Lucene search
K

15 matches found

EUVD
EUVD
added 2026/06/24 7:47 p.m.5 views

EUVD-2026-39058

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...

8.7CVSS5.9AI score0.00726EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/06/24 3:59 p.m.8 views

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered

A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. "The main common goal was to disrupt the 'assembly lines' cybercriminals...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/17 12:2 p.m.6 views

Deliberate Internet Shutdowns

For two days in September, Afghanistan had no internet. No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It followed a more localized shutdown two weeks prior, reportedly instituted "to prevent immoral activities." No additional explanation...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.5 views

PT-2025-46913

Name of the Vulnerable Software and Affected Versions SSH clients affected versions not specified Description SSH clients may experience a panic and premature termination of the client process when receiving an SSH AGENT SUCCESS response while expecting a typed response. This can lead to...

9.8CVSS6.3AI score0.00591EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/06/06 5:21 p.m.21 views

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...

9.9CVSS7.2AI score0.01046EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/26 1:34 p.m.21 views

CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...

0.00693EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/07/20 2:45 a.m.20 views

CVE-2023-37289 InfoDoc Document On-line Submission and Approval System - Arbitrary File Upload

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...

9.8CVSS7.5AI score0.007EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.35 views

K20087443: BIG-IP APM VPN vulnerability CVE-2017-6129

Security Advisory Description In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some circumstances, APM tunneled VPN flows can cause a VPN/PPP connflow to be prematurely freed or cause TMM to stop responding with a "flow not in use" assertion. An attacker may be able to disrupt traffic or...

7.8CVSS7.5AI score0.01637EPSS
Exploits0Affected Software1
HackRead
HackRead
added 2020/10/06 9:21 p.m.42 views

Ransomware attack on health tech firm disrupted COVID-19 medical trials

By Waqas Philadelphia-based Health Tech eResearchTechnology ERT Firm Suffered Ransomware Attack. This is a post from HackRead.com Read the original post: Ransomware attack on health tech firm disrupted COVID-19 medical trials...

7AI score
Exploits0
HackRead
HackRead
added 2020/08/05 6:57 p.m.27 views

Twitter hack’s mastermind trial zoom bombed with pornography

By Waqas The hearing was shut down within 25 minutes after being Zoom bombed. This is a post from HackRead.com Read the original post: Twitter hack’s mastermind trial zoom bombed with pornography...

1.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2015/10/30 10:3 a.m.21 views

CVE-2006-7180

ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...

6.8CVSS7.5AI score0.02069EPSS
Exploits0References2
ICS
ICS
added 2013/05/04 6:0 a.m.35 views

MatrikonOPC SCADA DNP3 Master Station Improper Input Validation

OVERVIEW This updated advisory was originally posted to the US-CERT secure Portal library on August 02, 2013, and is now being released to the ICS-CERT Web page. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in...

7.1CVSS6.3AI score0.0126EPSS
Exploits0References10
Cvelist
Cvelist
added 2012/05/24 11:0 p.m.28 views

CVE-2011-2699

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service disrupted networking by predicting these values and sending crafted packets...

7.9AI score0.05679EPSS
Exploits1References7
NVD
NVD
added 2007/03/30 1:19 a.m.18 views

CVE-2006-7180

ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...

6.8CVSS6.6AI score0.02069EPSS
Exploits0References15
Prion
Prion
added 2007/01/31 11:28 a.m.22 views

Design/Logic Flaw

The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service disrupted communication via a flood o...

5CVSS6.5AI score0.07003EPSS
Exploits1References4Affected Software2
Rows per page
Query Builder