106 matches found
GHSA-5G3X-8G2V-R8X8 Volcano has insecure permissions
Insecure permissions in volcano v1.8.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token...
The vulnerability of the distributed Git version control system, related to the use of pre-installed security-related data, allows a hacker to create hard links to any readable file within the same file system.
The vulnerability of the distributed Git version control system is related to the use of pre-installed data related to security. Exploiting this vulnerability allows a attacker to create hard links to any readable file within the same file system...
One Unified API: The Future of Security Data Management with Uni5 Xposure
Picture yourself as a security analyst in the midst of navigating the complex landscape of your organization's cybersecurity. Your daily routine is dominated by the task of managing an overwhelming amount of security data, spread across an array of tools and platforms. Each piece of data, whether...
OESA-2023-1960 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file...
ALPINE-CVE-2023-46219
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use...
CVE-2023-5043
creationtimestamp| type| source ---|---|--- 2023-10-30 08:13:06+00:00| seen| Telegram/MCOtq6YNws1wIQDmkmW4fj5yPvTPQ5hjf1qfUTkU-awDNw 2023-10-30 09:02:14+00:00| seen| https://t.me/KomunitiSiber/999 2023-10-30 17:00:07+00:00| seen| https://t.me/truesecator/5023 2023-11-29 09:38:53+00:00| seen|...
PT-2023-2477 · Hewlett Packard · Futuresmart +2
Name of the Vulnerable Software and Affected Versions: HP Enterprise LaserJet and HP LaserJet Managed Printers versions with FutureSmart version 5.6 Description: The issue is related to a lack of protection for service data, potentially allowing a remote attacker to disclose protected information...
SUSE CVE-2017-2837
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the...
How to Use Cloud Access Security Brokers for Data Protection
By Owais Sultan A cloud access security broker is a security policy enforcement point that can be located on-premises or in… This is a post from HackRead.com Read the original post: How to Use Cloud Access Security Brokers for Data Protection...
EAST - Extensible Azure Security Tool - Documentation
Extensible Azure Security Tool Later referred as E.A.S.T is tool for assessing Azure and to some extent Azure AD security controls. Primary use case of EAST is Security data collection for evaluation in Azure Assessments. This information JSON content can then be used in various reporting tools,...
CVE-2023-21829
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle...
4 Places to Supercharge Your SOC with Automation
It's no secret that the job of SOC teams continues to become increasingly difficult. Increased volume and sophistication of attacks are plaguing under-resourced teams with false positives and analyst burnout. However, like many other industries, cybersecurity is now beginning to lean on and benef...
CVE-2022-37061
creationtimestamp| type| source ---|---|--- 2022-08-18 22:26:40+00:00| seen| https://t.me/cibsecurity/48367 2022-11-01 18:06:49+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/flirax8unauthrcecve202237061.rb 2023-06-27 15:16:19+00:00| seen|...
OCSF: Working Together to Standardize Data
Teams spend a lot of time normalizing data before any analysis, investigation, or response can begin. It’s an unacceptable burden for you. And its days are finally numbered. Rapid7 and other security vendors are collaborating on an Open Cybersecurity Schema Framework OCSF, an open standard for bo...
Today’s SOC Strategies Will Soon Be Inadequate
New research sponsored by Rapid7 explores the momentum behind security operations center SOC modernization and the role extended detection and response XDR plays. ESG surveyed over 370 IT and cybersecurity professionals in the US and Canada – responsible for evaluating, purchasing, and utilizing...
CVE-2022-32275
creationtimestamp| type| source ---|---|--- 2022-06-06 22:30:08+00:00| seen| https://t.me/cibsecurity/43869 2022-06-08 13:37:04+00:00| seen| https://t.me/bhhub/892 2022-06-08 13:37:04+00:00| published-proof-of-concept| https://t.me/bhhub/793 2024-10-12 06:49:41+00:00| seen|...
CVE-2021-28508
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to...
CVE-2022-22563
Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes...
多款Qualcomm产品资源管理错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A resource management error vulnerability exists in the sahara...
CVE-2022-0492
creationtimestamp| type| source ---|---|--- 2022-03-03 22:26:18+00:00| seen| https://t.me/cibsecurity/38378 2022-03-05 09:45:44+00:00| seen| https://t.me/thehackernews/1951 2022-03-05 22:52:04+00:00| seen| https://t.me/conservativejblQck1776/70982 2022-03-06 11:02:27+00:00|...