Lucene search
K

157 matches found

NVD
NVD
added 2025/11/24 1:16 p.m.4 views

CVE-2025-41017

Inadequate access control vulnerability in Davantis DDFUSION v6.177.7, which allows unauthorised actors to retrieve perspective parameters from security camera settings by accessing “/cameras//perspective”...

6.9CVSS0.00249EPSS
Exploits0References1
CVE
CVE
added 2025/11/24 12:20 p.m.8 views

CVE-2025-41017

Davantis DDFUSION v6.177.7 contains an inadequate access control vulnerability that could allow unauthenticated actors to retrieve camera perspective parameters. The issue arises from insufficient access restrictions on the endpoint /cameras//perspective, potentially exposing security camera conf...

6.9CVSS6.5AI score0.00249EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/24 12:20 p.m.3 views

CVE-2025-41017 Multiple vulnerabilities in DFUSION by Davantis

Inadequate access control vulnerability in Davantis DDFUSION v6.177.7, which allows unauthorised actors to retrieve perspective parameters from security camera settings by accessing “/cameras//perspective”...

6.9CVSS6.5AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/24 12:20 p.m.11 views

CVE-2025-41017 Multiple vulnerabilities in DFUSION by Davantis

Inadequate access control vulnerability in Davantis DDFUSION v6.177.7, which allows unauthorised actors to retrieve perspective parameters from security camera settings by accessing “/cameras//perspective”...

6.9CVSS0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/24 12:0 a.m.4 views

PT-2025-47904

Inadequate access control vulnerability in Davantis DDFUSION v6.177.7, which allows unauthorised actors to retrieve perspective parameters from security camera settings by accessing “/cameras//perspective”...

6.9CVSS6.9AI score0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11962

Malware in sbrugna...

8.8CVSS8.8AI score0.02303EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-11949

Malware in sbrugna...

4.3CVSS4.7AI score0.00908EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-42871

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00612EPSS
Exploits1References1
MSRC
MSRC
added 2025/09/04 7:0 a.m.14 views

Why XSS still matters: MSRC’s perspective on a 25-year-old threat

Cross-Site Scripting XSS has been a known vulnerability class for two decades, yet it continues to surface in modern applications, including those built with the latest frameworks and cloud-native architectures. At Microsoft, we still receive a steady stream of XSS reports across our services, fr...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/04 12:0 a.m.3 views

NeuroBreak: Unveil Internal Jailbreak Mechanisms in Large Language Models

In deployment and application, large language models LLMs typically undergo safety alignment to prevent illegal and unethical outputs. However, the continuous advancement of jailbreak attack techniques, designed to bypass safety mechanisms with adversarial prompts, has placed increasing pressure ...

7.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/07 12:0 a.m.5 views

CVE-2025-45765

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."...

7.5AI score0.00152EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/07/13 12:0 a.m.2 views

AdvGrasp: Adversarial Attacks on Robotic Grasping from a Physical Perspective

Adversarial attacks on robotic grasping provide valuable insights into evaluating and improving the robustness of these systems. Unlike studies that focus solely on neural network predictions while overlooking the physical principles of grasping, this paper introduces AdvGrasp, a framework for...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/07 12:0 a.m.4 views

DATABench: Evaluating Dataset Auditing in Deep Learning from an Adversarial Perspective

The widespread application of Deep Learning across diverse domains hinges critically on the quality and composition of training datasets. However, the common lack of disclosure regarding their usage raises significant privacy and copyright concerns. Dataset auditing techniques, which aim to...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.1 views

Living Long Doing Pentests

Whitepaper called Living Long Doing Pentests. It discusses basic LLDP protocol fuzzing and usage from a pentester's point of view...

7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2025/05/30 1:0 p.m.5 views

The Akamai Innovation Tour: A Journey in Perspective and Partnership

“What does innovation mean to you?” Read how one marketer answered that question after attending the 2025 Akamai Innovation Tour...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/29 12:0 a.m.6 views

Bayesian Perspective on Memorization and Reconstruction

We introduce a new Bayesian perspective on the concept of data reconstruction, and leverage this viewpoint to propose a new security definition that, in certain settings, provably prevents reconstruction attacks. We use our paradigm to shed new light on one of the most notorious attacks in the...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:56 a.m.16 views

CVE-2024-42531

Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live video stream by crafting a set of RTSP packets with a specific set of URLs that can be used to redirect the camera feed. NOTE: the vendor's perspective is that the Anonymous120386 sample code can establi...

9.8CVSS7.2AI score0.00584EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.11 views

CVE-2023-28850

Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other...

6.1CVSS6.9AI score0.00575EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/04/01 12:0 a.m.1 views

Advanced XSS Exploitation - Capturing User Local Storage Data

In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to capture data from the client's local storage and send it to an external server. The paper is primarily focusing on a pentesting perspective but also discusses mitigations. Written in Brazilia...

6.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.5 views

The vulnerability of the VMware Aria Operations for Logs network log analysis tool arises due to the lack of security measures taken to protect the website structure. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor, operating remotely, to perform certain operations from the perspective of a user administrating the syst...

9CVSS8.1AI score0.00642EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder