Lucene search
K

174 matches found

The Hacker News
The Hacker News
added 2021/01/29 10:8 a.m.7 views

Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide

A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan RAT to break into companies worldwide and extract valuable information. In a new report published by the ClearSky research team on Thursday, the Israeli...

6.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.28 views

CentOS 8 : 389-ds:1.4 (CESA-2019:3401)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3401 advisory. - 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default CVE-2018-10871 - 389-ds-base: using dscreate in verbose...

7.5CVSS6.4AI score0.08426EPSS
Exploits0References5
Microsoft Secure
Microsoft Secure
added 2020/11/23 5:0 p.m.35 views

IoT security: how Microsoft protects Azure Datacenters

Azure Sphere first entered the IoT Security market in 2018 with a clear mission—to empower every organization on the planet to connect and create secure and trustworthy IoT devices. Security is the foundation for durable innovation and business resilience. Every industry investing in IoT must...

7.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2020/11/23 5:0 p.m.38 views

IoT security: how Microsoft protects Azure Datacenters

Azure Sphere first entered the IoT Security market in 2018 with a clear mission—to empower every organization on the planet to connect and create secure and trustworthy IoT devices. Security is the foundation for durable innovation and business resilience. Every industry investing in IoT must...

7.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/11/17 2:0 p.m.40 views

Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs

The role of the Windows PC and trust in technology are more important than ever as our devices keep us connected and productive across work and life. Windows 10 is the most secure version of Windows ever, built with end-to-end security for protection from the edge to the cloud all the way down to...

0.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2020/11/17 2:0 p.m.56 views

Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs

The role of the Windows PC and trust in technology are more important than ever as our devices keep us connected and productive across work and life. Windows 10 is the most secure version of Windows ever, built with end-to-end security for protection from the edge to the cloud all the way down to...

0.6AI score
Exploits0
NVD
NVD
added 2020/08/14 5:15 p.m.24 views

CVE-2020-15145

In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing C:\ProgramData\ComposerSetup\bin\composer.bat in order to get elevated comma...

8.2CVSS7AI score0.00404EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/08/14 4:35 p.m.35 views

CVE-2020-15145 Local privilege elevation in Composer-Setup for Windows

In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing C:\ProgramData\ComposerSetup\bin\composer.bat in order to get elevated comma...

6.7CVSS8.1AI score0.00404EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/08/03 2:15 p.m.29 views

CVE-2020-14325

A vulnerability was found in Red Hat CloudForms which allows a malicious attacker to impersonate any user or create a non-existent user with any entitlement in the appliance and perform an API request. Mitigation Red Hat recommends upgrading to secured released versions, however, this flaw can be...

6.4CVSS1.3AI score0.01087EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2020/05/13 5:0 p.m.24 views

Secured-core PCs help customers stay ahead of advanced data theft

Researchers at the Eindhoven University of Technology recently revealed information around "Thunderspy," an attack that relies on leveraging direct memory access DMA functionality to compromise devices. An attacker with physical access to a system can use Thunderspy to read and copy data even fro...

1.2AI score
Exploits0
OSV
OSV
added 2020/03/24 8:15 p.m.4 views

CVE-2019-20599

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Voice Assistant mishandles the notification audibility of a secured app. The Samsung ID is SVE-2018-13326 May 2019...

7.5CVSS7.1AI score0.00333EPSS
Exploits0References1
Filippo.io
Filippo.io
added 2020/03/15 6:18 p.m.58 views

Install Go tools from modules with brew-gomod

As of Go 1.14, modules are ready for production. Compared to GOPATH, they make it much easier to keep workspaces clean by managing dependencies out of sight, and by letting you clone projects anywhere. However, there is no good way to simply install a Go binary from source, yet. The core reason f...

7.3AI score
Exploits0
NVD
NVD
added 2020/03/10 8:15 p.m.19 views

CVE-2019-19277

A vulnerability has been identified in SIPORT MP All versions 3.1.4. Vulnerable versions of the device allow the creation of special accounts "service users" with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of...

6.5CVSS6.2AI score0.0116EPSS
Exploits0References2
Prion
Prion
added 2020/03/10 8:15 p.m.14 views

Design/Logic Flaw

A vulnerability has been identified in SIPORT MP All versions 3.1.4. Vulnerable versions of the device allow the creation of special accounts "service users" with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of...

5.5CVSS6.2AI score0.0116EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/02/25 12:0 a.m.41 views

EulerOS 2.0 SP8 : dovecot (EulerOS-SA-2020-1146)

According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AU...

7.5CVSS7.8AI score0.02525EPSS
Exploits0References3
OSV
OSV
added 2020/02/11 10:15 p.m.3 views

CVE-2020-0739

An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0737...

7.8CVSS7.1AI score0.00795EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/02/11 9:23 p.m.40 views

CVE-2020-0739

An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0737...

8.2AI score0.00795EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.29 views

openSUSE: Security Advisory for dovecot23 (openSUSE-SU-2019:2281-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9AI score0.62579EPSS
Exploits1References2
NVD
NVD
added 2019/11/12 7:15 p.m.18 views

CVE-2019-1420

An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1422, CVE-2019-1423...

7.8CVSS7.7AI score0.00938EPSS
Exploits0References1
OSV
OSV
added 2019/11/12 7:15 p.m.3 views

CVE-2019-1420

An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1422, CVE-2019-1423...

7.8CVSS7.1AI score0.00938EPSS
Exploits0References1
Rows per page
Query Builder