Lucene search
K

1166 matches found

HackRead
HackRead
added 2020/11/02 4:59 p.m.24 views

Google Firebase cloud messaging abused to spread Android malware

By Waqas Dubbed Firestarter by researchers; the Android malware campaign is exploiting the Kashmir issue between India and Pakistan but its target remains the Pakistani government, noted Cisco Talos researchers. Cisco Talos researchers have discovered that the APT threat group DoNot exploits...

1.9AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/10/13 12:0 a.m.9 views

Integrate Security into Your GCP with Google Cloud SDK

Dive into this how to guide on integrating Trend Micro Cloud One™ – Workload Security with Google Cloud Platform™...

1.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2020/10/12 10:0 p.m.66 views

What's New in Edge Delivery

Welcome to day two of the Akamai Platform Update! Today, we're focusing on Akamai's edge delivery products as well as other complimentary products that help drive great digital experiences. The last several months have been nothing short of unprecedented as lockdowns, quarantines, and other...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/09/22 2:12 p.m.27 views

Google Cloud Buckets Exposed in Rampant Misconfiguration

Six percent of all Google Cloud buckets are misconfigured and left open to the public internet, for anyone to access their contents. In a survey of 2,064 Google Cloud buckets by Comparitech, 131 of them were found to be vulnerable to unauthorized access by users who could list, download and/or...

0.6AI score
Exploits0References6
Kitploit
Kitploit
added 2020/09/06 11:30 a.m.63 views

VPS-Docker-For-Pentest - Create A VPS On Google Cloud Platform Or Digital Ocean Easily With The Docker For Pentest

Create a VPS on Google Cloud Platform or Digital Ocean easily with the docker for pentest included to launch the assessment to the target. Requirements Terraform installed Ansible installed SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage 1.- Clone the repository...

7.3AI score
Exploits0References2
Ubuntu
Ubuntu
added 2020/09/03 4:51 p.m.110 views

USN-4485-1: Linux kernel vulnerabilities

Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915gemexecbuffer2ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2018-20669 It was discovered that the...

7.8CVSS7.1AI score0.00617EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2020/08/28 12:0 a.m.6 views

The vulnerability of the Google Cloud OS guest-oslogin entry environment, related to incorrect default access permissions settings, allows attackers to escalate their privileges.

The vulnerability of the Google Cloud OS guest-oslogin entry environment is related to incorrect default access settings. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.2AI score0.00309EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/08/28 12:0 a.m.9 views

The vulnerability of the Google Cloud OS guest-oslogin entry environment, related to incorrect default access permissions settings, allows attackers to escalate their privileges.

The vulnerability of the Google Cloud OS guest-oslogin entry environment is related to incorrect default access settings. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.00353EPSS
Exploits1References6Affected Software2
Ubuntu
Ubuntu
added 2020/07/27 10:46 p.m.186 views

USN-4426-1: Linux kernel vulnerabilities

Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. CVE-2019-20908 Fan Yang...

7.8CVSS7.4AI score0.01314EPSS
Exploits1
Kitploit
Kitploit
added 2020/06/26 2:0 p.m.145 views

Cloudtopolis - Cracking Hashes In The Cloud For Free

Cloudtopolis is a tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and completely unattended and also, free!. Requirements Have 1 Google account at least. Installation Cloudtopolis installation is carried out in two phases: Phase 1...

7.4AI score
Exploits0References5
Ubuntu
Ubuntu
added 2020/06/25 8:58 p.m.76 views

USN-4404-2: Linux kernel vulnerabilities

USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when...

7.8CVSS6.7AI score0.00471EPSS
Exploits0
CNVD
CNVD
added 2020/06/23 12:0 a.m.3 views

Google Cloud Platform guest-oslogin elevation of privilege vulnerability (CNVD-2020-60516)

Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...

9.3CVSS6.7AI score0.00309EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/23 12:0 a.m.3 views

Google Cloud Platform guest-oslogin elevation of privilege vulnerability

Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...

9.3CVSS6.7AI score0.00353EPSS
Exploits1References1
CNVD
CNVD
added 2020/06/23 12:0 a.m.3 views

Google Cloud Platform guest-oslogin elevation of privilege vulnerability (CNVD-2020-60515)

Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...

7.8CVSS6.7AI score0.00315EPSS
Exploits1References1
NVD
NVD
added 2020/06/22 2:15 p.m.27 views

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

7.8CVSS0.00315EPSS
Exploits1References5
NVD
NVD
added 2020/06/22 2:15 p.m.24 views

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

9.3CVSS0.00309EPSS
Exploits1References5
OSV
OSV
added 2020/06/22 2:15 p.m.18 views

CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

7.8CVSS7AI score
Exploits0References5
OSV
OSV
added 2020/06/22 2:15 p.m.16 views

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

7.8CVSS6.5AI score
Exploits0References5
NVD
NVD
added 2020/06/22 2:15 p.m.20 views

CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

9.3CVSS0.00353EPSS
Exploits1References5
OSV
OSV
added 2020/06/22 2:15 p.m.17 views

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

7.8CVSS6.9AI score
Exploits0References5
Rows per page
Query Builder