Lucene search
K

56 matches found

Zero Day Initiative
Zero Day Initiative
added 2026/02/12 12:0 a.m.6 views

Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the ROI class. The issue results from the lack of proper validation of a user-suppli...

7.2CVSS6.5AI score0.00685EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-3943

Malicious code in bioql PyPI...

7.1CVSS8.9AI score0.00178EPSS
Exploits0References1
OSV
OSV
added 2025/09/05 5:10 p.m.3 views

MAL-2025-42987 Malicious code in @zalastax/nolb-_dsr-roi (npm)

The package @zalastax/nolb-dsr-roi was found to contain malicious code...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/03/05 11:0 a.m.767 views

Silk Typhoon targeting IT supply chain

Executive summary: Microsoft Threat Intelligence identified a shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions like remote management tools and cloud applications to gain initial access. While they haven't been observed directly targeting Microsoft...

10CVSS10AI score0.99999EPSS
Exploits138
RedhatCVE
RedhatCVE
added 2025/02/06 2:32 a.m.7 views

CVE-2025-24756

Cross-Site Request Forgery CSRF vulnerability in mgplugin Roi Calculator roi-calculator allows Stored XSS.This issue affects Roi Calculator: from n/a through = 1.0...

7.1CVSS7.2AI score0.00178EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 6:15 p.m.13 views

CVE-2025-24756

Cross-Site Request Forgery CSRF vulnerability in mgplugin Roi Calculator roi-calculator allows Stored XSS.This issue affects Roi Calculator: from n/a through = 1.0...

7.1CVSS0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/24 5:25 p.m.6 views

CVE-2025-24756 WordPress Roi Calculator plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in mgplugin Roi Calculator allows Stored XSS. This issue affects Roi Calculator: from n/a through 1.0...

7.1CVSS7.4AI score0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/24 5:25 p.m.20 views

CVE-2025-24756 WordPress Roi Calculator plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in mgplugin Roi Calculator roi-calculator allows Stored XSS.This issue affects Roi Calculator: from n/a through = 1.0...

7.1CVSS0.00178EPSS
Exploits0References1
CVE
CVE
added 2025/01/24 5:25 p.m.63 views

CVE-2025-24756

CVE-2025-24756 : CSRF to Stored XSS in the WordPress plugin Roi Calculator (affected: versions n/a–1.0). Root cause: cross-site request forgery enabling storedXSS in Roi Calculator. Impact: high-severity exposure of stored content; CVSS v3.1 base 7.1. Exploitation details are not provided in the ...

7.1CVSS7.2AI score0.00178EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.2 views

WordPress Roi Calculator plugin <= 1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Roi Calculator versions = 1.0...

7.1CVSS6.2AI score0.00178EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.2 views

PT-2025-5565 · Unknown · Mgplugin Roi Calculator

Name of the Vulnerable Software and Affected Versions: mgplugin Roi Calculator versions n/a through 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in the mgplugin Roi Calculator. Recommendations: For mgplugin Roi Calculator versions n/a throug...

7.1CVSS6.3AI score0.00178EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/24 12:0 a.m.3 views

WordPress plugin Roi Calculator 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

7.1CVSS8.5AI score0.00178EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2024/07/10 1:30 p.m.8 views

Takeaways From The Take Command Summit: Unlocking ROI in Security

Rapid7 CMO Cindy Stanton hosted a discussions with Cindy Stanton, Byron Anderson, Principal InfoSec Engineer, KinderCare Learning Companies and Gaël Frouin Director IT Security, AAA Northeast to talk strategies for measuring team performance and demonstrating ROI in cybersecurity at Rapid7’s rece...

7.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2024/05/30 5:0 p.m.59 views

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology OT devices. Internet-exposed OT equipment in water and wastewater systems WWS in the US were targeted in multiple attacks over the past months by different...

9.8CVSS8.7AI score0.02089EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/02/01 11:40 a.m.32 views

Why the Right Metrics Matter When it Comes to Vulnerability Management

How's your vulnerability management program doing? Is it effective? A success? Let's be honest, without the right metrics or analytics, how can you tell how well you're doing, progressing, or if you're getting ROI? If you're not measuring, how do you know it's working? And even if you are...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/10/31 10:58 a.m.64 views

Qualys API Best Practices: Policy Compliance – Posture Streaming (PCRS) API

This API Best Practices Series is designed for Qualys customer programmers or stakeholders with a general knowledge of programming who want to implement best practices for improving the development, design, and performance of their programs that use the Qualys API. For non-customers, the Qualys A...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2023/10/11 12:0 a.m.5 views

Google Pixel Buffer Error Vulnerability

Google Pixel is a smartphone from Google, Inc. in the United States. Google Pixel suffers from a security vulnerability that stems from an incorrect boundary check in the ctrlroi method of stmvl53l1module.c, which may result in an out-of-bounds read. This could result in local privilege escalatio...

6.7CVSS7AI score0.00091EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2023/09/27 9:0 a.m.17 views

Malwarebytes MDR wins G2 awards for "Best ROI," "Easiest to Use," and more

Malwarebytes Managed Detection and Response MDR earned a placed in 12 new reports on G2s Fall 2023 reports, winning badges for "Easiest to do Business With," "Best Est. ROI," "Easiest to Use," and "Easiest Admin." Purpose-built for resource constrained teams, Malwarebytes MDR provides IT staff wi...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/08/23 1:0 p.m.13 views

Three Security Vendor Consolidation Myths Debunked

When it comes to security vendor consolidation, Gartner found that 57% of organizations are working with fewer than ten security vendors, utilizing consolidation to cut costs and improve their overall security posture. But what about the other 43%? While security vendor consolidation has many...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/15 8:0 a.m.47 views

PCMag ranks Malwarebytes #1 cybersecurity vendor

PCMag, one of the most trusted publications by IT professionals, named Malwarebytes the 1 most-recommended security software vendor on its list of Best Tech Brands for 2023. The ranking is based on a Net Promoter Score NPS, a composite rating based on customer reviews from PCMag's Readers Choice...

6.8AI score
Exploits0
Rows per page
Query Builder