PT-2026-45870

Name of the Vulnerable Software and Affected Versions openSeaChest version 25.05.3 Description Out of bounds write and read operations occur when using the --showSCSIDefects command. This issue allows for writing defect information out of bounds when processing very large defect lists, which can ...

CVE-2026-43487

A flaw was found in the Linux kernel's libata-core module. This vulnerability arises from issues with Link Power Management LPM when specific Seagate BarraCuda hard drives e.g., ST1000DM010-2EP102 are connected. This can lead to random system freezes, resulting in a denial of service for the...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause kernel panics...

Deep Scan: Expanding Vulnerability Detection Beyond Traditional Boundaries

Security teams estimate that a significant percentage of enterprise software is installed outside standard system directories or package-managed locations, creating persistent visibility gaps for traditional vulnerability-scanning methods. As environments become more decentralized, with...

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twic...

New ClickFix Scam Tricks Users Into Mapping Hacker-Controlled Drives

A new ClickFix scam tricks Windows users into running hidden commands that map hacker-controlled drives and load malware…...

Microsoft Graph Enterprise Intelligence Collector

This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...

CVE-2025-13453

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...

EUVD-2025-206289

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...

CVE-2025-13453

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...

CVE-2025-13453

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...

CVE-2025-13453

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...

CVE-2025-13453

CVE-2025-13453 concerns ThinkPlus USB drives where a user with physical access could read data stored on the drive. The NVD entry and multiple third-party sources (Red Hat, EUVD, CIRCL, CVE records) describe the issue as a data-retrieval risk tied to physical access, with CVSS v3.1 base score 4.6...

PT-2026-2959

Name of the Vulnerable Software and Affected Versions ThinkPlus USB drives affected versions not specified Description A potential issue exists in some ThinkPlus USB drives that may allow a user with physical access to read data stored on the drive. Recommendations At the moment, there is no...

CVE-2010-0227

Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program...

CVE-1999-0594

A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive...

UBUNTU-CVE-2022-50768

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices Correct device count for multi-actuator drives which can cause kernel panics...

PT-2025-53134

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s SCSI subsystem, specifically within the smartpqi driver. This issue relates to incorrect device counting for multi-actuator drives, potentially leadin...

CVE-2023-53912

USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious...

EUVD-2023-60218

USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious...