Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.7 views

PT-2026-28280

Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commit...

8.3CVSS5.9AI score0.00387EPSS
Exploits1References6
NVD
NVD
added 2024/04/04 8:15 p.m.22 views

CVE-2024-22023

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS...

5.3CVSS5.3AI score0.03EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/03/04 8:15 a.m.2 views

CVE-2023-4479

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...

7.3CVSS7.5AI score0.00436EPSS
Exploits0References4
Prion
Prion
added 2023/11/22 5:15 p.m.17 views

Design/Logic Flaw

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...

1CVSS7.1AI score0.00172EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2023/11/22 5:9 p.m.36 views

CVE-2023-20084

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...

5CVSS5.4AI score0.00172EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/04/27 11:45 a.m.37 views

LimeRAT Malware Analysis: Extracting the Config

Remote Access Trojans RATs have taken the third leading position in ANY. RUN's Q1 2023 report on the most prevalent malware types, making it highly probable that your organization may face this threat. Though LimeRAT might not be the most well-known RAT family, its versatility is what sets it...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/03 7:37 a.m.81 views

Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF

Whether you are looking to turn into a full-time developer or simply increasing your earnings in your current niche, learning to code can be a smart move. It is a well-known fact that recruiters strive to recruit people with technical skills, and these skills are a great way to build your own...

7.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/04/28 1:22 a.m.62 views

Second Click Here to Kill Everybody Sale

For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. I have 600 copies of the book available. When theyre gone, the sale is over and the price will revert to normal. Order here. Please be patient on delivery. Its a lot of work to...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/05 10:22 a.m.9 views

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

As cloud computing continues to grow, Google Cloud is quickly becoming one of the most popular solutions. However, relatively few engineers know this platform well. This leaves the door open for aspiring IT professionals who take the official exams. The Google Cloud Certifications Practice Tests ...

5.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/15 6:26 p.m.62 views

Click Here to Kill Everybody Sale

For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. Note that I have had occasional problems with international shipping. The book just disappears somewhere in the process. At this price, international orders are at the buyers...

0.8AI score
Exploits0
MSRC
MSRC
added 2018/03/14 7:0 a.m.9 views

Speculative Execution Bounty Launch

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...

1.1AI score
Exploits0
MSRC
MSRC
added 2018/03/14 7:0 a.m.5 views

Speculative Execution Bounty Launch

Today, Microsoft is announcing the launch of a limited-time bounty program for speculative execution side channel vulnerabilities. This new class of vulnerabilities was disclosed in January 2018 and represented a major advancement in the research in this field. In recognition of that threat...

6.9AI score
Exploits0
Rows per page
Query Builder