CVE-2022-4992 Dräger Infinity M540 VG4.1.1 Spoofed Network Message Handling DoS/Tampering

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower with VG4.2 partially affected contain a network message handling vulnerability that allows remote attackers to inject spoofed or tampered data and cause denial-of-service condition...

CVE-2026-34351 Windows TCP/IP Elevation of Privilege Vulnerability

...

Pack-A-Mal: A Malware Analysis Framework for Open-Source Packages

The increasingly sophisticated environment in which attackers operate makes software security an even greater challenge in open-source projects, where malicious packages are prevalent. Static analysis tools, such as Malcontent, are highly useful but are often incapable of dealing with obfuscated...

EUVD-2019-14683

Malware in sbrugna...

EUVD-2022-51006

Malicious code in bioql PyPI...

EUVD-2022-32378

Malicious code in bioql PyPI...

CVE-2019-5077

An exploitable denial-of-service vulnerability exists in the iocheckd service ‘’I/O-Chec’’ functionality of WAGO PFC 200 Firmware versions 03.01.0713 and 03.00.3912, and WAGO PFC 100 Firmware version 03.00.3912. A specially crafted set of packets can cause a denial of service, resulting in the...

USN-7330-2: Ansible regression

USN-7330-1 fixed vulnerabilities in Ansible. The update introduced a regression when attempting to install Ansible on Ubuntu 16.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Ansible did not properly verify certain fiel...

Ubuntu 16.04 LTS : PostgreSQL vulnerabilities (USN-7358-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7358-1 advisory. Wolfgang Walther discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use this issue to perform...

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a buffer over-reading issue contained in WLAN host communications...

Fortinet FortiVoice Path Traversal Vulnerability

Fortinet FortiVoice is a network communications solution from Fortinet, Inc. A path traversal vulnerability exists in FortiVoice fortivoice. The vulnerability stems from the program failing to properly filter for special elements in the path of a resource or file. An attacker could exploit this...

IBM Planning Analytics Information Disclosure Vulnerability (CNVD-2023-9817594)

IBM Planning Analytics is a suite of business planning analytics solutions from International Business Machines IBM. The solution supports automated execution of processes such as business planning, budgeting and analysis. IBM Planning Analytics suffers from an information disclosure vulnerabilit...

New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows

A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. "BPFDoor retains its reputation as an extremely stealthy and difficult-to-detect malware with...

Hunting Russian Intelligence “Snake” Malware

SUMMARY The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service FSB for long-term intelligence collection on sensitive targets. To conduct operations using this tool, the FSB created a covert peer-to-peer P2P...

Beyond Traditional Security: NDR's Pivotal Role in Safeguarding OT Networks

Why is Visibility into OT Environments Crucial? The significance of Operational Technology OT for businesses is undeniable as the OT sector flourishes alongside the already thriving IT sector. OT includes industrial control systems, manufacturing equipment, and devices that oversee and manage...

CVE-2022-27890

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

CVE-2022-27890

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...