Lucene search
+L

113 matches found

RedHat Linux
RedHat Linux
added 2024/01/16 3:56 p.m.6 views

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.8 views

PT-2023-5618 · F5 · Big-Ip Apm

Name of the Vulnerable Software and Affected Versions: BIG-IP APM clients affected versions not specified Description: The issue is related to BIG-IP Access Policy Manager Clients APM Clients sending data in plain text, which can be exploited by a remote attacker to control the DNS server and...

8.2CVSS7.8AI score0.00237EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2023/05/08 11:49 a.m.37 views

How to Set Up a Threat Hunting and Threat Intelligence Program

Threat hunting is an essential component of your cybersecurity strategy. Whether you're getting started or in an advanced state, this article will help you ramp up your threat intelligence program. What is Threat Hunting? The cybersecurity industry is shifting from a reactive to a proactive...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/05 10:18 a.m.24 views

Lack of Visibility: The Challenge of Protecting Websites from Third-Party Scripts

Third-party apps such as Google Analytics, Meta Pixel, HotJar, and JQuery have become critical tools for businesses to optimize their website performance and services for a global audience. However, as their importance has grown, so has the threat of cyber incidents involving unmanaged third-part...

7.1AI score
Exploits0
Circl
Circl
added 2023/02/28 6:27 p.m.5 views

CVE-2023-0461

creationtimestamp| type| source ---|---|--- 2023-02-28 18:27:48+00:00| seen| https://t.me/cibsecurity/59107 2023-11-12 18:00:26+00:00| seen| https://t.me/arpsyndicate/124 2024-01-08 10:32:17+00:00| published-proof-of-concept| https://t.me/WARLOCKDARKARMYOFFICIALS/3815 2024-01-08 20:40:06+00:00|...

7.8CVSS6.8AI score0.00652EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/02/28 12:0 a.m.90 views

Oracle Linux 9 : php (ELSA-2023-0965)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0965 advisory. 8.0.27-1 - rebase to 8.0.27 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

9.8CVSS7.2AI score0.49336EPSS
Exploits6References6
OSV
OSV
added 2022/06/21 2:41 p.m.9 views

CLSA-2022-1655822512 Fixed 6 CVEs in kernel

net: qrtr: fix another OOB Read in qrtrendpointpost CVE-2021-3743 - vt: keyboard: avoid signed integer overflow in kascii CVE-2020-13974 - pNFS/flexfiles: fix incorrect size check in decodenfsfh CVE-2021-4157 - esp: Fix possible buffer overflow in ESP transformation CVE-2022-27666 - sock: remove...

8CVSS7AI score0.05524EPSS
Exploits4References1
The Hacker News
The Hacker News
added 2021/12/20 2:56 p.m.34 views

New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G

Researchers have disclosed security vulnerabilities in handover, a fundamental mechanism that undergirds modern cellular networks, which could be exploited by adversaries to launch denial-of-service DoS and man-in-the-middle MitM attacks using low-cost equipment. The "vulnerabilities in the...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/12/14 9:5 p.m.163 views

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations

It's been a long few days as organizations' security teams have worked to map, quantify, and mitigate the immense risk presented by the Log4Shell vulnerability within Log4j. As can be imagined, cybercriminals are working overtime as well, as they seek out ways to exploit this vulnerability. Need...

9.3CVSS0.6AI score0.99999EPSS
Exploits355
ThreatPost
ThreatPost
added 2021/04/23 5:13 p.m.85 views

5 Fundamental But Effective IoT Device Security Controls

As the pandemic continues to fuel the shift to remote work, numerous manufacturers have capitalized on this movement to create a multitude of handy internet of things IoT devices. While these devices may make our home and work lives more convenient, they greatly expand the attack surface for...

0.5AI score
Exploits0References8
OSV
OSV
added 2021/02/23 12:4 p.m.6 views

SUSE-SU-2021:14640-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: - Update to Java 7.0 Service Refresh 10 Fix Pack 80 bsc1182186, bsc1181239, CVE-2020-27221, CVE-2020-14803 CVE-2020-27221: Potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8...

9.8CVSS5.8AI score0.0316EPSS
Exploits0References5
OSV
OSV
added 2021/01/20 8:15 p.m.2 views

CVE-2021-1279

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service DoS attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory...

8.6CVSS7.4AI score0.01385EPSS
Exploits0References1
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/01/11 9:29 a.m.45 views

Where maritime cyber checklists fail

The coming IMO cyber security regulations are a step in the right direction towards vessel security, but the impracticality of assessing the cyber security of a ship, together with a huge skills shortage, leads classification societies towards checklist based assessments. Having seen some of thes...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/12/17 11:11 p.m.46 views

How to Increase Your Security Posture with Fewer Resources

With the number of COVID-19 cases increasing, another round of attacks is looming over schools and universities as they move into holiday break and prepare for the spring semester. According to a recent article the Wall Street Journal, there have been “nearly three dozen ransomware attacks agains...

7.1AI score
Exploits0References7
NCSC
NCSC
added 2020/09/03 12:0 a.m.4 views

Vulnerabilities fixed in FreeBSD

The developers of FreeBSD have fixed several vulnerabilities fixed in several network modules used by FreeBSD. used. A malicious party on the local network could potentially exploit the vulnerabilities potentially exploit them to cause a denial-of-service cause or execute arbitrary code with the...

7.5CVSS7.4AI score0.04472EPSS
Exploits1
Microsoft Secure
Microsoft Secure
added 2020/05/04 4:0 p.m.243 views

Mitigating vulnerabilities in endpoint network stacks

The skyrocketing demand for tools that enable real-time collaboration, remote desktops for accessing company information, and other services that enable remote work underlines the tremendous importance of building and shipping secure products and services. While this is magnified as organizations...

10CVSS10AI score0.9981EPSS
Exploits125
Schneier on Security
Schneier on Security
added 2020/04/17 3:35 p.m.27 views

The DoD Isn't Fixing Its Security Problems

It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them: GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals. In a majority of cases, DoD has not completed the cybersecurity training and...

0.8AI score
Exploits0
Kitploit
Kitploit
added 2020/03/12 11:30 a.m.481 views

Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities. NEWS Modules PTF UPDATE PTF OPtions...

9.8CVSS10AI score0.99999EPSS
Exploits123References1
Veracode
Veracode
added 2019/05/02 5:41 a.m.11 views

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel's netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially...

4.9CVSS7.8AI score0.03052EPSS
Exploits7References23Affected Software1
ThreatPost
ThreatPost
added 2019/01/28 4:4 p.m.123 views

Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution

UPDATE Malicious scanning activity targeting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN routers is underway, with a swell of opportunistic probes looking for vulnerable devices ramping up since Friday. According to Bad Packets Report’s honeypot data, cyberattackers are targeting a...

9CVSS7.7AI score0.99876EPSS
Exploits26References7
Rows per page
Query Builder