Lucene search
K

8752 matches found

hivepro
hivepro
added 2022/03/30 1:10 p.m.53 views

DOS Vulnerability discovered in SonicWall Next-Generation Firewall

THREAT LEVEL: Amber For a detailed advisory, download the pdf file here SonicWall, a manufacturer of security hardware discovered a flaw in their SonicOS security operating system that allows denial of service DoS attacks and could lead to remote code execution RCE. The identified vulnerability...

7.5CVSS1.2AI score0.57324EPSS
Exploits3
OpenVAS
OpenVAS
added 2022/03/30 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:1023-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.51733EPSS
Exploits1References4
hivepro
hivepro
added 2022/03/29 12:17 p.m.149 views

Muhstik botnet adds another vulnerability exploit to its arsenal

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Muhstik malware has begun attacking Redis Servers by exploiting a recently reported vulnerability, CVE-2022-0543. This flaw can be found in several Redis Debian packages. The attack began on March 11, 2022, and was carried out...

10CVSS0.7AI score0.99993EPSS
Exploits89
CNVD
CNVD
added 2022/03/28 12:0 a.m.16 views

Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23933)

Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...

7.8CVSS5.5AI score0.00913EPSS
Exploits0References1
CNVD
CNVD
added 2022/03/28 12:0 a.m.14 views

Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23935)

Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...

7.8CVSS5.5AI score0.00913EPSS
Exploits0References1
CNVD
CNVD
added 2022/03/28 12:0 a.m.17 views

Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23934)

Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...

7.8CVSS5.5AI score0.00913EPSS
Exploits0References1
CNVD
CNVD
added 2022/03/28 12:0 a.m.15 views

Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23936)

Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...

7.8CVSS5.5AI score0.00969EPSS
Exploits0References1
Fedora
Fedora
added 2022/03/26 3:34 p.m.15 views

[SECURITY] Fedora 36 Update: python-pillow-9.0.1-5.fc36

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

7.4AI score
Exploits0
Fedora
Fedora
added 2022/03/26 3:34 p.m.10 views

[SECURITY] Fedora 36 Update: OpenSceneGraph-3.6.5-5.fc36

The OpenSceneGraph is an OpenSource, cross platform graphics toolkit for the development of high performance graphics applications such as flight simulators, games, virtual reality and scientific visualization. Based around the concept of a SceneGraph, it provides an object oriented framework on...

0.7AI score
Exploits0
hivepro
hivepro
added 2022/03/25 2:16 p.m.223 views

North Korean state-sponsored threat actor Lazarus Group exploiting Chrome Zero-day vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here For more than a month before a fix was available, North Korean state hackers known as Lazarus group exploited a zero-day, remote code execution vulnerability CVE-2022-0609 in Google Chromes web browser. The attack mainly targe...

9.1AI score0.23546EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/03/23 4:0 p.m.29 views

How a leading Microsoft engineer extends culture to service resiliency

It’s hard to underestimate the impact that people can have on us in our formative years. Huiwen Ru, who spent several years working in identity and access management and is now a Principal Software Engineering Manager on the Singularity team at Microsoft, is a living example of how important...

7.7AI score
Exploits0
CNVD
CNVD
added 2022/03/21 12:0 a.m.17 views

Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23939)

Apple Xcode is an integrated development environment provided to developers to develop applications for Mac OS X and iOS. Apple Xcode is vulnerable to an out-of-bounds read vulnerability that could be exploited by remote attackers to submit special application requests and trick users into parsin...

7.8CVSS6.3AI score0.00913EPSS
Exploits0References1
hivepro
hivepro
added 2022/03/17 2:17 p.m.54 views

OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A security flaw exists in OpenSSL software library that could lead to a denial-of-service DoS condition when parsing certificates. The vulnerability, identified as CVE-2022-0778, arises from parsing a malformed certificate...

5CVSS0.6AI score0.70561EPSS
Exploits2
hivepro
hivepro
added 2022/03/17 5:55 a.m.24 views

Attackers Escape Kubernetes Containers using “cr8escape” Vulnerability in CRI-O

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A flaw in CRI-O, an open-source Linux implementation of Kubernetes Container Runtime Interface CRI, was discovered that may allow an attacker to gain remote control of servers and potentially poison the container with attack...

2.9AI score0.18561EPSS
Exploits0
GithubExploit
GithubExploit
added 2022/03/16 5:45 p.m.568 views

Exploit for Cross-Site Request Forgery (CSRF) in Irz Ru21_Firmware

ez-iRZ Exploit for CVE-2022-27226 Cross Site Request Forgery...

9.3CVSS9.5AI score0.34531EPSS
Exploits5
CNVD
CNVD
added 2022/03/16 12:0 a.m.16 views

Apple Xcode out-of-bounds read vulnerability

Apple Xcode is an integrated development environment provided by Apple, Inc. for developers to develop applications for Mac OS X and iOS. A remote attacker could use this vulnerability to cause an application to terminate unexpectedly or execute arbitrary code via a maliciously crafted file...

7.8CVSS7AI score0.0078EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/03/16 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:0860-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.70561EPSS
Exploits2References8
AlmaLinux
AlmaLinux
added 2022/03/15 9:12 a.m.68 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Use-after-free of ID and IDREF attributes CVE-2022-23308 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS8AI score0.0601EPSS
Exploits0References1
AlmaLinux
AlmaLinux
added 2022/03/15 9:10 a.m.20 views

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes: The previous OpenJDK 11 release, 11.0.14, was found to contain a regression introduced by improvements to the HTTP client. It caused both the :authority' and...

1.4AI score
Exploits0
OpenVAS
OpenVAS
added 2022/03/15 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2022:0828-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.6AI score0.00531EPSS
Exploits1References4
Rows per page
Query Builder