Lucene search
K

32 matches found

Information Security Automation
Information Security Automation
added 2022/10/21 8:10 p.m.160 views

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...

10CVSS1.1AI score0.99999EPSS
Exploits970
Openbugbounty
Openbugbounty
added 2022/09/29 12:51 a.m.21 views

tak91.ir Cross Site Scripting vulnerability OBB-2963709

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ICS
ICS
added 2021/08/24 12:0 p.m.142 views

Exploitation of Pulse Connect Secure Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to...

10CVSS9.8AI score0.99999EPSS
Exploits35References61
The Hacker News
The Hacker News
added 2021/05/08 12:24 p.m.524 views

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service SVR have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operato...

10CVSS0.4AI score0.99999EPSS
Exploits356
Malwarebytes
Malwarebytes
added 2021/04/21 6:12 p.m.784 views

Take action! Multiple Pulse Secure VPN vulnerabilities exploited in the wild

Pulse Secure has alerted customers to the existence of an exploitable chain of attack against its Pulse Connect Secure PCS appliances. PCS provides Virtual Private Network VPN facilities to businesses, which use them to prevent unauthorized access to their networks and services. Cybersecurity...

7.5CVSS1.7AI score0.99999EPSS
Exploits35
ICS
ICS
added 2020/10/24 12:0 p.m.61 views

Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT &CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security...

10CVSS9.7AI score0.99999EPSS
Exploits22References53
GithubExploit
GithubExploit
added 2020/07/27 3:6 p.m.171 views

Exploit for Path Traversal in Ivanti Connect_Secure

pulsexploit Automated script for Pulse Secure SSL VPN exploit...

10CVSS9.4AI score0.99999EPSS
Exploits22
ThreatPost
ThreatPost
added 2020/04/17 8:56 p.m.196922 views

DHS Urges Pulse Secure VPN Users To Update Passwords

The Department of Homeland Security DHS is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN. DHS warns that the Pulse Secure VPN patches may have...

7.5CVSS9.2AI score0.99999EPSS
Exploits23References14
The Hacker News
The Hacker News
added 2020/04/17 11:20 a.m.304 views

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

The United States Cybersecurity and Infrastructure Security Agency CISA yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution RCE vulnerability in Pulse Secure VP...

10CVSS2AI score0.99999EPSS
Exploits22
ICS
ICS
added 2020/04/15 12:0 p.m.62 views

Continued Exploitation of Pulse Secure VPN Vulnerability

Summary Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix an arbitrary file reading vulnerability, known as CVE-2019-11510, can become compromised in an attack. 1 Although Pulse Secur...

10CVSS9.9AI score0.99999EPSS
Exploits22References31
GithubExploit
GithubExploit
added 2019/12/07 5:9 p.m.134 views

Exploit for Path Traversal in Ivanti Connect_Secure

pulsexploit Automated script for Pulse Secure SSL VPN exploit...

10CVSS9.4AI score0.99999EPSS
Exploits22
ThreatPost
ThreatPost
added 2019/10/08 12:44 p.m.308 views

APT Groups Exploiting Flaws in Unpatched VPNs, Officials Warn

State-sponsored advanced persistent threat APT groups are using flaws in outdated VPN technologies from Palo Alto Networks, Fortinet and Pulse Secure to carry out cyber attacks on targets in the United States and overseas, warned U.S. and U.K. officials. The National Security Agency NSA issued a...

7.5CVSS9.2AI score0.99999EPSS
Exploits57References13
Hacker One
Hacker One
added 2019/09/17 7:31 a.m.34 views

U.S. Dept Of Defense: Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://██████ (███)

The Pulse Secure SSL VPN was found to be vulnerable to multiple issues, including pre-authentication arbitrary file reading CVE-2019-11510 and post-authentication command injection CVE-2019-11539. These vulnerabilities were discovered and disclosed by security researcher Orange Tsai. The...

10CVSS9.2AI score0.99999EPSS
Exploits38
Hacker One
Hacker One
added 2019/09/14 10:51 p.m.401 views

U.S. Dept Of Defense: Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://████

Description Hello. Some time ago, researcher Orange Tsai from DEVCORE team had a talk on Defcon/BlackHat regarding Pulse Secure SSL VPN vulnerabilities fixed on 2019/4/25: CVE-2019-11510 - Pre-auth Arbitrary File Reading CVE-2019-11542 - Post-auth Stack Buffer Overflow CVE-2019-11539 - Post-auth...

7.5CVSS0.6AI score0.99999EPSS
Exploits38
GithubExploit
GithubExploit
added 2019/09/09 3:58 p.m.272 views

Exploit for Path Traversal in Ivanti Connect_Secure

pwn-pulse.sh Exploit for Pulse Connect Secure SSL VPN arbitr...

10CVSS9.2AI score0.99999EPSS
Exploits22
Check Point Advisories
Check Point Advisories
added 2019/09/04 12:0 a.m.20 views

Pulse Connect Secure File Disclosure (CVE-2019-11510)

A file disclosure vulnerability exists in Pulse Connect Secure. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...

7.5CVSS2.8AI score0.99999EPSS
Exploits22
GithubExploit
GithubExploit
added 2019/08/27 9:21 a.m.192 views

Exploit for Path Traversal in Ivanti Connect_Secure

CVE-2019-11510-1 Exploit for Arbitrary File Read on...

10CVSS9.4AI score0.99999EPSS
Exploits22
GithubExploit
GithubExploit
added 2019/08/27 3:4 a.m.152 views

Exploit for Path Traversal in Ivanti Connect_Secure

It is an NSE script for detecting CVE-2019-11510, a file disclos...

10CVSS9AI score0.99999EPSS
Exploits22
GithubExploit
GithubExploit
added 2019/08/26 11:30 p.m.112 views

Exploit for Path Traversal in Ivanti Connect_Secure

CVE-2019-11510 PoC Python script to expl...

10CVSS9.3AI score0.99999EPSS
Exploits22
Circl
Circl
added 2019/08/24 10:7 p.m.6 views

CVE-2019-11510

creationtimestamp| type| source ---|---|--- 2019-08-24 22:07:53+00:00| exploited| https://t.me/canyoupwnme/5852 2019-08-24 22:31:47+00:00| published-proof-of-concept| https://t.me/antichat/6352 2019-08-27 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=414 2019-08-27...

10CVSS7.1AI score0.99999EPSS
In wildExploits22References46
Rows per page
Query Builder