Lucene search
K

52 matches found

Imperva Blog
Imperva Blog
added 2026/05/06 9:39 a.m.9 views

API Security Operations: How to Move from Visibility to Measurable Risk Reduction

A five-level operating model for turning API security visibility into measurable risk reduction, faster remediation, and confident digital growth — without slowing development. What is API security operationalization? API security operationalization is the process of converting API discovery and...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:47 p.m.5 views

CVE-2026-20058

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

5.8CVSS6AI score0.0039EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2026/01/21 10:24 p.m.5 views

CVE-2026-21955

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS5.4AI score0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/09 11:51 p.m.3 views

EUVD-2025-33632

Malicious code in react-outcome-error-alert npm...

6.6AI score
Exploits0References1
Snyk
Snyk
added 2025/10/09 11:51 p.m.3 views

Malicious Package

Overview react-outcome-error-alert is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/09 11:51 p.m.4 views

Malicious code in react-outcome-error-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf316b6e96271df51ad30f147aa205bb372c306b2a929a854bafb68c41a5cf88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/10/09 11:51 p.m.3 views

MAL-2025-48267 Malicious code in react-outcome-error-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf316b6e96271df51ad30f147aa205bb372c306b2a929a854bafb68c41a5cf88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-14732

Malware in sbrugna...

5CVSS5.8AI score0.0047EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-5968

Malware in sbrugna...

4CVSS6.1AI score0.0111EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-23729

Malware in sbrugna...

9.8CVSS9.2AI score0.01493EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-21621

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Easily...

6CVSS7.1AI score0.00316EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/07/21 12:0 a.m.5 views

Cyber Security of Mega Events: a Case Study of Securing the Digital Infrastructure for MahaKumbh 2025 -- a 45 Days Mega Event of 600 Million Footfalls

Mega events such as the Olympics, World Cup tournaments, G-20 Summit, religious events such as MahaKumbh are increasingly digitalized. From event ticketing, vendor booth or lodging reservations, sanitation, event scheduling, customer service, crime reporting, media streaming and messaging on...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.3 views

Lessons for Cybersecurity from the American Public Health System

The United States needs national institutions and frameworks to systematically collect cybersecurity data, measure outcomes, and coordinate responses across government and private sectors, similar to how public health systems track and address disease outbreaks...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:30 p.m.6 views

CVE-2021-1079

NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the...

6.1CVSS6.8AI score0.0028EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/07/22 10:41 a.m.21 views

MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success", which...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2024/05/16 10:15 p.m.4 views

CVE-2023-26862

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

5.9AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.8 views

The vulnerability of the sub-component “Outcome-Result” of the component “Oracle Customer Interaction History” in the Oracle E-Business Suite system, which allows a malicious user to access, modify, add, or delete data.

The vulnerability of the CRM User Management Framework component of the Oracle Customer Interaction History system within the Oracle E-Business Suite relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain access to read, modify, add, or...

6.4CVSS6.8AI score0.00342EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.6 views

The vulnerability of the Outcome-Result sub-component of the Oracle Customer Interaction History component in the Oracle E-Business Suite system allows a malicious actor to gain access to read, modify, add, or delete data.

The vulnerability of the CRM User Management Framework component of the Oracle Customer Interaction History component within the Oracle E-Business Suite system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain access to read, modify...

6.4CVSS6.8AI score0.00361EPSS
Exploits0References4Affected Software2
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.14 views

Liquidator has no incentives to execute a favorable trade to the borrower

Lines of code Vulnerability details Summary Swaps involved in liquidations may negatively impact the owner of the lien, since there is no incentive to execute a favorable trade as long as the received amount is enough to recover the liquidity. Impact When an existing position is closed, the...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/07/28 12:0 a.m.14 views

It's possible to block some user from voting for (or against) some proposal

Lines of code Vulnerability details Note: Although some code involved is inside a contract which is out of scope, I argue that this finding is in scope, since the vulnerability exists in the in-scope contract. In the Arcade protocol, there are several voting vaults implemented so that users can u...

6.8AI score
Exploits0
Rows per page
Query Builder