Lucene search
K

32 matches found

GithubExploit
GithubExploit
added 2025/10/28 7:56 p.m.301 views

Exploit for Deserialization of Untrusted Data in Microsoft

🚨 ALERTA CRÍTICA DE CIBERSEGURIDAD: RCE en WSUS CVE-2025-5928...

9.8CVSS9.8AI score0.99962EPSS
Exploits24
RedhatCVE
RedhatCVE
added 2025/05/22 7:10 p.m.10 views

CVE-2021-21410

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function uncompresshdriphc does not perform proper boundary chec...

9.1CVSS6.8AI score0.0123EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2022/12/05 10:30 p.m.76 views

Update now! Emergency fix for Google Chrome's V8 JavaScript engine zero-day flaw released

On Friday, December 2, Google rolled out an out-of-band patch for an actively exploited zero-day vulnerability in its V8 JavaScript engine. The flaw could allow attackers to cause a system crash or execute potentially malicious code. That means you'll want to update Chrome to patch against this...

0.2AI score0.16109EPSS
Exploits2
OSV
OSV
added 2021/06/18 8:15 p.m.5 views

CVE-2021-21282

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG...

9.8CVSS5.8AI score0.00993EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2021/03/09 6:51 a.m.3 views

Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices

Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content. Tracked as CVE-2021-1844 , the vulnerability was discovered and reported to the company by Cléme...

8.8CVSS7.8AI score0.02368EPSS
Exploits0
ThreatPost
ThreatPost
added 2020/11/03 1:57 p.m.851 views

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw

Oracle has released a rare out-of-band patch for a remote code-execution flaw in several versions of its WebLogic server. The vulnerability CVE-2020-14750 has a CVSS base score of 9.8 out of 10, and is remotely exploitable without authentication meaning it may be exploited over a network without...

10CVSS0.99997EPSS
Exploits85References25
ThreatPost
ThreatPost
added 2020/09/08 4:52 p.m.474 views

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

UPDATE Adobe has released fixes addressing five critical flaws in its popular Experience Manager content-management solution for building websites, mobile apps and forms. The cross-site scripting XSS flaws could allow attackers to execute JavaScript in targets’ browsers. Including Adobe Experienc...

6.8CVSS1.1AI score0.11294EPSS
Exploits1References17
ThreatPost
ThreatPost
added 2020/03/24 5:46 p.m.146 views

Critical Adobe Flaw Fixed in Out-of-Band Security Update

Adobe has released an out-of-band patch for a critical vulnerability in its Creative Cloud Desktop Application for Windows. The flaw can be exploited by an attacker to delete specific arbitrary files on the victim’s system. Creative Cloud acts as a central console for desktop users to quickly...

5.8CVSS0.4AI score0.0552EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2020/03/12 12:0 a.m.1384 views

CVE-2020-0796 - SMBGhost

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 SMBv3 protocol handles certain requests, aka ‘Windows SMBv3 Client/Server Remote Code Execution Vulnerability’. Recent assessments: jorgeorchilles at March 11, 2020 1:19pm UTC reported: Summary...

10CVSS9.5AI score0.9981EPSS
In wildExploits125References11
Tenable Nessus
Tenable Nessus
added 2020/03/11 12:0 a.m.160 views

Microsoft Windows SMBv3 Compression RCE (ADV200005)(CVE-2020-0796)(Deprecated)

This plugin has been deprecated due to an out-of-band patch being release by the vendor. The suggested mitigation provided in ADV200005 is no longer required. Plugin 134428 should be used instead to verify the patch is properly applied. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...

9.1AI score0.9981EPSS
Exploits125References2
The Hacker News
The Hacker News
added 2019/05/01 7:23 a.m.4 views

Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware

Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware. As suspected, a recently-disclosed critical vulnerability in the widely...

9.8CVSS8.1AI score0.99964EPSS
Exploits35
Talos Blog
Talos Blog
added 2018/12/19 4:19 p.m.176 views

Microsoft Patches Out-of-Band Internet Explorer Scripting Engine Vulnerability After Exploitation Detected in the Wild

Overview Microsoft released an out-of-band OOB patch on Wednesday related to a vulnerability in the scripting engine of Internet Explorer. This particular vulnerability is believed to be actively exploited in the wild and should be patched immediately. This remote code execution bug lies in the w...

7.6CVSS8AI score0.29822EPSS
Exploits0
ThreatPost
ThreatPost
added 2018/09/19 4:54 p.m.25 views

Critical Out-of-Band Patch Issued for Adobe Acrobat Reader

Adobe released patches for seven flaws in an unscheduled update for its Acrobat Reader and DC product, which could lead to arbitrary code execution. The patches, released Wednesday, come one week after Adobe’s regularly-scheduled September update. The flaws addressed include one “critical”...

7.5CVSS1.7AI score0.34703EPSS
Exploits0References3
Qualys Blog
Qualys Blog
added 2018/03/30 7:5 p.m.118 views

A “Patch for the Meltdown Patch” released out of band Thursday night

The Meltdown/Spectre saga continues… Late Thursday, Microsoft released a patch for Windows 7 and Server 2008 R2 operating systems to resolve CVE-2018-1038. Apparently, this vulnerability was actually introduced by the patches released in January to mitigate the effects of Meltdown. Microsoft did...

7.2CVSS7.3AI score0.08915EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2017/12/12 7:27 p.m.64 views

December Patch Tuesday: Quiet End to the Year

This December Patch Tuesday is considerably lighter than last month’s patch releases. While only three of the fixes were for Windows operating systems, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine-based. Overall, this month's updates address are fixes for 3...

9.3CVSS8.5AI score0.45521EPSS
Exploits6
The Hacker News
The Hacker News
added 2015/07/20 6:25 p.m.38 views

Microsoft releases Emergency Patch Update for all versions of Windows

In the wake of a critical Remote Code Execution vulnerability in all supported versions of its operating system platform, Microsoft has just issued an emergency fix. Yes, it’s time to patch your Windows operating system against an alarming security hole that could allow remote attackers to run...

9.3CVSS7.1AI score0.8669EPSS
Exploits6
ThreatPost
ThreatPost
added 2015/07/20 3:4 p.m.36 views

Microsoft Issues Critical, Out-of-Band Patch for All Versions of Windows

Microsoft released an out-of-band patch Monday that addresses a critical remotely exploitable flaw in all versions of Windows. The vulnerability stems from how Windows’ Adobe Type Manager Library handles OpenType fonts. If a user was tricked into either opening a rigged document or visiting an...

9.3CVSS0.6AI score0.99945EPSS
Exploits34References2
The Hacker News
The Hacker News
added 2015/03/05 9:1 p.m.47 views

Microsoft: All Windows versions Vulnerable to FREAK Vulnerability

Recently discovered FREAK vulnerability that apparently went undetected for more than a decade is reportedly affecting all supported versions of Microsoft Windows, making the flaw more creepy than what we thought. FREAK vulnerability is a disastrous SSL/TLS flaw disclosed Monday that allows an...

4.3CVSS5.7AI score0.13151EPSS
Exploits0
ThreatPost
ThreatPost
added 2014/02/11 1:52 p.m.21 views

Adobe Patches Shockwave, Fixes Two Vulnerabilities

Adobe joined Microsoft in releasing security patches today, sending out a fix for its Shockwave Player. The patch repairs critical vulnerabilities in the platform that could allow an attacker to remotely takeover an affected system. According to a post on its Product Security Incident Response Te...

10CVSS2.1AI score0.05972EPSS
Exploits2References3
ThreatPost
ThreatPost
added 2013/09/23 1:57 p.m.37 views

IE Zero Day Used in Targeted Attacks Against Japanese Firms

Attackers exploiting a zero-day vulnerability in Microsoft’s Internet Explorer browser have compromised several popular local Japanese media outlets and have infected systems belonging to government, high tech and manufacturing organizations in Japan. Researchers at FireEye said the attacks appea...

9.3CVSS8.6AI score0.99945EPSS
Exploits51References8
Rows per page
Query Builder