Lucene search
K

5472 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.7 views

The vulnerability of Tenda W18E router microprogramming software, related to the use of strictly encrypted account data, allows a intruder to gain unauthorized access to the control console with administrator privileges.

The vulnerability of Tenda W18E router microprogramming software is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the control console with administrator privileges...

8.8CVSS5.5AI score0.00554EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.5 views

PT-2025-8739 · Esri · Esri Arcgis Monitor

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Monitor versions 2023.0 through 2024.x Description: The issue is a SQL injection problem that allows a remote, authenticated attacker with low privileges to improperly read limited database schema information by passing crafted...

4.3CVSS7.4AI score0.0037EPSS
Exploits0References4
OSV
OSV
added 2025/02/25 7:58 a.m.4 views

CLSA-2025-1740470330 linux-firmware: Fix of 2 CVEs

Update AMD SEV CPU firmware to address CVE-2023-31356, CVE-2023-20584...

6CVSS6.1AI score0.00199EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.6 views

openSUSE Security Advisory (SUSE-SU-2024:0893-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.1AI score0.00682EPSS
Exploits1References4
Fedora
Fedora
added 2025/02/20 2:28 a.m.23 views

[SECURITY] Fedora 41 Update: openssh-9.9p1-3.fc41

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

6.8CVSS6.9AI score0.38474EPSS
Exploits5
OSV
OSV
added 2025/02/19 11:43 a.m.5 views

CLSA-2025-1739965377 linux-firmware: Fix of 2 CVEs

Update AMD SEV CPU firmware to address CVE-2023-31356, CVE-2023-20584...

6CVSS5.8AI score0.00199EPSS
Exploits0References1
NCSC
NCSC
added 2025/02/18 8:9 a.m.46 views

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in several products, including FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiSandbox, FortiManager and FortiAnalyzer. The vulnerabilities include the ability for privileged attackers to execute arbitrary code or commands by sending specially crafted...

9.8CVSS8.2AI score0.98259EPSS
Exploits9References10
RedhatCVE
RedhatCVE
added 2025/02/15 7:23 a.m.7 views

CVE-2024-47265

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...

6.5CVSS6.6AI score0.00365EPSS
Exploits0References1
Fedora
Fedora
added 2025/02/15 2:23 a.m.9 views

[SECURITY] Fedora 40 Update: krb5-1.21.3-3.fc40

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...

7.1CVSS7.2AI score0.00606EPSS
Exploits0
OSV
OSV
added 2025/02/13 7:15 a.m.3 views

CVE-2024-47265

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...

6.5CVSS5.8AI score0.00365EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/13 6:25 a.m.3 views

CVE-2024-47265

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...

6.5CVSS6.7AI score0.00365EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2025/02/11 1:42 p.m.10 views

Apple ordered to grant access to users’ encrypted data

Last week, an article in the Washington Post revealed the UK had secretly ordered Apple to provide blanket access to protected cloud backups around the world. Since then, privacy focused groups have uttered their objections. The UK government has demanded to be able to access encrypted data store...

6.5AI score
Exploits0
HackRead
HackRead
added 2025/02/11 1:0 p.m.13 views

SystemBC RAT Now Targets Linux, Spreading Ransomware and Infostealers

SystemBC RAT now targets Linux, enabling ransomware gangs like Ryuk & Conti to spread, evade detection, and maintain encrypted C2 traffic for stealthy cyberattacks...

7.3AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/02/11 8:0 a.m.7 views

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.

...

3.3CVSS4.4AI score0.00448EPSS
Exploits1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle protected guests properly in completehypercallexit Use is64bithypercall instead of is64bitmode to detect a 64-bit hypercall when completing said hypercall. For guests with protected state, e.g., SEV-ES and SEV-SN...

5.5CVSS6.1AI score0.00203EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.3 views

SolarWinds Web Help Desk 安全漏洞

SolarWinds Web Help Desk is a suite of help desk and asset management software from US-based SolarWinds. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A security vulnerability exists in SolarWinds Web Help Desk versions pri...

5.5CVSS6.1AI score0.00268EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.4 views

AMD Server Processor 安全漏洞

AMD Server Processor is a processor product for the server market from UltraMicro Semiconductor AMD that is primarily used in data centers, cloud computing, and high-performance computing. A security vulnerability exists in AMD Server Processor that stems from the improper handling of invalid...

5.3CVSS6.4AI score0.00168EPSS
Exploits0References2
Amd
Amd
added 2025/02/11 12:0 a.m.21 views

AMD Server Processor Vulnerabilities – February 2025

AMD ID: AMD-SB-3009 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in the AMD Secure Processor ASP, AMD Secure Encrypted Virtualization SEV, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SN...

7.5CVSS6AI score0.00176EPSS
Exploits0
Snyk
Snyk
added 2025/02/10 5:38 p.m.3 views

Improper Validation of Specified Quantity in Input

Overview io.netty:netty-handler is a library that provides an asynchronous event-driven network application framework and tools for rapid development of maintainable high performance and high scalability protocol servers and clients. In other words, Netty is a NIO client server framework which...

8.7CVSS6.9AI score0.01966EPSS
Exploits1References2
Wired Threat Level
Wired Threat Level
added 2025/02/08 11:30 a.m.13 views

UK Secret Order Demands That Apple Give Access to Users’ Encrypted Data

Plus: Benjamin Netanyahu gives Donald Trump a golden pager, Hewlett Packard Enterprise blames Russian government hackers for a breach, and more...

7.4AI score
Exploits0
Rows per page
Query Builder