Lucene search
K

18 matches found

The Hacker News
The Hacker News
added 2025/12/01 5:7 a.m.4 views

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools. "These attacks highlight a notable shift in Tomiris's tactics, name...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.2 views

Morning 安全漏洞

Morning is a public service online e-commerce store by the individual developer of Morning in China. A security vulnerability exists in Morning bc782730c74ff080494f145cc363a0b4f43f7d3e and prior versions, which stems from vulnerability to cross-site request forgery attacks...

5.3CVSS4.8AI score0.00241EPSS
Exploits0References5
CISA
CISA
added 2025/03/06 12:0 p.m.4 views

FBI Warns of Data Extortion Scam Targeting Corporate Executives

The Federal Bureau of Investigation FBI Internet Crime Complaint Center IC3 has released an alert warning of a scam involving criminal actors masquerading as the “BianLian Group.” The cyber criminals target corporate executives by sending extortion letters threatening to release victims’ sensitiv...

6.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:27 p.m.5 views

Malicious code in Be.Vlaanderen.Basisregisters.PublicServicеRegistry.Aрi.Backoffice (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 1:27 p.m.5 views

MAL-2024-4057 Malicious code in Be.Vlaanderen.Basisregisters.PublicServicеRegistry.Aрi.Backoffice (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:27 p.m.4 views

Malicious code in Be.Vlaanderen.Basisregisters.PսblicServicеRegistry.Aрi.Bаckoffice (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/03/15 7:57 p.m.22 views

GHSA-2QPH-QPVM-2QF7 tls-listener affected by the slow loris vulnerability with default configuration

Summary With the default configuration of tls-listener, a malicious user can open 6.4 TcpStreams a second, sending 0 bytes, and can trigger a DoS. Details The default configuration options make any public service using TlsListener::new vulnerable to a slow-loris DoS attack. rust /// Default numbe...

7.5CVSS7.4AI score0.00964EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2024/03/15 7:57 p.m.32 views

tls-listener affected by the slow loris vulnerability with default configuration

Summary With the default configuration of tls-listener, a malicious user can open 6.4 TcpStreams a second, sending 0 bytes, and can trigger a DoS. Details The default configuration options make any public service using TlsListener::new vulnerable to a slow-loris DoS attack. rust /// Default numbe...

7.5CVSS6.8AI score0.00964EPSS
Exploits1References7Affected Software1
CNVD
CNVD
added 2023/12/06 12:0 a.m.9 views

China's bidding and tendering public service platform has information leakage vulnerability

China's bidding and tendering public service platform provides market public information services for bidding and tendering transaction platforms and parties, realizing the pooling, sharing, dynamics and openness of market information, and providing data support for regulating and supervising the...

6.7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/10/12 3:15 p.m.3 views

CVE-2021-40495

There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeaver Application...

5.3CVSS6AI score0.01031EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/04/25 12:0 a.m.2 views

SQL Injection Vulnerability in Public Service Platform for Tenders and Bids

China Bidding Public Service Platform Co., Ltd. in the National Development and Reform Commission under the guidance and promotion of the China Bidding and Tendering Association, led by eight enterprises jointly invested in the establishment of public service enterprises. There is a SQL injection...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/01/14 12:0 a.m.3 views

China Bidding Public Service Platform Limited Bidding and Tendering Public Service Platform has Arbitrary File Download Vulnerability

China Bidding Public Service Platform Co., Ltd. is a public service enterprise approved by the State Council and set up under the guidance and promotion of the National Development and Reform Commission, and jointly invested by eight enterprises led by China Bidding and Tendering Association. The...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/12/18 12:0 a.m.3 views

Logic flaws exist in the public service platform for continuing education of professional and technical personnel of Beijing EdiKosen Education Technology Co.

Ltd. is a national high-tech enterprise. The company is committed to the development of e-learning platforms and the integration and production of curriculum resources. It strictly implements the ISO9001 international quality standard, owns 35 software copyrights, and has been awarded by the...

7AI score
Exploits0
CISA
CISA
added 2020/05/13 12:0 a.m.18 views

CISA-FBI Joint Announcement on PRC Targeting of COVID-19 Research Organizations

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have jointly released a Public Service Announcement on the People’s Republic of China’s targeting of COVID-19 research organizations. CISA and FBI encourage COVID-19 research organizations to...

6.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2016/09/16 2:46 p.m.13 views

FBI Encouraging Ransomware Victims To Report Infections

The Federal Bureau of Investigation this week urged victims of ransomware to report infections to federal law enforcement in hopes of better understanding the threat. The agency, in tandem with the Internet Crime Complaint Center IC3, issued a public service announcement on Thursday asking...

0.7AI score
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Inout Ad server Ultimate Shell Upload Vulnerabilty

No description provided by source. ============================================================== Inout Ad server Ultimate -- Shell upload Vulnerabilty ============================================================== Name : Inout Ad server Ultimate Shell upload Vulnerabilty Date : july 9,2010...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/03/13 6:40 p.m.10 views

Google to Pay $7M Settlement Over Street View Data Collection

Google has agreed to pay a $7 million settlement to several dozen U.S. states as part of an agreement of charges that the company was collecting private user data from WiFi hotspots while its Street View cars were driving around taking photos in various locations. The controversy over Google’s...

2.1AI score
Exploits0References4
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.57 views

CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a relatively minor issue, hence no embargo. Michael Scherer [email protected] of Red Hat found: Looking for incorrect /tmp/ usage, I found the following piece of code in /usr/share/gems/gems/rubyparser-2.0.4/lib/gauntletrubyparser.rb...

2.1CVSS0.3AI score0.00343EPSS
Exploits1
Rows per page
Query Builder