Lucene search
K

107 matches found

Schneier on Security
Schneier on Security
added 2025/12/26 12:2 p.m.4 views

IoT Hack

Someone hacked an Italian ferry. It looks like the malware was installed by someone on the ferry, and not remotely...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-6295

Malware in sbrugna...

5.9CVSS6AI score0.00444EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-0487

Malware in sbrugna...

8.8CVSS8.8AI score0.0129EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/26 12:0 a.m.3 views

CVE-2025-25733

Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the devi...

6.6AI score0.00249EPSS
Exploits1References6
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/07 6:11 a.m.14 views

ICS testing best results. Hint: Blend your approach

TL;DR Onsite ICS testing is risk averse Laboratory ICS device testing uncovers more A blended approach is key How that works Demonstrable benefits Introduction For safety’s sake onsite ICS testing adopts a risk averse approach, even if scheduled during downtime or a maintenance period. It’s vital...

8.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/10/03 9:34 a.m.8 views

CVE-2023-37891 WordPress Exit Popups & Onsite Retargeting by OptiMonk Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin = 2.0.4 versions...

4.3CVSS7.1AI score0.00214EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.5 views

SUSE CVE-2011-0467

A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance...

8.8CVSS9.2AI score0.0129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.5 views

SUSE CVE-2011-3180

kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown...

7.5CVSS7.7AI score0.02578EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.5 views

SUSE CVE-2011-4193

Cross-site scripting XSS vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning...

4.3CVSS5.9AI score0.00942EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.6 views

SUSE CVE-2011-4195

kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name...

7.5CVSS7.7AI score0.01877EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:37 a.m.4 views

SUSE CVE-2013-3712

SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors...

10CVSS7.1AI score0.01366EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.3 views

SUSE CVE-2017-14806

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version...

5.9CVSS7AI score0.00444EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.4 views

SUSE CVE-2017-14807

An Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects:...

8.1CVSS8.3AI score0.01027EPSS
Exploits0References3
Wiz blog
Wiz blog
added 2022/10/21 2:52 p.m.8 views

KubeCon + CloudNativeCon North America 2022: Our top 10 sessions to attend

KubeCon 2022 will be full of great presentations and content. Here's our take on the conference sessions apart from our own that you shouldn't miss, whether you're onsite or attending virtually...

6.9AI score
Exploits0
OSV
OSV
added 2022/04/27 9:15 p.m.2 views

DEBIAN-CVE-2022-24891

ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the antisamy-esapi.xml configurati...

6.1CVSS6AI score0.01632EPSS
Exploits1References1
OSV
OSV
added 2022/04/27 9:15 p.m.1 views

UBUNTU-CVE-2022-24891

ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the antisamy-esapi.xml configurati...

6.1CVSS7AI score0.01632EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/04/27 12:0 a.m.6 views

OWASP ESAPI 安全漏洞

OWASP ESAPI is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. cross-site scripting vulnerabilities exist in versions of OWASP ESAPI prior to 2.3.0.0, which originate from the " onsiteURL" regular expression erro...

6.1CVSS8.3AI score0.01632EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2018:2207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.49268EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2017:0948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.2AI score0.02815EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2018:0975-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.19295EPSS
Exploits0References4
Rows per page
Query Builder