18 matches found
Anytype Heart's gRPC API client challenge verification can be bypassed on localhost
Impact The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. Affected components: - Anytype Desktop all platforms ≤ v0.48.2 - Anytype-CLI headless deployments ≤ v0.1.9 Not affected: - Anytype mobile apps iOS...
CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...
CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...
EUVD-2025-30276
Malicious code in bioql PyPI...
Avoid Enabling Unnecessary Services and Ports
In the zones, you need to specify the interfaces, ports, and services that need to be enabled or disabled. Correct configuration prevents illegitimate packets from being received and processed, reduces the number of exposed ports on the server, and reduces the attack surface. If the configuration...
New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included among the tools deployed is a remote access tool that's capable of downloading and executing more...
CVE-2024-24760
mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container,...
PT-2024-20538 · Mailcow · Mailcow
Name of the Vulnerable Software and Affected Versions: mailcow versions prior to 2024-01c Description: A security issue has been identified in mailcow, a dockerized email package. This issue potentially allows attackers on the same subnet to connect to exposed ports of a Docker container, even wh...
Introducing AI-guided Remediation for IaC Security / KICS
While the use of Infrastructure as Code IaC has gained significant popularity as organizations embrace cloud computing and DevOps practices, the speed and flexibility that IaC provides can also introduce the potential for misconfigurations and security vulnerabilities. IaC allows organizations to...
CVE-2020-12030
There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway...
Automated remediation level 3: Governance and hygiene
Mold it, make it, just don’t fake it At a quick glance, it seems like the title of this blog is “government hygiene.” Most likely, that wouldn’t be a particularly exciting read, but we’re hoping you might be engaged enough to gain a few takeaways from this fourth piece in our series on automating...
Beware: New Matryosh DDoS Botnet Targeting Android-Based Devices
A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service DDoS attacks. Called "Matryosh" by Qihoo 360's Netlab researchers, the latest threat has been found reusing the Mirai botnet framework and...
CVE-2020-10271 RVD#2555: MiR ROS computational graph is exposed to all network interfaces, including poorly secured wireless networks and open wired ones
MiR100, MiR200 and other MiR robots use the Robot Operating System ROS default packages exposing the computational graph to all network interfaces, wireless and wired. This is the result of a bad set up and can be mitigated by appropriately configuring ROS and/or applying custom patches as...
CVE-2020-7905
Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network...
CVE-2019-9945
SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGINX default configuration file has a check to verify the status of a user cookie. If not set, a user is redirected to the login page. An arbitrary value can be provided for this cookie to access the web interface without valid...
CVE-2017-17406
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within an exposed RMI registry, which listens on TCP ports 1800 and 1850 by defaul...
Project Artillery - Full Suite for Protection against Attack on Linux and Windows
Project Artillery is an open source project aimed at the detection of early warning indicators and attacks. The concept is that Artillery will spawn multiple ports on a system giving the attacker the idea that multiple ports are exposed. Additionally, Artillery actively monitors the filesystem fo...
OpenShift: /proc/net/tcp information disclosure
It was found that OpenShift Enterprise did not restrict access to the /proc/net/tcp file in gears, which allowed local users to view all listening connections and connected sockets. This could result in remote system's IP or port numbers in use to be exposed, which may be useful for further...