106 matches found
EUVD-2022-44352
Malicious code in bioql PyPI...
EUVD-2024-37144
Malicious code in bioql PyPI...
EUVD-2024-0074
Malicious code in bioql PyPI...
EUVD-2025-20522
Malicious code in bioql PyPI...
CVE-2025-7574
creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:38+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...
DOGE Put Everyone’s Social Security Data at Risk, Whistleblower Claims
Plus: China’s Salt Typhoon hackers target 600 companies in 80 countries, Tulsi Gabbard purges CIA agents, hackers knock out Iranian ship communications, and more...
Linux Distros Unpatched Vulnerability : CVE-2021-29262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing...
Unpacking Qualys Agentic AI: Technical Insights into Its Architecture and Capabilities
Agentic AI revolutionizes how enterprise organizations leverage artificial intelligence by introducing systems designed to function as autonomous agents capable of planning, decision-making, and executing complex workflows with minimal human oversight. Unlike traditional AI, which often performs...
Directus tokens are not redacted in flow logs, exposing session credentials to all admin
Summary When using Directus Flows with the WebHook trigger, all incoming request details are logged including security sensitive data like access and refresh tokens in cookies. Impact Malicious admins with access to the logs can hijack the user sessions within the token expiration time of them...
CVE-2025-3648
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...
CVE-2023-41165
An issue was discovered in Stormshield Network Security SNS 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.11.27, 4.0 through 4.3.21 before 4.3.22, and 4.4.0 through 4.6.8 before 4.6.9. An administrator with write access to the SNS firewall can configure a login disclaimer wi...
CVE-2018-16499
In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting user and the service using man-in-the-middle attacks. Usage of unapproved SSH encryption protocols or cipher suites also violates the Data Protection TSR Technical Security Requirements...
CVE-2021-47663
creationtimestamp| type| source ---|---|--- 2025-04-24 10:08:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13212 2025-04-24 11:48:24+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114392780040086154 2025-04-24 13:03:36+00:00| seen| https://t.me/cvedetector/23653...
CVE-2024-28786
IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques...
CVE-2025-21512
CVE-2025-21512 affects Oracle JD Edwards EnterpriseOne Tools (Web Runtime SEC). Vulnerable in JD Edwards EnterpriseOne Tools prior to 9.2.9.0. An unauthenticated attacker with network access via HTTP can exploit a flaw in the Web Runtime SEC component to read and modify data, with potential impac...
Microsoft Office Remote Code Execution Vulnerability
...
CVE-2025-23125
...
kernel: xfrm: fix one more kernel-infoleak in algo dumping
A vulnerability was found in the xfrm module in the Linux Kernel. This issue was discovered during fuzz testing, where uninitialized memory containing potentially sensitive data was inadvertently copied to user-space. This issue occurs when dumping IPsec algorithm data structures, exposing random...
CVE-2024-10411
creationtimestamp| type| source ---|---|--- 2024-10-27 06:42:18+00:00| seen| https://t.me/cvedetector/9050 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:32+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...
Help, I can’t see! A Primer for Attack Surface Management Blog Series
Part 1: Overview of the Problem ASM Solves and a High-Level Description of ASM and Its Components Welcome to the first installment of our multipart series,"Help! I Can’t See! A Primer for Attack Surface Management Blog Series." In this series, we will explore the critical challenges and solutions...