22 matches found
EUVD-2026-37716
DroneAware is a drone detection platform. The centralized DroneAware server backing droneaware.io was vulnerable to an account pre-hijacking attack in which an attacker could register an account using a victim's email address with an attacker-controlled password before the victim completed accoun...
My Day Getting My Hands Dirty with an NDR System
My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response NDR system. My goal was to understand how NDR is used in hunting and incident response, and how it fits into the daily workflow of a Securi...
EUVD-2023-26067
Malicious code in bioql PyPI...
EUVD-2025-2539
Malicious code in bioql PyPI...
CVE-2025-21550
Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications component: Web UI. Supported versions that are affected are 8.0.8.1, 8.1.2.7 and 8.1.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network acce...
CVE-2023-21902
Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications component: Application. The supported version that is affected is 8.0.8.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
The vulnerability of the Broker VM platform’s security system, Cortex XDR, arises from the lack of authentication for a critical function. This allows attackers to bypass the authentication process and disable certain internal services.
The vulnerability of the Broker VM platform’s security platform, Cortex XDR, is related to the absence of authentication for a critical function. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and disable certain internal services...
The vulnerability of the Oracle Financial Services Behavior Detection Platform component in the bank analytics system’s simulation model for Oracle Financial Services Applications allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Oracle Financial Services Behavior Detection Platform component in the bank analytics system’s simulation model exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of...
CVE-2025-21550
Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications component: Web UI. Supported versions that are affected are 8.0.8.1, 8.1.2.7 and 8.1.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network acce...
Oracle Financial Services Applications 安全漏洞
Oracle Financial Services Applications is a suite of financial services software from Oracle Corporation USA. The product includes core banking, online banking, and estate management. A security vulnerability exists in Oracle Financial Services Behavior Detection Platform for Oracle Financial...
PT-2025-4272 · Oracle · Oracle Financial Services Behavior Detection Platform
Name of the Vulnerable Software and Affected Versions: Oracle Financial Services Behavior Detection Platform versions 8.0.8.1, 8.1.2.7, 8.1.2.8 Description: The issue is related to insufficient input validation in the Oracle Financial Services Behavior Detection Platform, allowing an...
The vulnerability of the sub-component “Application” within the Oracle Financial Services Behavior Detection Platform of the banking analytics system’s simulation model. This vulnerability allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the sub-component “Application” within the Oracle Financial Services Behavior Detection Platform of a bank analytics system’s simulation model involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain...
CVE-2023-21902
Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications component: Application. The supported version that is affected is 8.0.8.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2023-21902
Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications component: Application. The supported version that is affected is 8.0.8.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
PT-2023-2629 · Oracle · Oracle Financial Services Behavior Detection Platform
Name of the Vulnerable Software and Affected Versions: Oracle Financial Services Behavior Detection Platform version 8.0.8.1 Description: The issue is related to insufficient input validation in a subcomponent of the Oracle Financial Services Behavior Detection Platform, which is part of the Orac...
Oracle Financial Services Applications 安全漏洞
Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The product includes core banking, online banking, and estate management. A security vulnerability exists in Oracle Financial Services Behavior Detection Platform version 8.0.8.1 for Oracle Financial...
Vulnerabilities fixed in Oracle Financial Services Applications
Vulnerabilities have been fixed in Oracle Financial Services Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User righ...
Vulnerabilities fixed in Oracle Financial Services Applications
Oracle has fixed vulnerabilities in the following Oracle Financial Services Applications products: Financial Services Analytical Applications Infrastructure FLEXCUBE Investor Servicing FLEXCUBE Private Banking Banking Platform Financial Services Behavior Detection Platform Financial Services...
DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques
Skilled attackers continually seek out new attack vectors, while employing evasion techniques to maintain the effectiveness of old vectors, in an ever-changing defensive landscape. Many of these threat actors employ obfuscation frameworks for common scripting languages such as JavaScript and...
Partner Perspectives: Red Canary ATT&CKs (Part 1): Why We’re Using ATT&CK Across Red Canary
Editor's Note: This blog originally appeared on RedCanary.com Information security is grounded in risk management. And, because what gets measured gets managed, we rely on a variety of frameworks and key performance indicators to tell us whether we’re moving in the right direction. Frameworks lik...