Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ICS
ICSadded 2025/12/09 12:0 a.m.6 views

Siemens COMOS

SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...

6.2AI score
Exploits0References10
ICS
ICSadded 2023/11/14 12:0 a.m.67 views

Siemens COMOS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.8CVSS9.7AI score0.0163EPSS
Exploits0References12
Prion
Prionadded 2020/06/24 5:15 a.m.8 views

Default credentials

The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Given a USERNAME and a PASSWORD, the token string is generated directly with base64USERNAME:sha256PASSWORD. An unauthorized attacker inside the network can use the defaul...

7.5CVSS9.2AI score0.0017EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2020/06/24 5:0 a.m.65 views

CVE-2020-10275

CVE-2020-10275 describes a weakness in REST API token generation where tokens are directly derived from publicly available default credentials for the web interface. With a given USERNAME and PASSWORD, the token is computed as base64(USERNAME:sha256(PASSWORD)). An attacker inside the network who ...

9.8CVSS9.5AI score0.0017EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPostadded 2018/05/18 12:42 p.m.13 views

RedDawn Espionage Campaign Shows Mobile APTs on the Rise

A sophisticated and targeted mobile espionage campaign has been found targeting North Korean defectors. Mounted by a relatively new APT actor known as Sun Team, the offensive used Google Play and Facebook as attack vectors; and overall, it shows how quickly the mobile threat landscape is evolving...

0.1AI score
Exploits0References2
ThreatPost
ThreatPostadded 2013/01/31 3:51 p.m.11 views

The Red October Campaign

Raiu detailed the way that the Red October attackers infiltrated their targets and pulled data out, showing the sophistication and patience of the attackers...

4.6AI score
Exploits0
myhack58
myhack58added 2009/09/07 12:0 a.m.22 views

Mysql+PHPmyadmin, provide the right skill-vulnerability warning-the black bar safety net

1:phpmyadmin backend to get webshell phpmyadmin-explosive path method: this is a background+phpmyadmin/themes/darkblueorange/layout.inc.php pphpmyadmin/libraries/export/xls.php hpmyadmin\themes\darkblueorange\layout.inc.php D:\usr\www\html\phpMyAdmin\ ---- start code--- Create TABLE a cmd text NO...

7AI score
Exploits0
Rows per page
Query Builder