CVE-2026-21527

CVE-2026-21527 affects Microsoft Exchange Server. The issue is a UI misrepresentation of critical information that enables a network-based spoofing attack without user interaction or privileges. The CVSS v3.1 base metrics indicate an external attack vector with low impact on confidentiality and i...

EUVD-1999-1303

Malware in sbrugna...

CVE-2025-5086

creationtimestamp| type| source ---|---|--- 2025-06-02 18:34:16+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqng2lstp5y2 2025-06-02 19:01:30+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114615313343993004 2025-06-03...

CVE-2025-4144

PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . However, it was found that an attacker could cause the check to be skipped. Fixed in: https://github.com/cloudflare/workers-oauth-provider/pull/27...

CVE-2022-37660

A flaw was found in hostapd. This vulnerability allows an attacker to subvert future PKEX associations via passive observation and reuse of public key exchange elements. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

CVE-2024-50656

creationtimestamp| type| source ---|---|--- 2025-02-03 18:53:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113941466417414394 2025-02-03 19:16:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcawvvhaq2w 2025-03-19 18:19:40+00:00|...

CVE-2024-40587

creationtimestamp| type| source ---|---|--- 2025-01-14 14:17:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgvtw6np2n 2025-01-14 15:28:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113827414210516561 2025-01-14 21:12:09+00:00| seen|...

CVE-2025-21610

creationtimestamp| type| source ---|---|--- 2025-01-03 16:41:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113765416067424067 2025-01-03 18:41:40+00:00| seen| https://t.me/cvedetector/14230...

CVE-2024-56742

creationtimestamp| type| source ---|---|--- 2024-12-29 12:15:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3legyoccydf22 2024-12-29 12:25:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113736096683183054 2024-12-29 14:02:23+00:00| seen|...

CVE-2024-56705

creationtimestamp| type| source ---|---|--- 2024-12-28 10:16:35+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjvenhh2c 2024-12-28 11:38:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113730250813341697 2024-12-28 12:05:48+00:00| seen|...

GHSA-RHX6-C78J-4Q9W

creationtimestamp| type| source ---|---|--- 2024-12-05 22:47:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113602650357813905...

CVE-2024-8929

creationtimestamp| type| source ---|---|--- 2024-11-22 06:24:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113525173597889873 2025-01-10 14:06:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1136 2025-04-14 04:19:32+00:00| seen|...

CVE-2021-3741

creationtimestamp| type| source ---|---|--- 2024-11-15 10:54:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113486597696670459 2024-11-15 13:15:50+00:00| seen| https://t.me/cvedetector/11072...

VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

In late August 2020, we published an overview of DeathStalkers profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns PowerPepper was later documented in 2020. Notably, we exposed why we believe the threat actor may fit a group of mercenaries, offering...

Slippage protection

Handle pauliax Vulnerability details Impact exchangeunderlying in functions swapUnderlyingToUst and swapUstToUnderlying lack slippage control, it uses a default value of 0 minimum received. A common attack in DeFi is the sandwich attack. Upon observing a trade of asset X for asset Y, an attacker...

CVE-2020-9320

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security Gateway, Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and...

Design/Logic Flaw

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security Gateway, Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and...

CVE-2020-9320

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security Gateway, Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and...

CVE-2020-9320

Avira AV Engine before 8.3.54.138 is vulnerable to a virus-detection bypass via a specially crafted ISO archive. Affected products and versions include Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suit...

PT-2020-20581 · Avira · Antivirus For Endpoint +7

Name of the Vulnerable Software and Affected Versions: Avira AV Engine versions prior to 8.3.54.138 Antivirus for Endpoint versions prior to 8.3.54.138 Antivirus for Small Business versions prior to 8.3.54.138 Exchange Security Gateway versions prior to 8.3.54.138 Internet Security Suite for...