Lucene search
+L

18 matches found

thn
thn
added 2026/02/19 11:55 a.m.11 views

From Exposure to Exploitation: How AI Collapses Your Response Window

We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts you’d eventually pay do...

6.2AI score
Exploits0
packetstormnews
packetstormnews
added 2025/12/01 12:0 a.m.7 views

Behind the Curtain: How Shared Hosting Providers Respond to Vulnerability Notifications

Large-scale vulnerability notifications VNs can help hosting provider organizations HPOs identify and remediate security vulnerabilities that attackers can exploit in data breaches or phishing campaigns. Previous VN studies have primarily focused on factors under the control of reporters, such as...

7AI score
Exploits0
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-29276

Malicious code in bioql PyPI...

9.9CVSS6.6AI score0.00753EPSS
Exploits0References2
wired
wired
added 2025/08/19 5:15 p.m.10 views

Senate Probe Uncovers Allegations of Widespread Abuse in ICE Custody

Led by US senator Jon Ossoff, the investigation cites hundreds of reports since January, including accounts of miscarriages, child neglect, and sexual abuse at ICE detention centers in dozens of states...

7.3AI score
Exploits0
redhatcve
redhatcve
added 2025/05/10 10:10 a.m.21 views

CVE-2025-3759

Endpoint /cgi-bin-igd/netcoreset.cgi which is used for changing device configuration is accessible without authentication. This poses a significant security threat allowing for e.g: administrator account hijacking or AP password changing. The vendor was contacted early about this disclosure but d...

8.7CVSS6.5AI score0.00226EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/20 4:31 p.m.43 views

CVE-2024-11488 115cms web_user.html cross site scripting

A vulnerability was found in 115cms up to 20240807 and classified as problematic. This issue affects some unknown processing of the file /app/admin/view/webuser.html. The manipulation of the argument ks leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

5.3CVSS0.00309EPSS
Exploits1References3
nvd
nvd
added 2024/10/31 9:15 p.m.28 views

CVE-2024-10596

A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sql injection. The attack may be launched...

8.8CVSS0.00543EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2024/10/23 1:0 p.m.27 views

CVE-2024-10279 ESAFENET CDG PrintPolicyService.java sql injection

A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. This vulnerability affects unknown code of the file /com/esafenet/servlet/policy/PrintPolicyService.java. The manipulation of the argument policyId leads to sql injection. The attack can be initiated remotely. The...

6.5CVSS7.3AI score0.00569EPSS
Exploits1References4
nvd
nvd
added 2024/09/08 6:15 p.m.21 views

CVE-2024-8576

A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861B20230220/4.1.8cu.5207. It has been classified as critical. Affected is the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. It is possible to...

9CVSS0.01091EPSS
Exploits1References5
cve
cve
added 2024/04/02 10:0 p.m.144 views

CVE-2024-3203

The CVE-2024-3203 issue affects c-blosc2 up to 2.13.2, where the ndlz8_decompress function in /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c enables a heap-based buffer overflow that can be triggered remotely. Upgrading to version 2.14.3 addresses the vulnerability. The exploitation details are desc...

9.8CVSS7.4AI score0.01348EPSS
Exploits1References5Affected Software1
veracode
veracode
added 2024/01/25 12:12 a.m.24 views

XML External Entity (XXE)

Spreadsheet::ParseXLSX is vulnerable to XML External Entity XXE. The vulnerability is caused due to neglecting noxxe option of XML::Twig. This can be exploited to compromise Confidentiality of the system...

6.5CVSS6.7AI score0.00776EPSS
Exploits1References7Affected Software1
wordfence
wordfence
added 2023/01/24 4:6 p.m.12 views

The Wordfence 2022 State of WordPress Security Report

Today, the Wordfence Threat Intelligence team is releasing our 2022 State of WordPress Security Report as a free White Paper. In our report, we look at changes in the threat landscape, analyze impactful trends, and provide recommendations based on our findings. While most of our recommendations...

0.9AI score
Exploits0
kitploit
kitploit
added 2019/12/26 11:30 a.m.80 views

Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System

An Obfuscation-Neglect Android Malware Scoring System Concepts Android malware analysis engine is not a new story. Every antivirus company has their own secrets to build it. With curiosity, we develop a malware scoring system from the perspective of Taiwan Criminal Law in an easy but solid way. W...

7.2AI score
Exploits0References1
vulnrichment
vulnrichment
added 2019/02/23 6:0 p.m.8 views

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

7.6AI score0.02031EPSS
Exploits1References1
threatpost
threatpost
added 2018/08/02 1:33 p.m.14 views

Huge Cryptomining Attack on ISP-Grade Routers Spreads Globally

UPDATE A massive hacking campaign has been uncovered, compromising tens of thousands of MikroTik routers to embed Coinhive cryptomining scripts in websites using a known vulnerability. As of Thursday morning, Censys.io has reported more than 170,000 active MikroTik devices infected with the...

0.2AI score
Exploits0References6
packetstorm
packetstorm
added 2012/12/01 12:0 a.m.31 views

Buffalo Linkstation Privilege Escalation / Information Disclosure

Release Date. 30-Nov-2012 Last Update. - Vendor Notification Date. 23.Dec.2011 Product. Linkstation & Others Platform. Buffalo Technology Affected versions. Including Actual Version Severity Rating. Medium Impact. Privilege escalation, Information Disclosure Attack Vector. From remote Solution...

7.4AI score
Exploits0
threatpost
threatpost
added 2012/02/03 11:56 p.m.9 views

Privacy Fail: Is Uncle Sam Encouraging Bad Security?

CANCUN, MEXICO – A prominent privacy activist says that leading software vendors, and the U.S. government are failing the public when it comes to Internet privacy, and that big changes are needed to prevent consumers from criminals, advertisers and government spies. Christopher Soghoian, a...

1.2AI score
Exploits0References1
thn
thn
added 2010/12/28 12:56 a.m.16 views

Hackers Shut Down Six Websites, Including Credit-Card Sharing Forums

A group of hackers recently attacked and took offline several websites belonging to credit-card sharing groups, security experts, and other hacking communities that had neglected basic security practices. On Christmas morning, the administrators of six websites discovered their sites had been...

7.3AI score
Exploits0
Rows per page
Query Builder