Lucene search
K

22 matches found

hivepro
hivepro
added 2026/05/27 10:3 a.m.11 views

Identity Exposure Management: Why It Matters

Millions of corporate credentials leak onto the public internet every single week. These exposed credentials act as open doors for threat actors looking to breach hybrid networks. When security teams rely only on legacy tools, they remain blind to these silent entry points. Book a HivePro demo to...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.3 views

NewStart CGSL MAIN 7.02 : pam Multiple Vulnerabilities (NS-SA-2025-0191)

The remote NewStart CGSL host, running version MAIN 7.02, has pam packages installed that are affected by multiple vulnerabilities: - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks...

7.4CVSS6.5AI score0.00798EPSS
Exploits1References7
NVD
NVD
added 2024/10/23 2:15 p.m.26 views

CVE-2024-10041

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...

4.7CVSS0.00265EPSS
Exploits0References5
CVE
CVE
added 2024/10/23 1:46 p.m.341 views

CVE-2024-10041

CVE-2024-10041 describes a PAM vulnerability where secret information is kept in memory and can be leaked during authentication by triggering speculative execution via stdin, potentially exposing passwords (e.g., in /etc/shadow). Connected advisories confirm PAM updates and patches across distrib...

4.7CVSS4.8AI score0.00265EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2024/10/23 1:46 p.m.14 views

CVE-2024-10041

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...

4.7CVSS6.1AI score0.00265EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/10/23 1:36 p.m.21 views

CVE-2024-10041

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...

4.7CVSS6.6AI score0.00265EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2024/09/25 12:0 a.m.24 views

Gitlab -- vulnerabilities

Gitlab reports: Maintainer can leak Dependency Proxy password by changing Dependency Proxy URL via crafted POST request AI feature reads unsanitized content, allowing for attacker to hide prompt injection Project reference can be exposed in system notes...

5.5CVSS6.8AI score0.00276EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2024/07/15 8:1 a.m.14 views

A week in security (July 8 – July 14)

Last week on Malwarebytes Labs: "Nearly all" AT&T customers had phone records stolen in new data breach disclosure Fake Microsoft Teams for Mac delivers Atomic Stealer Dangerous monitoring tool mSpy suffers data breach, exposes customer details iPhone users in 98 countries warned about spyware by...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2024/01/12 11:30 a.m.77 views

EmploLeaks - An OSINT Tool That Helps Detect Members Of A Company With Leaked Credentials

This is a tool designed for Open Source Intelligence OSINT purposes, which helps to gather information about employees of a company. How it Works The tool starts by searching through LinkedIn to obtain a list of employees of the company. Then, it looks for their social network profiles to find...

6.8AI score
Exploits0References2
NVD
NVD
added 2024/01/01 3:15 p.m.20 views

CVE-2023-6421

The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords, leaking it upon receiving an invalid one...

7.5CVSS7.6AI score0.02437EPSS
Exploits3References1
Kitploit
Kitploit
added 2022/09/30 11:30 a.m.20 views

Pmanager - Store And Retrieve Your Passwords From A Secure Offline Database. Check If Your Passwords Has Leaked Previously To Prevent Targeted Password Reuse Attacks

Demo Description Store and retrieve your passwords from a secure offline database. Check if your passwords has leaked previously to prevent targeted password reuse attacks. Why develop another password manager ? This project was initially born from my desire to learn Rust. I was tired of using th...

7.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2021/06/09 12:58 p.m.52 views

DarkSide Pwned Colonial With Old VPN Password

It took only one dusty, no-longer-used password for the DarkSide cybercriminals to breach the network of Colonial Pipeline Co. last month, resulting in a ransomware attack that caused significant disruption and remains under investigation by the U.S. government and cybersecurity experts. Attacker...

7.7AI score
Exploits0References13
Securelist
Securelist
added 2020/12/29 10:0 a.m.239 views

Digital Footprint Intelligence Report

Introduction The Digital Footprint Intelligence Service announces the results of research on the digital footprints of governmental, financial and industrial organizations for countries in the Middle East region: Bahrain, Egypt, Iran, Iraq, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, Suda...

0.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/03/10 11:18 a.m.32 views

CIA Dirty Laundry Aired

Joshua Schulte, the CIA employee standing trial for leaking the Wikileaks Vault 7 CIA hacking tools, maintains his innocence. And during the trial, a lot of shoddy security and sysadmin practices are coming out: All this raises a question, though: just how bad is the CIA's security that it wasn't...

1.6AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2019/02/17 12:0 p.m.89 views

What Is Credential Stuffing?

What happens to all those emails and passwords that get leaked? They're frequently used to try to break into users' other accounts across the internet...

3.7AI score
Exploits0
Prion
Prion
added 2017/10/10 4:29 p.m.13 views

Default credentials

salt before 2015.5.5 leaks git usernames and passwords to the log...

3.5CVSS6.9AI score0.01227EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2016/06/08 10:23 p.m.9 views

Warning! 32 Million Twitter Passwords May Have Been Hacked and Leaked

The world came to know about massive data breaches in some of the most popular social media websites including LinkedIn, MySpace, Tumblr, Fling, and VK.com when an unknown Russian hacker published the data dumps for sale on the underground black marketplace. However, these are only data breaches...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2015/06/23 6:1 p.m.174 views

Pornhub: Publicly exposed SVN repository, ht.pornhub.com

After I found the subversion repository I visited the following location https://netreact.eu/hubtraffic I could see the usernames in the repo and the following weak credentials gave me access: stefan:123456 An attacker can commit code to this location which could be mirrored on the main site and...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2012/07/23 8:10 p.m.8 views

8 million passwords dumped from gaming website Gamigo

Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users' credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedLis...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2012/01/22 1:29 p.m.7 views

Third Security breach at Core Security Technologies

Third Security breach at Core Security Technologies Possible Security Breach in Website of Core Security Technologies by sncope Hacker. This is 3rd time when sncope hack and Leak the Passwords of Core Security Technologies. The details of Pentest done by sncope is available on Pastebin. It includ...

6.5AI score
Exploits0
Rows per page
Query Builder