Lucene search
K

1080 matches found

SUSE CVE
SUSE CVE
added 2026/02/14 12:23 a.m.6 views

SUSE CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

9.8CVSS5.6AI score0.0056EPSS
Exploits1References3
Packet Storm News
Packet Storm News
added 2026/02/14 12:0 a.m.5 views

Applying Public Health Systematic Approaches to Cybersecurity: The Economics of Collective Defense

The U.S. public health system increased life expectancy by more than 30 years since 1900 through systematic data collection, evidence-based intervention, and coordinated response. This paper examines whether cybersecurity can benefit from similar organizational principles. We find that both domai...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.9 views

PT-2026-7900

Name of the Vulnerable Software and Affected Versions Inspektor Gadget affected versions not specified Description Inspektor Gadget has an issue where string fields from eBPF events in columns output mode are not sanitized, potentially allowing maliciously crafted event payloads from observed...

9.8CVSS5.7AI score0.0056EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.19 views

CVE-2021-22996

On all 7.x versions fixed in 8.0.0, when set up for auto failover, a BIG-IQ Data Collection Device DCD cluster member that receives an undisclosed message may cause the corosync process to abort. This behavior may lead to a denial-of-service DoS and impact the stability of a BIG-IQ high...

7.5CVSS6.8AI score0.00973EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.13 views

CVE-2021-27609

SAP Focused RUN versions 200, 300, does not perform necessary authorization checks for an authenticated user, which allows a user to call the oData service and manipulate the activation for the SAP EarlyWatch Alert service data collection and sending to SAP without the intended authorization...

6.5CVSS6.7AI score0.00515EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/12/24 1:8 p.m.10 views

Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

The fraudulent investment scheme known as Nomani has witnessed an increase by 62%, according to data from ESET, as campaigns distributing the threat have also expanded beyond Facebook to include other social media platforms, such as YouTube. The Slovak cybersecurity company said it blocked over...

6.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53380

Name of the Vulnerable Software and Affected Versions Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express DX / AF Management Software versions prior to 16.8-16.9.1 PA 2025-12 Description When maintenance data is collected, access by unauthorized principals or authorities—those other than ETERNU...

5.6CVSS6.6AI score0.00099EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/11 5:3 a.m.21 views

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

7.5CVSS6.8AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

Aqara多款产品 安全漏洞

Aqara Camera Hub G3 and others are a smart surveillance camera from Aqara USA. A security vulnerability exists in various Aqara products, which stems from the automatic collection and uploading of unencrypted sensitive information. The following products and versions are affected: the Camera Hub ...

7.5CVSS6.6AI score0.0017EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/12/10 12:0 a.m.16 views

Chasing Shadows: Pitfalls in LLM Security Research

Large language models LLMs are increasingly prevalent in security research. Their unique characteristics, however, introduce challenges that undermine established paradigms of reproducibility, rigor, and evaluation. Prior work has identified common pitfalls in traditional machine learning researc...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.6 views

PT-2025-50548

Name of the Vulnerable Software and Affected Versions Aqara Hub Camera Hub G3 version 4.1.9 0027 Aqara Hub M2 version 4.3.6 0027 Aqara Hub M3 version 4.3.6 0025 Description Aqara Hub devices automatically collect and upload sensitive information in an unencrypted format. This data collection and...

7.5CVSS6.4AI score0.0017EPSS
Exploits0References5
Veeam
Veeam
added 2025/11/19 12:0 a.m.19 views

Release Information for Veeam ONE 13.0.1 RTM Patch 0

Update Applicability This "Patch 0" update for Veeam ONE 13.0.1 is strictly intended for deployments using the RTM release build 13.0.1.5860. If Veeam ONE 13.0.1 GA build 13.0.1.5924 is installed, this update can be ignored as it is not needed. All resolved issues listed in this article were foun...

6.7AI score
Exploits0Affected Software1
CNVD
CNVD
added 2025/11/14 12:0 a.m.3 views

Intel CIP Code Issue Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP has a code issue vulnerability that stems from an unrestricted upload of dangerous types of files, which can be exploited by attackers to cause data tampering...

2CVSS7.3AI score0.00199EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/14 12:0 a.m.5 views

Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...

6.5CVSS6.4AI score0.00293EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/14 12:0 a.m.4 views

Intel CIP elevation of privilege vulnerability (CNVD-2025-28675)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause elevation of...

6.7CVSS7.8AI score0.00138EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/14 12:0 a.m.4 views

Intel CIP Improper Access Control Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an Improper Access Control vulnerability that can be exploited by an attacker to cause information disclosure...

6.8CVSS6.7AI score0.00178EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/11/13 12:0 a.m.7 views

Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics

In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations while enhancing collection of victim-environment data...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/11 12:0 a.m.6 views

Introducing Nylon Face Mask Attacks: A Dataset for Evaluating Generalised Face Presentation Attack Detection

Face recognition systems are increasingly deployed across a wide range of applications, including smartphone authentication, access control, and border security. However, these systems remain vulnerable to presentation attacks PAs, which can significantly compromise their reliability. In this wor...

6.8AI score
Exploits0
NVD
NVD
added 2025/11/04 9:15 p.m.7 views

CVE-2025-32786

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...

7.5CVSS0.06576EPSS
Exploits0References3
Veeam
Veeam
added 2025/10/21 12:0 a.m.71 views

Release History for Veeam Service Provider Console 9

Veeam Service Provider Console 9 Builds 9.2.1.33875 2026-05-27 Resolved Issues Security CVE-2026-32998 | Severity: Critical 9.4 A vulnerability in Veeam Service Provider Console allows for remote code execution. Third-party libraries and packages used in Veeam Service Provider Console and its...

9.4CVSS6.1AI score0.00403EPSS
Exploits0Affected Software1
Rows per page
Query Builder