Lucene search
K

42 matches found

Packet Storm News
Packet Storm News
added 2025/07/03 12:0 a.m.5 views

Holographic Projection and Cyber Attack Surface: a Physical Analogy for Digital Security

This article presents an in-depth exploration of the analogy between the Holographic Principle in theoretical physics and cyber attack surfaces in digital security. Building on concepts such as black hole entropy and AdS/CFT duality, it highlights how complex infrastructures project their...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/28 12:0 a.m.2 views

Cybersecurity for Autonomous Vehicles

The increasing adoption of autonomous vehicles is bringing a major shift in the automotive industry. However, as these vehicles become more connected, cybersecurity threats have emerged as a serious concern. Protecting the security and integrity of autonomous systems is essential to prevent...

7.1AI score
Exploits0
OSV
OSV
added 2024/03/15 6:12 p.m.4 views

CVE-2023-7060 Missing Security Control in Zephyr OS IP Packet Handling

Zephyr OS IP packet handling does not properly drop IP packets arriving on an external interface with a source address equal to 127.0.01 or the destination address...

8.6CVSS7.2AI score0.00492EPSS
Exploits1References4
OSV
OSV
added 2023/12/29 7:36 p.m.33 views

GHSA-FWVG-2739-22V7 Miniflare vulnerable to Server-Side Request Forgery (SSRF)

Impact Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external network interfaces as was the default in wrangler until 3.19.0, an attacker on the local network...

7.5CVSS6AI score0.00552EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.7 views

PT-2023-32863 · Miniflare · Miniflare

Name of the Vulnerable Software and Affected Versions: Miniflare versions prior to 3.20231030.2 Description: Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on...

8.1CVSS7.7AI score0.00552EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2023/08/02 12:0 a.m.5 views

PT-2023-20608 · Xiaomi · Xiaomi Router

Name of the Vulnerable Software and Affected Versions: Xiaomi routers affected versions not specified Description: The issue is caused by inadequate filtering of responses from external interfaces, leading to command injection. Attackers can exploit this by hijacking the ISP or upper-layer routin...

9.8CVSS8.3AI score0.00948EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.4 views

SUSE CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS9.6AI score0.02876EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/24 12:0 a.m.4 views

PT-2022-18607 · Unknown · Sns Firewall

Name of the Vulnerable Software and Affected Versions: SNS firewall versions 3.7.0 through 3.7.29 SNS firewall versions 3.11.0 through 3.11.17 SNS firewall versions 4.2.0 through 4.2.10 SNS firewall versions 4.3.0 through 4.3.6 Description: Flooding the SNS firewall with specific forged traffic c...

7.5CVSS7.1AI score0.00662EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/06/24 12:0 a.m.5 views

PT-2022-3965 · Illumina · Illumina Local Run Manager

Name of the Vulnerable Software and Affected Versions: Illumina Local Run Manager affected versions not specified Description: The issue is related to incorrect code generation management in Illumina Local Run Manager. An unauthenticated malicious actor can upload and execute code remotely at the...

10CVSS9.4AI score0.01644EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2021/10/27 6:53 p.m.48 views

Duplicate Advisory: Remote code execution in dask

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hwqr-f3v9-hwxr. This link is maintained to preserve external references. Original Description An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with...

9.8CVSS8.5AI score0.02876EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2021/10/26 11:15 a.m.2 views

DEBIAN-CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS8.8AI score0.02876EPSS
Exploits0References1
PyPA
PyPA
added 2021/10/26 11:15 a.m.3 views

PYSEC-2021-872

Withdrawn as duplicate of PYSEC-2021-871. An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their...

9.8CVSS7.5AI score0.02876EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2021/10/26 11:15 a.m.7 views

PYSEC-2021-387

An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on external interfaces...

9.8CVSS7.6AI score0.02876EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/10/26 11:15 a.m.3 views

UBUNTU-CVE-2021-42343

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client which defaults to using LocalCluster would mistakenly configure their respective Dask workers to listen on extern...

9.8CVSS7.5AI score0.02876EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/26 12:0 a.m.4 views

Python Dask 安全漏洞

Python Dask is a flexible parallel computing library for Python. Dask suffers from a security vulnerability that stems from the fact that standalone Dask clusters started as Dask .distributed.LocalCluster or Dask .distributed. client LocalCluster is used by default will incorrectly configure thei...

9.8CVSS8.6AI score0.02876EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.9 views

OTRS AG OTRSTicketForms 信息泄露漏洞

OTRS AG OTRSTicketForms is a functional add-on from OTRS Germany. Using it it is possible to display different ticket masks and forms in the agent and external interfaces, depending on which dynamic fields are relevant for the customer request. An information disclosure vulnerability exists in OT...

4.9CVSS5.8AI score0.00995EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.10 views

The vulnerability of the JunOS operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the JunOS operating system’s kernel is related to errors in processing packets destined for another address. Exploiting this vulnerability can allow an attacker to trigger a kernel error and a service failure by sending specially crafted packets from external control interfac...

6.5CVSS6.6AI score0.00637EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/10/11 12:0 a.m.5 views

The vulnerability of the interface for internal and external switches of the GlobalProtect operating system PAN-OS allows a attacker to cause a service failure or obtain confidential information.

The vulnerability of the internal and external gateway interfaces of the GlobalProtect operating system PAN-OS is related to incorrect restrictions on XML links to external objects XXE. Exploiting this vulnerability can allow a malicious actor to obtain confidential information, cause service...

9.8CVSS7.8AI score0.02465EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2015/08/31 12:0 a.m.65 views

cups-filters limitations bypass

Local printers may be accessible via external interfaces...

7.5CVSS5.3AI score0.02426EPSS
Exploits0References1
Prion
Prion
added 2007/03/16 10:19 p.m.19 views

Code injection

Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties...

5.2CVSS7AI score0.00369EPSS
Exploits0References3Affected Software3
Rows per page
Query Builder