The Dark Web Economy Behind Ad Fraud: What Marketers Don’t See

Ad fraud networks use bots, deepfakes and spoofed traffic to drain PPC budgets. This report shows how fake clicks distort performance data...

Intel CIP Input Validation Error Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an input validation error vulnerability that stems from improper input validation, which can be exploited by an attacker to cause information...

Intel CIP Information Disclosure Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause information...

Intel CIP Elevation of Privilege Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from improper privilege management and can be exploited by an attacker to cause elevation of...

Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...

Intel CIP Improper Access Control Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an Improper Access Control vulnerability that can be exploited by an attacker to cause information disclosure...

CVE-2025-64502 Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. The MongoDB explain method provides detailed information about query execution plans, including index usage, collection scanning behavior, and performance metrics. Prior to version 8.5.0-alpha....

EUVD-2021-14906

Malware in sbrugna...

EUVD-2025-28614

Malicious code in bioql PyPI...

CVE-2025-56432

A cross-site scripting XSS vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-relat...

CVE-2025-56432

A cross-site scripting XSS vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-relat...

PT-2025-34786 · Nagios Enterprises · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI version 2024R2 Description: A cross-site scripting XSS vulnerability exists that allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in ...

CVE-2025-56432

A cross-site scripting XSS vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-relat...

CVE-2025-56432

CVE-2025-56432 affects Nagios XI 2024R2. A cross-site scripting (XSS) vulnerability exists in a web component that renders performance-related data, allowing remote attackers to run arbitrary JavaScript in the context of a logged-in user via a specially crafted URL. The PT-2025-34786 entry confir...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 2024R2, which stems from cross-site scripting in a...

CVE-2025-56432

A cross-site scripting XSS vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-relat...

CVE-2021-28216

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE...

CVE-2012-1292

Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors...

CVE-2024-10405

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs, IP Addresses, but no...

CVE-2024-10405 Weak TLS Ciphers on Brocade SANnav port 443 & 18082

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs, IP Addresses, but no...