RHEL 8 : libsoup (RHSA-2026:1948)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1948 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leadi...

Microsoft NTLM 安全漏洞

Microsoft NTLM is a Microsoft authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. A security vulnerability exists in Microsoft NTLM. An attacker could exploit the vulnerability to perform spoofing attacks. The following...

EUVD-2021-18830

Malware in sbrugna...

EUVD-2022-38643

Malicious code in bioql PyPI...

EUVD-2025-2440

Malicious code in bioql PyPI...

EUVD-2023-29515

Malicious code in bioql PyPI...

EUVD-2023-31933

Malicious code in bioql PyPI...

EUVD-2023-28888

Malicious code in bioql PyPI...

About Spoofing – Windows NTLM (CVE-2025-24054) vulnerability

About Spoofing - Windows NTLM CVE-2025-24054 vulnerability. It was patched in the March Microsoft Patch Tuesday. VM vendors didn't mention this vulnerability in their reviews; it was only known to be exploited via user interaction with a malicious file. A month later, on April 16, Check Point...

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection...

CVE-2020-6275

SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, are vulnerable for Server Side Request Forgery Attack where in an attacker can use inappropriate path names containing malicious server names in the import/export of sessions functionality and coerce...

CVE-2025-21311 Windows NTLM V1 Elevation of Privilege Vulnerability

...

CVE-2025-21311

CVE-2025-21311 is a Windows NTLMv1 Elevation of Privilege vulnerability. Affected product: Windows NTLM V1. The issue is remotely exploitable over the network with no user interaction required and can lead to a complete compromise of the target (CVSS v3.1: 9.8, Confidentiality, Integrity and Avai...

CVE-2025-21217

CVE-2025-21217 is a Windows NTLM spoofing vulnerability with a CVSS v3.1 base score of 6.5 (Network, low attack complexity, no privileges required, user interaction required; Confidentiality impact: High). Exploitation details, affected products/versions, and a fixed patch are not provided in the...

KB5049984: Windows Server version 23H2 Security Update (January 2025)

The remote Windows host is missing security update 5049984. It is, therefore, affected by multiple vulnerabilities - Windows NTLM V1 Elevation of Privilege Vulnerability CVE-2025-21311 - Windows Telephony Service Remote Code Execution Vulnerability CVE-2025-21223, CVE-2025-21233, CVE-2025-21236,...

Critical Windows Zero-Day Alert: No Patch Available Yet for Users

Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day.…...

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

A newly patched security flaw impacting Windows NT LAN Manager NTLM was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 CVSS score: 6.5, refers to an NTLM hash disclosure spoofing vulnerability th...

Microsoft Windows Security Vulnerabilities

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft USA. A security vulnerability exists in Microsoft Windows NTLM. An attacker could exploit this vulnerability to perform spoofing attacks. The following products and versions are affected:Windows 10 Versio...

CVE-2023-28225

Windows NTLM Elevation of Privilege Vulnerability...

Microsoft Windows NTLM 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows NTLM. The following products and editions are affected: Windows Server 2022,Windows Server 2022 Server Core...