EUVD-2022-52076

Malicious code in bioql PyPI...

EUVD-2025-18064

Malicious code in bioql PyPI...

CVE-2025-30675

In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the 'domainid' parameter along with the 'filter=self' or 'filter=selfexecutable' values. This allows the attack...

CVE-2025-30675

In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the 'domainid' parameter along with the 'filter=self' or 'filter=selfexecutable' values. This allows the attack...

CVE-2022-4780

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...

New Attack Technique Exploits Microsoft Management Console Files

Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console MSC files to gain full code execution using Microsoft Management Console MMC and evade security defenses. Elastic Security Labs has codenamed the approach GrimResource after...

CVE-2024-29007

The CVE-2024-29007 issue affects Apache CloudStack: when downloading templates or ISOs, the CloudStack management server and the secondary storage VM can follow HTTP 301 redirects to external resources, potentially enabling access to restricted or random resources. Affected components are the Clo...

K75253136: GnuPG vulnerability CVE-2013-4242

Security Advisory Description GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. CVE-2013-4242 Impact A local user may obtain...

CVE-2022-4780

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...

Hardcoded credentials

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...

CVE-2022-4780 hard coded credentials in elvexys ISOS firmwares

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...

CVE-2022-4780 hard coded credentials in elvexys ISOS firmwares

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change...

CVE-2022-4780

Summary: CVE-2022-4780 affects ISOS firmwares 1.81–2.00, due to hardcoded credentials in the embedded StreamX installer. The root cause is fixed credentials that integrators are not forced to change, enabling potential unauthorized access to the appliance/update flow. Impact (as stated): unauthor...

Elvexys ISOS 信任管理问题漏洞

Elvexys ISOS is an application from Elvexys, Inc. A security vulnerability exists in Elvexys ISOS versions 1.81 through 2.00, which stems from hard-coded credentials containing the embedded StreamX installer...

PT-2022-28087 · Isos · Isos

Name of the Vulnerable Software and Affected Versions: ISOS firmwares versions 1.81 through 2.00 Description: The issue concerns hardcoded credentials in the embedded StreamX installer within ISOS firmwares. These credentials are not mandatory for integrators to change, posing a security risk...

barbarajpublications.com Cross Site Scripting vulnerability OBB-1319661

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

PT-2018-3810 · Gnu +5 · Gnu Libcdio +5

Name of the Vulnerable Software and Affected Versions: GNU libcdio versions prior to 1.0.0 Description: The issue is related to the realloc symlink function in rock.c and is associated with pointer dereference errors. It can be exploited by remote attackers to cause a denial of service...

Kali Linux 2016.2 - The Best Penetration Testing Distribution

This release brings a whole bunch of interesting news and updates into the world of Kali. New KDE, MATE, LXDE, e17, and Xfce Builds Although users are able to build and customize their Kali Linux ISOs however they wish, we often hear people comment about how they would love to see Kali with...

Linux Mint Website Hacked, ISOs Replaced with Backdoored Versions

Attackers managed to hijack the website of the Linux Mint operating system to push a backdoored ISO image of the software to users over the weekend. The developers behind the software, one of, if not the most popular Linux distribution, are unsure what the hackers are aiming to achieve by the mov...

BlackArch Linux v2015.07.31 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1239 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. The new ISOs include over 1230 tools for i686 and...