CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/23 10:32 a.m.•3 views

CVE-2024-7784

During internal Axis Security Development Model ASDM threat-modelling, a flaw was found in the protection for device tampering commonly known as Secure Boot in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the...

6.1CVSS6.7AI score0.00014EPSS

The Hacker News•added 2025/02/13 12:25 p.m.•9 views

Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams

Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without sacrificing one for the other? We invite you to our upcoming webinar, "Opening the Fast Lane for Secur...

7.3AI score

NVD•added 2024/09/10 6:15 a.m.•9 views

CVE-2024-7784

6.1CVSS0.00014EPSS

Vulnrichment•added 2024/09/10 5:14 a.m.•8 views

CVE-2024-7784

6.1CVSS6.7AI score0.00014EPSS

NVD•added 2023/11/21 7:15 a.m.•8 views

CVE-2023-5553

7.6CVSS0.00032EPSS

CVE•added 2023/11/21 6:59 a.m.•31 views

CVE-2023-5553

CVE-2023-5553 affects Axis OS Secure Boot protection. The AXIS OS tampering-protection bypass is the underlying issue, enabling a sophisticated attack to bypass the device’s tamper protection. Public detail indicates affected AXIS OS ranges include versions 10.8–11.6 (per external summaries), wit...

7.6CVSS6.8AI score0.00032EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2023/11/21 6:59 a.m.•10 views

CVE-2023-5553

7.6CVSS7AI score0.00032EPSS

Cvelist•added 2023/11/21 6:59 a.m.•10 views

CVE-2023-5553

7.6CVSS7.6AI score0.00032EPSS

Microsoft Malware Protection•added 2023/02/02 5:0 p.m.•20 views

Mitigate risk by integrating threat modeling and DevOps processes

Agile and DevOps are without any doubt two of the biggest security trends of recent years. The rapid rise of the cloud has only fueled the need for flexibility and dynamicity. Therefore, it’s natural for developers and organizations to seek methodologies and tools for addressing new requirements...

7.3AI score

Prion•added 2023/02/01 3:15 a.m.•12 views

Privilege escalation

As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment variables and abuse an impacted plugin in order to escalate privileges. We have resolved the issue...

6.5CVSS8.9AI score0.00164EPSS

CVE•added 2023/02/01 12:0 a.m.•57 views

CVE-2023-0524

CVE-2023-0524 concerns a privilege-escalation issue in Tenable products. The authenticated attacker could modify environment variables and, by abusing an impacted plugin, escalate privileges. Affected products mentioned across sources include Tenable Nessus, Tenable.io, and Tenable.sc. The underl...

8.8CVSS8.9AI score0.00164EPSS

Exploits0References1Affected Software3

Vulnrichment•added 2023/02/01 12:0 a.m.•3 views

CVE-2023-0524

9.1AI score0.00164EPSS

Cvelist•added 2023/02/01 12:0 a.m.•18 views

CVE-2023-0524

9.2AI score0.00164EPSS

Tenable Product Security Advisories•added 2023/01/30 4:18 p.m.•14 views

[R1] Tenable Plugin Feed ID #202212212055 Fixes Privilege Escalation Vulnerability

R1 Tenable Plugin Feed ID 202212212055 Fixes Privilege Escalation Vulnerability Arnie Cabral Mon, 01/30/2023 - 11:18 As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to...

3.4AI score

Microsoft Malware Protection•added 2022/01/21 5:0 p.m.•10 views

Celebrating 20 Years of Trustworthy Computing

20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing TwC initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees. Gates’ memo...

Microsoft Secure•added 2022/01/21 5:0 p.m.•13 views

Celebrating 20 Years of Trustworthy Computing

Microsoft Secure•added 2019/12/09 5:0 p.m.•50 views

Improve cyber supply chain risk management with Microsoft Azure

For years, Microsoft has tracked threat actors exploiting federal cyber supply chain vulnerabilities. Supply chain attacks target software developers, systems integrators, and technology companies. Tactics often include obtaining source code, build processes, or update mechanisms to compromise...

MSRC•added 2018/09/07 4:6 p.m.•52 views

Inside MSRC: Sharing Our Story & Customer Tips

For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...