Lucene search
+L

25 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2807

Malicious code in bioql PyPI...

8CVSS7.9AI score0.00377EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-12373

Malicious code in bioql PyPI...

2.3CVSS6.6AI score0.00389EPSS
Exploits0References2
thn
thn
added 2025/08/19 6:36 a.m.9 views

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

The maintainers of the Python Package Index PyPI repository have announced that the package manager now checks for expired domains to prevent supply chain attacks. "These changes improve PyPI's overall account security posture, making it harder for attackers to exploit expired domain names to gai...

8.1AI score
Exploits0
redhatcve
redhatcve
added 2025/04/26 5:32 a.m.9 views

CVE-2025-2517

Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager...

2.3CVSS6.9AI score0.00389EPSS
Exploits0References1
nvd
nvd
added 2025/04/21 3:16 p.m.17 views

CVE-2025-2517

Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager...

2.3CVSS0.00389EPSS
Exploits0References1
cve
cve
added 2025/04/21 2:26 p.m.73 views

CVE-2025-2517

Technical details about CVE-2025-2517 are not publicly available in the provided documents. Monitoring for updates from vendors and security feeds is advised.

2.3CVSS6.5AI score0.00389EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/04/21 2:26 p.m.8 views

CVE-2025-2517 Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager

Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager...

2.3CVSS7.1AI score0.00389EPSS
Exploits0References1
cvelist
cvelist
added 2025/04/21 2:26 p.m.18 views

CVE-2025-2517 Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager

Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager...

2.3CVSS0.00389EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/04/21 12:0 a.m.4 views

PT-2025-17437 · Opentext · Opentext Arcsight Enterprise Security Manager

Name of the Vulnerable Software and Affected Versions: OpenText ArcSight Enterprise Security Manager affected versions not specified Description: The issue concerns a Reference to Expired Domain Vulnerability. There is no information provided about the estimated number of potentially affected...

2.3CVSS6.2AI score0.00389EPSS
Exploits0References7
cnnvd
cnnvd
added 2025/04/21 12:0 a.m.5 views

OpenText ArcSight Enterprise Security Manager 安全漏洞

OpenText ArcSight Enterprise Security Manager is a powerful and adaptable SIEM from OpenText Canada that provides comprehensive data collection and real-time threat analysis. A security vulnerability exists in OpenText ArcSight Enterprise Security Manager that stems from referencing an expired...

2.3CVSS6.7AI score0.00389EPSS
Exploits0References2
nvd
nvd
added 2024/10/16 2:15 p.m.14 views

CVE-2024-22030

A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle MITM attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The...

8CVSS0.00377EPSS
Exploits0References2
osv
osv
added 2024/10/16 1:24 p.m.3 views

CVE-2024-22030 Rancher agents can be hijacked by taking over the Rancher Server URL

A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle MITM attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The...

8CVSS7AI score0.00377EPSS
Exploits0References4
cvelist
cvelist
added 2024/10/16 1:24 p.m.17 views

CVE-2024-22030 Rancher agents can be hijacked by taking over the Rancher Server URL

A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle MITM attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The...

8CVSS0.00377EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/02/19 12:0 a.m.6 views

PT-2024-19165 · Rke2 +2 · Rke2 +2

Name of the Vulnerable Software and Affected Versions: Rancher versions 2.7.0 through 2.7.14 Rancher versions 2.8.0 through 2.8.7 Rancher versions 2.9.0 through 2.9.1 Description: A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a...

9.9CVSS6.4AI score0.97781EPSS
Exploits21References145
susecve
susecve
added 2024/02/17 3:21 a.m.2 views

SUSE CVE-2024-22030

A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle MITM attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The...

8CVSS7AI score0.00377EPSS
Exploits0References8
thn
thn
added 2023/02/16 6:30 p.m.43 views

Researchers Hijack Popular NPM Package with Millions of Downloads

A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. "The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password," software supply chain security company Illustria...

1.5AI score
Exploits0
thn
thn
added 2023/02/16 6:30 p.m.5 views

Researchers Hijack Popular NPM Package with Millions of Downloads

A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. "The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password," software supply chain security company Illustria...

7.1AI score
Exploits0
prion
prion
added 2022/11/21 10:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

7.5CVSS9.2AI score0.00671EPSS
Exploits0References1Affected Software1
thn
thn
added 2022/05/24 3:31 p.m.54 views

Popular PyPI Package 'ctx' and PHP Library 'phpass' Hijacked to Steal AWS Keys

Two trojanized Python and PHP packages have been uncovered in what's yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is "ctx," a Python module available in the PyPi repository. The other involves "phpass," a PHP package...

0.5AI score
Exploits0
rhino
rhino
added 2019/04/09 10:30 a.m.454 views

CVE-2019-0227: Expired Domain to Remote Code Execution in Apache Axis

The post CVE-2019-0227: Expired Domain to Remote Code Execution in Apache Axis appeared first on Rhino Security Labs...

5.4CVSS4.6AI score0.86503EPSS
Exploits7
Rows per page
Query Builder