EUVD-2021-27672

Malicious code in bioql PyPI...

Device Presence Anomaly Detected (Low)

It is important to know what assets exist in your network. New assets can indicate unexpected network connections, third-party connectivity, or potential threats to the network. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Device Presence Anomaly Detected (Medium)

It is important to know what assets exist in your network. New assets can indicate unexpected network connections, third-party connectivity, or potential threats to the network. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Device Presence Anomaly Detected (High)

It is important to know what assets exist in your network. New assets can indicate unexpected network connections, third-party connectivity, or potential threats to the network. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2025-27776 Applio allows SSRF and file write in model_download.py

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery SSRF and file write in modeldownload.py line 240 in 3.2.7. The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the...

Moxa MXsecurity Command Injection Vulnerability

Moxa MXsecurity is a management platform from China's Moxa MOXA Inc. It provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. Moxa MXsecurity suffers from a command injection...

Vulnerability Management vs. Vulnerability Assessment

Evolving networks and evolving threats When it comes to protecting your cloud or hybrid networks, what you don't know can most certainly hurt your enterprise. Today's NetOps teams are tasked with monitoring the health and performance of both on-premises and cloud applications, as well as software...

Leverage Virtual Patching to Prevent Network Threats

Implementing an intrusion prevention system is only one step in your cybersecurity efforts. Learn how virtual patching helps keep your IPS up to date and protect against zero-day threats, keeping your systems safe from attack...

Command Execution Vulnerability in NS-NGFW of Next Generation Firewall of Beijing Netcom Technology Company Limited (CNVD-2021-40218)

Next Generation Firewall NS-NGFW is a high-performance application layer firewall launched by Netcom Technology that can comprehensively deal with network threats. A command execution vulnerability exists in NS-NGFW, which can be exploited by an attacker to gain server control privileges...

Command Execution Vulnerability in V8+ Terminal Security (CNVD-2021-30535)

V8+ Terminal Security System is a new-generation enterprise terminal security software, which can dynamically detect, real-time process, and trace unknown threats in the user's network across the network to meet the increasingly complex needs of domestic enterprise users for security protection o...

Command Execution Vulnerability in Next Generation Firewall NS-NGFW

Next Generation Firewall NS-NGFW is a high-performance application layer firewall launched by Netcom Technology that can comprehensively deal with network threats. A command execution vulnerability exists in the Next Generation Firewall NS-NGFW, which can be exploited by an attacker to gain serve...

File Upload Vulnerability in NGFW of Netcom NGFW

Netcom Next Generation Firewall NGFW is an application layer firewall launched by Netcom Technology that can comprehensively deal with network threats. A file upload vulnerability exists in NGFW. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

Enterprise Security Woes Explode with Home Networks in the Mix

The work-from-home WFH paradigm that has become the new normal in the age of coronavirus comes with exacerbated network security risk – as evidenced by growing a number of botnets and automated attacks that are taking advantage of known vulnerabilities in both consumer and corporate IT gear. The...

Malware Risks Triple on WFH Networks: Experts Offer Advice

Home office networks are 3.5 times more likely than corporate networks to be infected by malware, according a report from BitSight. That statistic comes into sharp focus as the coronavirus pandemic forces companies to shift to a work-from-home workforce. Those home networks that remote workers ar...

The Everyday Cyber Threat Landscape: Trends from 2019 to 2020

The past 12 months have been another bumper year for cybercrime affecting everyday users of digital technology. Trend Micro blocked more than 26.8 billion of these threats in the first half of 2019 alone. The bad news is that there are many more out there waiting to steal your personal data for...

How Machine Learning can Expose and Illustrate Network Threats

Although machine learning algorithms have been around for years, additional use cases are being discovered and applied all the time, particularly when it comes to network and data security. As years have passed, the skills and sophisticated approaches being utilized by hackers have risen in...

This Week in Security News: Holiday Cybercriminals & Cryptomining Malware

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn the common threats and the best practices for defending against cybercriminals during November’s online shopping season. Also, see the...

SUSE-SU-2018:3082-1 Security update for java-1_8_0-ibm

This update for java-180-ibm to 8.0.5.20 fixes the following issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit...

The connected workforce: The importance of protecting home and corporate networks

In the current corporate and employee landscape, workers are leveraging a variety of endpoints from a range of different locations to access enterprise systems and assets. Staff members are no longer chained to their desks, and many employers and workers alike have begun taking advantage of...

Insecure Apps that Open Ports Leave Millions of Smartphones at Risk of Hacking

A team of researchers from the University of Michigan discovered that hundreds of applications in Google Play Store have a security hole that could potentially allow hackers to steal data from and even implant malware on millions of Android smartphones. The University of Michigan team says that t...