Lucene search
K

232 matches found

RedhatCVE
RedhatCVE
added 2022/04/30 1:9 p.m.67 views

CVE-2021-45417

A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large 16k extended file attributes or ACL...

7.8CVSS5.2AI score0.00493EPSS
Exploits1References3
OSV
OSV
added 2022/02/16 1:25 p.m.2 views

OPENSUSE-SU-2022:0037-1 Security update for firejail

This update for firejail fixes the following issues: - Update Leap 15.3 package to 0.9.68 boo1195880 update to firejail 0.9.68: - security: on Ubuntu, the PPA is now recommended over the distro package - see README.md 4748 - security: bugfix: private-cwd leaks access to the entire filesystem -...

7.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/09/17 1:20 p.m.23 views

Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do

After more than 20 years of underwhelming results, security leaders have accepted their intrusion detection system IDS programs as no more than a compliance checkoff. It’s no secret that IDS’s reliance on bi-modal signatures is brittle, easily evaded and often referred to as an “alert cannon.” Ti...

7.5AI score
Exploits0References3
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/08/04 10:0 p.m.225 views

Spotting brand impersonation with Swin transformers and Siamese neural networks

Every day, Microsoft Defender for Office 365 encounters millions of brand impersonation emails. Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In thi...

Exploits0
CNVD
CNVD
added 2021/07/30 12:0 a.m.16 views

WDScanner Cross-Site Scripting Vulnerability

WDScanner is an easy-to-use distributed web vulnerability detection system. version 1.1 of WDScanner has a cross-site scripting vulnerability in the system administration page, through which an attacker can execute client-side code...

6.1CVSS4AI score0.00597EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.3 views

Suricata 安全漏洞

Suricata is a network intrusion detection system IDS, intrusion prevention system IPS and network security monitoring engine developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load pre-defined...

7.5CVSS7.2AI score0.01973EPSS
Exploits0References9
CNVD
CNVD
added 2021/06/22 12:0 a.m.2 views

Weak Password Vulnerability in ChinaNetWizards Next-Generation Firewalls

ZKNETWORTH's next-generation firewall control system products are based on L2-7 layer access application control, integrating firewall, IPS intrusion detection, DDoS/DOS protection, AV virus protection; realizing comprehensive security protection for intranet, and providing security firewall...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/03/15 12:0 a.m.4 views

The vulnerability of the Snort intrusion detection system, related to the unlimited distribution of resources, allows a perpetrator to trigger a service failure.

The vulnerability of the Snort intrusion detection system is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service interruptions from a remote location...

7.4CVSS7.2AI score0.02756EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/25 12:0 a.m.4 views

The vulnerability of the Intrusion Detection Service (IDS) of Junos operating system’s MX routers allows a intruder to block any arbitrary traffic.

The vulnerability of the Intrusion Detection Service IDS on Junos operating system’s MX routers is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to block any incoming traffic remotely...

5.8CVSS6.2AI score0.01202EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2020/12/08 12:0 a.m.3 views

File Upload Vulnerability in Coolweather's Typo Detection System (CNVD-2020-73271)

CoolWeather Typo Detection System is a typo detection system for government websites, which is able to detect typos on government website pages. A file upload vulnerability exists in CoolWeaver Typo Detection System, which can be exploited by attackers to gain control of the server...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/12/08 12:0 a.m.2 views

File Upload Vulnerability in Coolweather Typo Detection System

CoolWeather Typo Detection System is a typo detection system for government websites, which is able to detect typos on government website pages. A file upload vulnerability exists in CoolWeaver Typo Detection System, which can be exploited by attackers to gain control of the server...

7.2AI score
Exploits0
ICS
ICS
added 2020/10/24 12:0 p.m.28 views

Emotet Malware

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA and the Multi-State...

9.6AI score
Exploits0References85
ThreatPost
ThreatPost
added 2020/10/07 7:15 p.m.36 views

Feds Sound Alarm Over Emotet Attacks on State, Local Govs

A dramatic uptick in Emotet phishing attacks since July has led the U.S. Cybersecurity and Infrastructure Security Agency CISA to issue a warning that state and local governments need to fortify their systems against the trojan. “This increase has rendered Emotet one of the most prevalent ongoing...

0.1AI score
Exploits0References13
CNVD
CNVD
added 2020/08/19 12:0 a.m.2 views

Logic Flaw Vulnerability in UTS Integrated Threat Probe at Beijing Shenzhou Green Alliance Technology Co.

Green Alliance UTS is equipped with IDS and WAF dual detection engine system, combining threat intelligence, malicious file detection, DDoS detection, Webshell detection and anomalous behavior detection and other means to quickly detect traditional and advanced threats. There is a logic flaw in t...

6.7AI score
Exploits0
ICS
ICS
added 2020/06/30 12:0 p.m.19 views

EINSTEIN Data Trends – 30-day Lookback

Summary Cybersecurity and Infrastructure Security Agency CISA analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System IDS, known as EINSTEIN. This information is meant to give the reader a closer look into...

9.6AI score
Exploits0References37
CNVD
CNVD
added 2020/05/10 12:0 a.m.1 views

On the Way Thesis Detection System is Vulnerable to Information Leakage

Founded in 2017, Chengdu On the Way Technology Limited Liability Company is a company that specializes in information system integration services, integrated circuit design, communication equipment excluding wireless radio and television transmission and satellite ground receiving equipment,...

6.5AI score
Exploits0
OpenVAS
OpenVAS
added 2020/03/24 12:0 a.m.6 views

Linux: Install AIDE

Advanced Intrusion Detection Environment aide is an intrusion detection system for checking the integrity of files. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.4AI score
Exploits0References4
Symantec
Symantec
added 2019/12/10 12:0 a.m.40 views

Apple iOS/iPadOS/watchOS/macOS CVE-2019-8856 Security Vulnerability

Description Apple iOS/iPadOS/watchOS/macOS are prone to a security vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. Technologies Affected Apple Ipad Mini- Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple iOS 10.2 Apple...

0.1AI score0.00675EPSS
Exploits0References1Affected Software4
Symantec
Symantec
added 2019/12/01 12:0 a.m.29 views

Qualcomm Closed Source Components Multiple Remote Unspecified Vulnerabilities

Description Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-123998200, A-134437248, A-134437319,...

0.5AI score
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/23 12:0 a.m.31 views

Multiple IBM Products CVE-2019-4459 Cross Site Scripting Vulnerability

Description Multiple IBM Products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

0.5AI score0.00561EPSS
Exploits0Affected Software2
Rows per page
Query Builder