Lucene search
K

20 matches found

The Hacker News
The Hacker News
added 2026/01/29 11:55 a.m.7 views

Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology OT networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues...

7.8CVSS6.1AI score0.74323EPSS
Exploits7
OSV
OSV
added 2025/03/17 2:15 p.m.3 views

CVE-2021-32584

An improper access control CWE-284 vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI...

5.3CVSS5.8AI score0.00611EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2024/10/09 5:46 p.m.8 views

The Future of Cybersecurity Risk Management: Risk Operations Center (ROC) delivered by Qualys Enterprise TruRisk™ Management (ETM)

" A problem well defined is a problem half solved." – Charles Kettering In today’s digital landscape, organizations are overwhelmed with risk signals from all directions—cloud vulnerabilities, misconfigurations in custom code, operational technology OT gaps, and third-party integrations, to name ...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/10 1:30 p.m.8 views

Takeaways From The Take Command Summit: Unlocking ROI in Security

Rapid7 CMO Cindy Stanton hosted a discussions with Cindy Stanton, Byron Anderson, Principal InfoSec Engineer, KinderCare Learning Companies and Gaël Frouin Director IT Security, AAA Northeast to talk strategies for measuring team performance and demonstrating ROI in cybersecurity at Rapid7’s rece...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.5 views

Fedora: Security Advisory for qt5-qtquickcontrols2 (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.0097EPSS
Exploits0References2
Fedora
Fedora
added 2024/06/05 1:41 a.m.16 views

[SECURITY] Fedora 40 Update: qt5-qtquickcontrols2-5.15.14-1.fc40

The Qt Labs Controls module provides a set of controls that can be used to build complete interfaces in Qt Quick. Unlike Qt Quick Controls, these controls are optimized for embedded systems and so are preferred for hardware with limited resources...

9.8CVSS6.4AI score0.0097EPSS
Exploits0
HackRead
HackRead
added 2023/09/20 3:10 p.m.10 views

Schools Are the Most Targeted Industry by Ransomware Gangs

By Waqas Schools are often understaffed and have limited resources to invest in cybersecurity. This is a post from HackRead.com Read the original post: Schools Are the Most Targeted Industry by Ransomware Gangs...

6.9AI score
Exploits0
CNVD
CNVD
added 2023/04/13 12:0 a.m.21 views

Cesanta MJS Denial of Service Vulnerability (CNVD-2023-29378)

Cesanta MJS is a JavaScript engine designed for microcontrollers with limited resources. Cesanta MJS version 2.20.0 contains a denial of service vulnerability that can be exploited by attackers to launch a denial of service attack...

5.4AI score0.00288EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/04/21 12:0 a.m.26 views

FANUC ROBOGUIDE Resource Management Error Vulnerability

FANUC ROBOGUIDE is a robot simulation software from FANUC Japan. A resource management error vulnerability exists in ROBOGUIDE v9.40083.00.05 and prior versions, which stems from an inability to properly control the allocation and maintenance of limited resources, and can be exploited by an...

6.1CVSS5.7AI score0.00664EPSS
Exploits0References1
Prion
Prion
added 2022/03/30 4:15 p.m.14 views

Authorization

An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a denia...

3.6CVSS6.7AI score0.00194EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2022/02/14 12:0 a.m.21 views

Cesanta MJS has an unspecified vulnerability (CNVD-2022-77015)

Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...

5.5CVSS3.2AI score0.00614EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/14 12:0 a.m.19 views

Cesanta MJS has an unspecified vulnerability (CNVD-2022-77012)

Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...

5.5CVSS3.2AI score0.00614EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/14 12:0 a.m.28 views

Cesanta MJS has an unspecified vulnerability (CNVD-2022-77014)

Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...

5.5CVSS3.2AI score0.00614EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/01/27 12:0 a.m.5 views

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...

5.5CVSS5.6AI score0.00614EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/03/25 12:0 a.m.6 views

The vulnerability of the Magento Commerce software platform for developing and managing online stores lies in the lack of automatic termination of all sessions after changing passwords. This allows attackers to gain unauthorized access to limited resources.

The vulnerability of the Magento Commerce software development and management platform lies in the lack of automatic termination of all sessions after the password is changed. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to limited resources...

7.5CVSS6AI score0.01673EPSS
Exploits0References3Affected Software2
The Hacker News
The Hacker News
added 2021/01/29 12:12 p.m.7 views

New CISOs Survey Reveals How Small Cybersecurity Teams Can Confront 2021

The pressure on small to medium-sized enterprises to protect their organizations against cyberthreats is astronomical. These businesses face the same threats as the largest enterprises, experience the same relative damages and consequences when breaches occur as the largest enterprises but are...

5.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/03/04 12:0 a.m.5 views

The vulnerability of the telnet service in Siemens industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-200RNA allows a intruder to trigger a maintenance failure.

The vulnerability of the telnet service on Siemens SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-200RNA industrial switches is related to insufficient resource capacity. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

8.6CVSS7.2AI score0.01361EPSS
Exploits0References2Affected Software2
ThreatPost
ThreatPost
added 2019/08/07 6:20 p.m.75 views

Black Hat 2019: Security's Powerful Cultural Transformation

LAS VEGAS — “Start with yes.'” That’s the advice to security teams from Dino Dai Zovi, mobile security lead at Square, giving the keynote on Wednesday at the 23rd annual Black Hat conference in Las Vegas. Taking as a first principle the idea that security teams now have the ear of company boards...

7.5AI score
Exploits0References2
Schneier on Security
Schneier on Security
added 2018/05/02 11:40 a.m.18 views

NIST Issues Call for "Lightweight Cryptography" Algorithms

This is interesting: Creating these defenses is the goal of NIST's lightweight cryptography initiative, which aims to develop cryptographic algorithm standards that can work within the confines of a simple electronic device. Many of the sensors, actuators and other micromachines that will functio...

Exploits0
securityvulns
securityvulns
added 2012/03/09 12:0 a.m.23 views

XML::Atom Perl module limitations bypass

It's possible to obtain read access to limited resources...

2.1AI score
Exploits0References1
Rows per page
Query Builder