Lucene search
K

4933 matches found

Talos Blog
Talos Blog
added 2026/01/29 11:0 a.m.9 views

Dissecting UAT-8099: New persistence mechanisms and regional focus

Cisco Talos has identified a new campaign by UAT-8099, active from late 2025 to early 2026, that is targeting vulnerable Internet Information Services IIS servers across Asia with a specific focus on victims in Thailand and Vietnam. Analysis confirms significant operational overlaps between this...

6AI score
Exploits0
hivepro
hivepro
added 2026/01/27 7:48 p.m.5 views

Rapid7 vs. Hive Pro: A Head-to-Head Comparison

Threat intelligence and Business context are the secret sauces that transform vulnerability management from a frantic game of whack-a-mole into a strategic, focused risk management and security practice. Without it, you’re just staring at a massive list of vulnerabilities with little to no contex...

5.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2026/01/20 4:0 p.m.8 views

Cybersecurity Predictions for 2026 Signal the Maturation of Risk-First Security Models

Key Takeaways Cyber risk management gets operationalized in 2026. Leading organizations move beyond visibility and frameworks to govern risk through prioritization, simulation, and deliberate action. Attack-path modeling matures into execution. Static views give way to dynamic, decision-driving...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : xorg-x11-server-Xwayland-22.1.9-5.el9 (AXSA:2024-8022:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8022:01 advisory. xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 xorg-x11-server: out-of-bounds memory reads/writ...

9.8CVSS6AI score0.02106EPSS
Exploits0References10
Snyk
Snyk
added 2026/01/16 4:43 p.m.1 views

Malicious Package

Overview focus-trap-v2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2026/01/16 12:10 a.m.3 views

EUVD-2026-3072

Malicious code in focus-trap-v2 npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/16 12:10 a.m.5 views

Malicious code in focus-trap-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54f9667b65219caefb7d526b0ab3787b23c76689e9858e281ce10c5a744ffd10 The package focus-trap-v2 was found to contain malicious code. Source: ghsa-malware e80cecdd51ca03a6a75b249c73d4a4efda03c84e9bdc4a1ba3b2b66cbfd8c82d...

6.9AI score
Exploits0References1
OSV
OSV
added 2026/01/16 12:10 a.m.3 views

MAL-2026-285 Malicious code in focus-trap-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54f9667b65219caefb7d526b0ab3787b23c76689e9858e281ce10c5a744ffd10 The package focus-trap-v2 was found to contain malicious code. Source: ghsa-malware e80cecdd51ca03a6a75b249c73d4a4efda03c84e9bdc4a1ba3b2b66cbfd8c82d...

6.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.7 views

CVE-2023-29543

An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

8.8CVSS6.6AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.10 views

CVE-2023-29534

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected. This vulnerability affects...

9.1CVSS6.4AI score0.007EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.7 views

CVE-2023-29538

Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

4.3CVSS6.2AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.7 views

CVE-2023-29547

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for...

6.5CVSS8.5AI score0.00469EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.5 views

CVE-2021-22505

Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent...

9.8CVSS7.5AI score0.01497EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.6 views

CVE-2021-22523

XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions...

7.6CVSS7AI score0.00811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.7 views

CVE-2021-22514

An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM...

9.8CVSS8AI score0.02007EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.9 views

CVE-2021-22507

Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access...

9.8CVSS7.3AI score0.0168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.4 views

CVE-2021-22516

Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager SAPIM product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file...

7.5CVSS6.5AI score0.00986EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.6 views

CVE-2021-22521

A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges...

7.2CVSS7.2AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.8 views

CVE-2021-22512

Cross-Site Request Forgery CSRF vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks...

6.5CVSS6.9AI score0.00719EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.7 views

CVE-2021-22500

Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing...

6.5CVSS6.8AI score0.00478EPSS
Exploits0References1
Rows per page
Query Builder