4 matches found
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant , says it backdoored the PAM and OpenSSH components that decide who is allowed to sign i...
CVE-2025-12776
The Report Builder component of the application stores user input directly in a web page and displays it to other users, which raised concerns about a possible Cross-Site Scripting XSS attack. Proper management of this functionality helps ensure a secure and seamless user experience. Although the...
CVE-2020-7270
Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense ATD prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deploy...
PT-2021-12644 · Mcafee · Mcafee Advanced Threat Defense
Name of the Vulnerable Software and Affected Versions: McAfee Advanced Threat Defense ATD versions prior to 4.12.2 Description: The issue allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter in the web interface. The risk is...