Lucene search
K

258 matches found

The Hacker News
The Hacker News
added 2025/03/06 12:15 p.m.18 views

EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing

The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT. "EncryptHub has been observed targeting users of popular applications, ...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/13 9:3 p.m.26 views

CVE-2023-5122

Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests t...

5.3CVSS6.7AI score0.00509EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.4 views

Fuji Electric V-Server和Fuji Electric V-Server Lite 缓冲区错误漏洞

Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a software package for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...

7.8CVSS7AI score0.00188EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.9 views

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in its uncontrolled search algorithm, which allows attackers to escalate their privileges.

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00279EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.5 views

The vulnerability of the centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to enhance their privileges and execute arbitrary code.

The vulnerability of the centreon-web component of the IT infrastructure monitoring software lies in the lack of protective measures for the SQL query structure. This allows attackers to enhance their privileges and execute arbitrary code using a specially created SQL query...

6.5CVSS6.1AI score0.01775EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/09/12 12:0 a.m.7 views

The vulnerability of monitoring software and Performance Co-Pilot (PCP) systems, which involves creating temporary files with insecure permissions, allows attackers to carry out attacks using symbolic links and to circumvent user isolation measures provided by PCP.

The vulnerability of the Performance Co-Pilot PCP monitoring and performance visualization software is related to the mixed levels of privileges used by systemd services associated with PCP. Exploiting this vulnerability allows an attacker to carry out attacks using symbolic links and to circumve...

6CVSS6.4AI score0.002EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.7 views

The vulnerability of the Cacti network monitoring software lies in the lack of security measures taken to protect the structure of the web page. This allows attackers to execute cross-site scripting attacks.

The vulnerability of the Cacti network monitoring software exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute cross-site scripting using a specially crafted page...

8.7CVSS7.6AI score0.00913EPSS
Exploits1References8Affected Software1
CNVD
CNVD
added 2024/06/18 12:0 a.m.1 views

Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. A buffer overflow vulnerability exists in Fuji Electric Tellus Lite V-Simulator, which stems from an out-of-bounds write vulnerability that can be exploited by an attacker t...

8.5CVSS7.5AI score0.00332EPSS
Exploits0References1
CNVD
CNVD
added 2024/06/18 12:0 a.m.3 views

Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability (CNVD-2025-13543)

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. Fuji Electric Tellus Lite V-Simulator suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. An...

8.5CVSS7.4AI score0.00327EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.6 views

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary SQL code.

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

7.5CVSS7.1AI score0.00349EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/06 12:0 a.m.6 views

The vulnerability of the Checkmk monitoring software for IT infrastructure allows a hacker to increase their privileges.

The vulnerability of Checkmk, a monitoring software for IT infrastructure, is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.8CVSS7.6AI score0.00342EPSS
Exploits5References3Affected Software1
CNNVD
CNNVD
added 2024/04/01 12:0 a.m.6 views

Voltronic Power ViewPower 安全漏洞

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An authentication bypass vulnerability exists in Voltronic Power ViewPower Pro, which can be exploited by an attacker to bypass authentication on the system...

9.8CVSS7AI score0.45744EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.5 views

Janitza GridVis 安全漏洞

Janitza GridVis is a grid monitoring software from Janitza. A security vulnerability exists in Janitza GridVis version 9.0.66 and prior versions that stems from the use of hard-coded credentials...

8.8CVSS6.8AI score0.00424EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/03/26 12:0 a.m.7 views

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures, allowing attackers to execute arbitrary SQL queries against the database.

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...

6.4CVSS6AI score0.003EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/12 12:0 a.m.9 views

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform, due to insufficient comparison, allows a hacker to execute arbitrary commands with privileged privileges.

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to insufficient comparison. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with privileged privileges...

8.3CVSS7.6AI score0.03324EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/09 12:0 a.m.6 views

The vulnerability of the pollers.php script, a network monitoring software, allows a hacker to execute arbitrary code.

The vulnerability of the pollers.php script, a network monitoring software, is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

10CVSS8.2AI score0.84628EPSS
Exploits4References4Affected Software1
CNVD
CNVD
added 2023/12/25 12:0 a.m.3 views

Voltronic Power ViewPower Remote Code Execution Vulnerability (CNVD-2025-2159406)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower, which can be exploited by an attacker to execute code in the SYSTEM context...

9.8CVSS9.8AI score0.01483EPSS
Exploits0References1
CNVD
CNVD
added 2023/12/25 12:0 a.m.5 views

Voltronic Power ViewPower Remote Code Execution Vulnerability (CNVD-2025-2160197)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower Pro, which can be exploited by an attacker to execute code in the context of LOCAL SERVICE...

9.8CVSS9.8AI score0.01603EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.3 views

Progress Software WhatsUp Gold Cross-Site Scripting Vulnerability

Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability previously existed in Progress Software WhatsUp Gold version...

7.6CVSS5.8AI score0.00513EPSS
Exploits0References3
CISA
CISA
added 2023/12/12 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on December 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-346-01 Schneider Electric Easy UPS Online Monitoring Software ICSA-22-356-03 Mitsubis...

7AI score
Exploits0References2
Rows per page
Query Builder