3786 matches found
CVE-2022-38532
Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component CFeatures of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable...
CVE-2021-31787
The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown of a device by flooding the target device with LMPfeaturesres packets...
CVE-2021-25648
Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage...
CVE-2020-12494
Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements real-time features. Except for Ethernet frames sent from real-time functionality, all other Ethernet frames sent through the driver are not padded if their payload is less tha...
CVE-2015-10104
A vulnerability, which was classified as problematic, has been found in Icons for Features Plugin 1.0.0 on WordPress. Affected by this issue is some unknown functionality of the file classes/class-icons-for-features-admin.php. The manipulation of the argument redirecturl leads to open redirect. T...
CVE-2019-15685
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and...
CVE-2019-10885
An issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context...
CVE-2017-8776
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the...
A Scalable Hierarchical Intrusion Detection System for Internet of Vehicles
Due to its nature of dynamic, mobility, and wireless data transfer, the Internet of Vehicles IoV is prone to various cyber threats, ranging from spoofing and Distributed Denial of Services DDoS attacks to malware. To safeguard the IoV ecosystem from intrusions, malicious activities, policy...
Password Strength Detection Via Machine Learning: Analysis, Modeling, and Evaluation
As network security issues continue gaining prominence, password security has become crucial in safeguarding personal information and network systems. This study first introduces various methods for system password cracking, outlines password defense strategies, and discusses the application of...
CVE-2002-2032
sqllayer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sqldebug parameter to 1 index.php and 2 modules.php...
Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detects the credentials to be compromised. "When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an...
Inedo ProGet 安全漏洞
Inedo ProGet is a package management system from Inedo. A security vulnerability exists in Inedo ProGet versions prior to 2.17.5, which stems from a low-privileged user having access to configuration file information containing details of allowed/prohibited features...
USN-7519-1: MariaDB vulnerabilities
Several security issues were discovered in MariaDB and this update includes a new upstream MariaDB version to fix these issues. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes...
USN-7519-1 mariadb-10.6 vulnerabilities
Several security issues were discovered in MariaDB and this update includes a new upstream MariaDB version to fix these issues. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes...
GSDFuse: Capturing Cognitive Inconsistencies from Multi-Dimensional Weak Signals in Social Media Steganalysis
The ubiquity of social media platforms facilitates malicious linguistic steganography, posing significant security risks. Steganalysis is profoundly hindered by the challenge of identifying subtle cognitive inconsistencies arising from textual fragmentation and complex dialogue structures, and th...
Ubuntu 22.04 LTS : MariaDB vulnerabilities (USN-7519-1)
The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7519-1 advisory. Several security issues were discovered in MariaDB and this update includes a new upstream MariaDB version to fix these issues. In addition to security...
TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability (CNVD-2025-11996)
The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU suffer from a buffer overflow vulnerability that stems from improper handling of the file /boafrm/formIpQoS in the HTTP POST request handler. No...
Important: Red Hat Security Advisory: Updated Red Hat OpenShift Dev Spaces 3 container images
Updated Red Hat OpenShift Dev Spaces 3.20 container images are now available The Red Hat OpenShift Dev Spaces 3 container images have been updated to address the following security advisory: RHSA-2025:3713 see References Users of Red Hat OpenShift Dev Spaces 3 container images are advised to...
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts. "Skitnet has been sold on underground forums like RAMP since April 2024," Swiss cybersecurity company PRODAFT told T...