Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Github Security Blog
Github Security Blogadded 2024/05/14 10:11 p.m.39 views

Grafana directory traversal for .cvs files

Today we are releasing Grafana 8.3.2 and 7.5.12. This patch release includes a moderate severity security fix for directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability i...

4.3CVSS6.4AI score0.06405EPSS
Exploits0References9Affected Software1
Wired Threat Level
Wired Threat Leveladded 2023/09/07 12:1 a.m.22 views

The Comedy of Errors That Let China-Backed Hackers Steal Microsoft’s Signing Key

After leaving many questions unanswered, Microsoft explains in a new postmortem the series of slipups that allowed attackers to steal and abuse a valuable cryptographic key...

6.8AI score
Exploits0
Citrix
Citrixadded 2023/08/04 12:0 a.m.10 views

How to get dump file of random crash process with ProcDump tool

ProcDump can be activated as a postmortem debugger in Windows OS. The crash dump file can be automatically generated if a process crashed...

7.1AI score
Exploits0
GoogleProjectZero
GoogleProjectZeroadded 2021/12/01 12:0 a.m.120 views

This shouldn't have happened: A vulnerability postmortem

Posted by Tavis Ormandy, Project Zero Introduction This is an unusual blog post. I normally write posts to highlight some hidden attack surface or interesting complex vulnerability class. This time, I want to talk about a vulnerability that is neither of those things. The striking thing about thi...

9.8CVSS10AI score0.05243EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2021/08/30 4:12 p.m.35 views

TimelockController vulnerability in OpenZeppelin Contracts

Impact A vulnerability in TimelockController allowed an actor with the executor role to take immediate control of the timelock, by resetting the delay to 0 and escalating privileges, thus gaining unrestricted access to assets held in the contract. Instances with the executor role set to "open"...

10CVSS8.9AI score0.00443EPSS
Exploits0References5Affected Software1
Citrix
Citrixadded 2020/11/09 12:0 a.m.6 views

TestWER (Test Windows Error Reporting)

TestWER Test Windows Error Reporting Version 2.0 Created Date: 12/06/2006 Updated Date: 02/02/2011 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide...

7.6AI score
Exploits0
ThreatPost
ThreatPostadded 2014/03/25 2:52 p.m.5 views

Basecamp Back Online After DDoS, Extortion

The project management console Basecamp is back online and its developers are in the process of restoring customers’ network access Tuesday after the service was taken down by a distributed denial-of-service DDoS attack Monday. The attack started at 8:46 a.m. CST yesterday and flooded the site wi...

0.1AI score
Exploits0References3
Kitploit
Kitploitadded 2013/12/22 2:16 p.m.45 views

[WinAppDbg 1.5] Python Debugger

The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment. It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach...

8AI score
Exploits0
Rows per page
Query Builder