15 matches found
EUVD-2026-39058
The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...
Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered
A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. "The main common goal was to disrupt the 'assembly lines' cybercriminals...
Deliberate Internet Shutdowns
For two days in September, Afghanistan had no internet. No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It followed a more localized shutdown two weeks prior, reportedly instituted "to prevent immoral activities." No additional explanation...
PT-2025-46913
Name of the Vulnerable Software and Affected Versions SSH clients affected versions not specified Description SSH clients may experience a panic and premature termination of the client process when receiving an SSH AGENT SUCCESS response while expecting a typed response. This can lead to...
CVE-2025-20286
A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...
CVE-2024-11698
A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...
CVE-2023-37289 InfoDoc Document On-line Submission and Approval System - Arbitrary File Upload
It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run...
K20087443: BIG-IP APM VPN vulnerability CVE-2017-6129
Security Advisory Description In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some circumstances, APM tunneled VPN flows can cause a VPN/PPP connflow to be prematurely freed or cause TMM to stop responding with a "flow not in use" assertion. An attacker may be able to disrupt traffic or...
Ransomware attack on health tech firm disrupted COVID-19 medical trials
By Waqas Philadelphia-based Health Tech eResearchTechnology ERT Firm Suffered Ransomware Attack. This is a post from HackRead.com Read the original post: Ransomware attack on health tech firm disrupted COVID-19 medical trials...
Twitter hack’s mastermind trial zoom bombed with pornography
By Waqas The hearing was shut down within 25 minutes after being Zoom bombed. This is a post from HackRead.com Read the original post: Twitter hack’s mastermind trial zoom bombed with pornography...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
MatrikonOPC SCADA DNP3 Master Station Improper Input Validation
OVERVIEW This updated advisory was originally posted to the US-CERT secure Portal library on August 02, 2013, and is now being released to the ICS-CERT Web page. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in...
CVE-2011-2699
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service disrupted networking by predicting these values and sending crafted packets...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
Design/Logic Flaw
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service disrupted communication via a flood o...