Lucene search
K

119 matches found

Vulnrichment
Vulnrichment
added 2024/06/11 5:0 p.m.33 views

CVE-2024-35265 Windows Perception Service Elevation of Privilege Vulnerability

...

7CVSS6.9AI score0.00365EPSS
Exploits0References1
CVE
CVE
added 2024/06/11 5:0 p.m.121 views

CVE-2024-35265

CVE-2024-35265 is described as a Windows Perception Service elevation-of-privilege vulnerability (local, CVSSv3.1 7.0). OpenVAS entries map it to Windows Perception Service with privilege-escalation impact. The connected documents show Microsoft security updates around June 2024, but there is no ...

7CVSS8.1AI score0.00365EPSS
Exploits0References1Affected Software7
Cvelist
Cvelist
added 2024/06/11 5:0 p.m.34 views

CVE-2024-35265 Windows Perception Service Elevation of Privilege Vulnerability

...

7CVSS0.00365EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/06/11 7:0 a.m.37 views

Windows Perception Service Elevation of Privilege Vulnerability

...

7CVSS7.1AI score0.00365EPSS
Exploits0
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.6 views

Microsoft Windows Perception Service security vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Perception Service. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are...

7CVSS6.6AI score0.00365EPSS
Exploits0References4
Fedora
Fedora
added 2024/03/07 10:33 p.m.20 views

[SECURITY] Fedora 40 Update: openni-1.5.7.10-33.fc40

OpenNI Open Natural Interaction is a multi-language, cross-platform framework that defines APIs for writing applications utilizing Natural Interaction. OpenNI APIs are composed of a set of interfaces for writing NI applications. The main purpose of OpenNI is to form a standard API that enables...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
Schneier on Security
Schneier on Security
added 2023/10/09 11:3 a.m.46 views

AI Risks

There is no shortage of researchers and industry titans willing to warn us about the potential destructive power of artificial intelligence. Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks--and the steps we ne...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/08/18 11:4 a.m.26 views

Bots Are Better than Humans at Solving CAPTCHAs

Interesting research: "An Empirical Study & Evaluation of Modern CAPTCHAs": Abstract: For nearly two decades, CAPTCHAS have been widely used as a means of protection against bots. Throughout the years, as their use grew, techniques to defeat or bypass CAPTCHAS have continued to improve. Meanwhile...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/20 8:15 a.m.24 views

Why businesses need a disinformation defense plan, with Lisa Kaplan: Lock and Code S04E13

When you think about the word "cyberthreat," what first comes to mind? Is it ransomware? Is it spyware? Maybe it's any collection of the infamous viruses, worms, Trojans, and botnets that have crippled countless companies throughout modern history. In the future, though, what many businesses migh...

10AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.17 views

TicketUtils: Number draws are not uniformly distributed

Lines of code Vulnerability details The number selection algorithm in TicketUtils.reconstructTicket "draws" winning numbers using modulo arithmetic and a random seed. However, selected numbers are not uniformly distributed. Due to modulo bias and successive draw logic, higher numbers will be draw...

7AI score
Exploits0
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.6 views

Microsoft Windows Perception Simulation Service 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Perception Simulation Service. The following products and versions are affected: Windows 10 Version 21H1 for x64-based Systems,Windows...

6.5CVSS6.9AI score0.36286EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2022/05/17 2:41 p.m.17 views

Long lost @ symbol gets new life obscuring malicious URLs

Threat actors have rediscovered an old and little-used feature of web URLs, the innocuous @ symbol we usually see in email addresses, and started using it to obscure links to their malicious websites. Researchers from Perception Point noticed it being used in a cyberattack against multiple...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/06/23 12:0 a.m.12 views

Lack of input validation on onlyOwner critical parameters

Handle 0xRajeev Vulnerability details Impact The owner potentially untrustworthy/malicious of the prize pool is allowed to set a liquidation cap for guarded launch and the credit rate and limit parameters which affect the crucial fairness of the pool. However, there is no input validation on thes...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/06 11:0 a.m.9 views

Threat Source Newsletter (May 6, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. COVID-19 has changed everything about our lives — no surprise there. So it also shouldn't be shocking that it's changing the way Americans view Tax Day this year. The deadline to file taxes is about a month later... This is only t...

4.3AI score
Exploits0
Hacker One
Hacker One
added 2020/11/04 6:35 p.m.75 views

U.S. Dept Of Defense: Unauthorized access to admin panel of the Questionmark Perception system at https://██████████

Summary: Due to the lack of access control, an anonymous attacker can compromise the administrator account on the Questionmark Perception system. Description: By using the service description which publicly accessible on the internet, and by bypassing the access control, an anonymous attacker can...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2020/02/25 6:7 p.m.48 views

RSAC 2020 Keynote: Changing the World's False Perception of Cybersecurity

SAN FRANCISCO – Today, cybersecurity is portrayed in the media and by businesses as an ongoing complex conflict between defenders and cybercriminals, with heightened noise around hyper-technical proof-of-concept attacks, or nation state threats. But, the reality is starkly different, said Rohit...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/02/12 2:0 p.m.36 views

Report to Your Management with the Definitive ‘IR Management and Reporting’ presentation Template

The realistic approach to security is that incidents occur. While ideally, the CISO would want to prevent all of them, in practice some will succeed to a certain degree—making the ability to efficiently manage an incident response process a mandatory skill for any CISO. Moreover, apart from the...

0.2AI score
Exploits0References4
Kitploit
Kitploit
added 2020/01/17 11:30 a.m.351 views

Gowitness - A Golang, Web Screenshot Utility Using Chrome Headless

gowitness is a website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using the command line. Both Linux and macOS is supported, with Windows support 'partially working'. Inspiration for gowitness comes from Eyewitness. If you are looking...

6.7AI score
Exploits0References5
Veracode
Veracode
added 2019/05/02 5:20 a.m.43 views

Privilege Escalation

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

7.8CVSS6.4AI score0.03646EPSS
Exploits15References26Affected Software1
Veracode
Veracode
added 2019/05/02 5:20 a.m.31 views

Integer Overflow

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

7.8CVSS6.2AI score0.03646EPSS
Exploits15References53Affected Software1
Rows per page
Query Builder