Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29909

Malicious code in bioql PyPI...

7CVSS6.3AI score0.0145EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-23622

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00402EPSS
Exploits0References2
NVD
NVD
added 2025/08/05 3:15 p.m.7 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

7.5CVSS0.00402EPSS
Exploits0References2
CVE
CVE
added 2025/08/05 12:0 a.m.19 views

CVE-2025-29745

CVE-2025-29745 affects the scanning module of Emsisoft Anti-Malware older than 2024.12. The vulnerability allows a remote attacker to obtain Net-NTLMv2 hash information by supplying a specially crafted A2S (Emsisoft Custom Scan) extension file. Affected product: Emsisoft Anti-Malware; vulnerable ...

7.5CVSS6.7AI score0.00402EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/05 12:0 a.m.5 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

6.1AI score0.00402EPSS
Exploits0References2
OSV
OSV
added 2025/06/11 1:15 a.m.5 views

CVE-2024-1243 Remote code execution and local privilege escalation in Wazuh Windows agent via NetNTLMv2 hash theft

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

9.5CVSS7.8AI score0.00545EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.8 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

5CVSS6.6AI score0.0145EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2024/04/12 12:0 a.m.151 views

Security Updates Outlook for Windows (April 2024)

The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by a spoofing vulnerability. External attackers could send specially crafted emails that will cause a connection from the victim to an untrusted location of attackers' control...

8.1CVSS8.1AI score0.02309EPSS
Exploits0References2
Securelist
Securelist
added 2023/12/01 10:0 a.m.192 views

IT threat evolution Q3 2023

IT threat evolution in Q3 2023 IT threat evolution in Q3 2023. Non-mobile statistics IT threat evolution in Q3 2023. Mobile statistics Targeted attacks Unknown threat actor targets power generator with DroxiDat and Cobalt Strike Earlier this year, we reported on a new variant of SystemBC called...

9.3CVSS8.3AI score0.99945EPSS
Exploits80
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/03/24 6:30 p.m.309 views

Guidance for investigating attacks using CVE-2023-23397

This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397. A successful exploit of this vulnerability can result in unauthorized access to an organization’s environment by triggering a Net-NTLMv2 hash leak...

9.6AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/16 7:10 p.m.437 views

Exploit for Improper Input Validation in Microsoft

A Simple PoC in PowerShell for CVE-2023-23397 CVE-2023-23397...

9.8CVSS10AI score0.97408EPSS
Exploits18
ATTACKERKB
ATTACKERKB
added 2022/04/14 4:15 p.m.5 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

7CVSS6.7AI score0.0145EPSS
Exploits2References3
OSV
OSV
added 2022/04/14 4:15 p.m.5 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

5CVSS5.8AI score0.0145EPSS
Exploits2References2
NVD
NVD
added 2022/04/14 4:15 p.m.23 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

5CVSS0.0145EPSS
Exploits2References2
Prion
Prion
added 2022/04/14 4:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

4.3CVSS5AI score0.0145EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2022/04/14 3:18 p.m.26 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

5.3AI score0.0145EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.3 views

PT-2022-2554 · Amazon · Amazon Aws Client Vpn

Name of the Vulnerable Software and Affected Versions: Amazon AWS VPN Client version 2.0.0 Description: The issue is related to the Amazon AWS VPN Client, where it is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass...

7CVSS9.3AI score0.0145EPSS
Exploits2References11
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.4 views

PT-2022-2555 · Amazon · Amazon Aws Client Vpn

Name of the Vulnerable Software and Affected Versions: Amazon AWS VPN Client version 2.0.0 Description: An issue exists in the Amazon AWS VPN Client, allowing parameters outside of the allow list to be injected into the configuration file. This can lead to an arbitrary file write as SYSTEM with...

7CVSS9.3AI score0.00518EPSS
Exploits1References20
Rows per page
Query Builder