mimosa Server-Side Request Forgery (SSRF)

This vulnerability could allow an attacker to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the server into accessing...

10CVSS9.4AI score0.0139EPSS
Exploits0References1
CVE
CVE
added 2022/02/18 5:50 p.m.805 views

CVE-2022-21215

CVE-2022-21215 is an SSRF vulnerability in Airspan/Mimosa MMP stack. Affected: MMP before v1.0.3; PTP C-series before v2.8.6.1; PTMP C-series/A5x before v2.5.4.1. Root cause: improper server-side request handling allows an attacker to force the server to access internal routes and cloud-hosting p...

10CVSS9.5AI score0.0139EPSS
Exploits0References1Affected Software1
Imperva Blog
Imperva Blog
added 2021/04/23 12:46 p.m.51 views

The Account Takeover Threat: A By-the-Numbers Breakdown

Identity theft has come a long way in the age of technology. The more data is available online, the greater the threat. In this blog we will dive into the different characteristics and statistics of real world Account Takeover attacks as recorded and mitigated by Imperva’s Advanced Bot Protection...

0.8AI score
Exploits0
HackRead
HackRead
added 2020/07/20 3:14 p.m.20 views

Cloud hosting firm Blackbaud pays ransom after thwarting ransomware attack

By Deeba Ahmed Blackbaud claims it paid a ransom to protect customer data. This is a post from HackRead.com Read the original post: Cloud hosting firm Blackbaud pays ransom after thwarting ransomware attack...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/05/27 10:31 a.m.7 views

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang also called Double Gun, which has been behind several attacks since 2017 aimed at...

5.8AI score
Exploits0
Rows per page
Query Builder