Lucene search
+L

5 matches found

The Hacker News
The Hacker News
added 2024/01/11 2:16 p.m.137 views

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

Cybersecurity researchers have developed a proof-of-concept PoC code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning ERP system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 CVSS score: 9.8, a...

10CVSS8.9AI score0.99999EPSS
Exploits386
ThreatPost
ThreatPost
added 2022/07/11 8:26 p.m.41 views

Rethinking Vulnerability Management in a Heightened Threat Landscape

Mariano Nunez, CEO, Onapsis Repeated warnings from CISA and the Biden Administration on the Russian cyber threat over the last several months have heightened the state of alertness for U.S. agencies and businesses across industries, which are expecting ‘tit-for-tat’ cyberattacks from Russia in...

7.3AI score
Exploits0References5
Information Security Automation
Information Security Automation
added 2021/07/25 12:33 p.m.189 views

My thoughts on the “2021 Gartner Market Guide for Vulnerability Assessment”. What about the quality?

The Gartner Vulnerability Management Reports are one of the few marketing reports that I try to read regularly. This started back in the days when I was working for a VM vendor doing competitive analysis. Gartner is one of the few organizations that think about Vulnerability Assessment and...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/06/02 12:0 a.m.8 views

Unspecified Vulnerability in 2pi Software Cmfive

2pi Software Cmfive is Australia's 2pi Software's set of PHP language , mainly used for ERP systems built on open source Web application framework . A security vulnerability exists in the system/classes/DbPDO.php file in 2pi Software Cmfive versions 2015-03-15 and earlier, which can be exploited ...

7.5CVSS6.9AI score0.01347EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2017/10/18 9:51 a.m.46 views

Critical Code Execution Flaw Patched in PeopleSoft Core Engine

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code...

7.5CVSS0.6AI score0.43492EPSS
Exploits4References4
Rows per page
Query Builder