Lucene search
K

42 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29909

Malicious code in bioql PyPI...

7CVSS6.3AI score0.01416EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-23622

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00385EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/07 12:31 a.m.8 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

7.5CVSS6AI score0.00385EPSS
Exploits0References1
NVD
NVD
added 2025/08/05 3:15 p.m.5 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

7.5CVSS0.00385EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.7 views

PT-2025-31932 · Emsisoft · Emsisoft Anti-Malware

Name of the Vulnerable Software and Affected Versions: Emsisoft Anti-Malware versions prior to 2024.12 Description: A vulnerability in the scanning module of Emsisoft Anti-Malware allows attackers on a remote server to obtain Net-NTLMv2 hash information by using a specially crafted A2S Emsisoft...

7.5CVSS6.5AI score0.00385EPSS
Exploits0References6
CVE
CVE
added 2025/08/05 12:0 a.m.19 views

CVE-2025-29745

CVE-2025-29745 affects the scanning module of Emsisoft Anti-Malware older than 2024.12. The vulnerability allows a remote attacker to obtain Net-NTLMv2 hash information by supplying a specially crafted A2S (Emsisoft Custom Scan) extension file. Affected product: Emsisoft Anti-Malware; vulnerable ...

7.5CVSS6.7AI score0.00385EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/05 12:0 a.m.5 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

6.1AI score0.00385EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/05 12:0 a.m.11 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

0.00385EPSS
Exploits0References2
OSV
OSV
added 2025/06/11 2:15 a.m.5 views

CVE-2024-1243

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

7.2CVSS8.2AI score0.00545EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.5 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

5CVSS6.6AI score0.01416EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2025/01/17 12:0 a.m.261 views

Emsisoft Anti-Malware Net-NTLMv2 Hash Information Disclosure

A vulnerability affecting the scanning module in Emsisoft Anti-Malware versions prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file. Title: Emsisoft Anti-Malware 2024.12 - ".A2S" Net-NTLMv2 Hash...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/11/12 9:59 p.m.44 views

Microsoft Patch Tuesday, November 2024 Edition

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed...

9.8CVSS9AI score0.81817EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/05/04 8:38 a.m.46 views

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union E.U., the North Atlantic Treaty Organization NATO, the U.K., and the U.S. The Cze...

9.8CVSS7.6AI score0.97408EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2024/04/12 12:0 a.m.149 views

Security Updates Outlook for Windows (April 2024)

The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by a spoofing vulnerability. External attackers could send specially crafted emails that will cause a connection from the victim to an untrusted location of attackers' control...

8.1CVSS8.1AI score0.02309EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/12/05 6:59 a.m.71 views

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called...

9.8CVSS9.5AI score0.97798EPSS
Exploits67
Securelist
Securelist
added 2023/12/01 10:0 a.m.186 views

IT threat evolution Q3 2023

IT threat evolution in Q3 2023 IT threat evolution in Q3 2023. Non-mobile statistics IT threat evolution in Q3 2023. Mobile statistics Targeted attacks Unknown threat actor targets power generator with DroxiDat and Cobalt Strike Earlier this year, we reported on a new variant of SystemBC called...

9.3CVSS8.3AI score0.99945EPSS
Exploits80
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.10 views

PT-2023-27915 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.22.5 GeoServer versions prior to 2.23.2 GeoServer version 2.10.3 GeoServer version 2.11.1 Description: The issue concerns the use of dynamic styles in GeoServer, which can lead to Service Side Request Forgery. Th...

8.6CVSS5.2AI score0.00514EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2023/05/07 6:21 p.m.650 views

Exploit for Improper Input Validation in Microsoft

PoC exploit for CVE-2023-23397, a vulnerability in the Apache HT...

9.8CVSS9.2AI score0.97408EPSS
Exploits18
The Hacker News
The Hacker News
added 2023/03/25 6:13 a.m.6 views

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

Microsoft on Friday shared guidance to help customers discover indicators of compromise IoCs associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 CVSS score: 9.8, the critical flaw relates to a case of privilege escalation that could be exploited to steal NT LAN...

9.8CVSS7.2AI score0.97408EPSS
Exploits18
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/03/24 6:30 p.m.301 views

Guidance for investigating attacks using CVE-2023-23397

This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397. A successful exploit of this vulnerability can result in unauthorized access to an organization’s environment by triggering a Net-NTLMv2 hash leak...

9.6AI score0.97408EPSS
Exploits18
Rows per page
Query Builder