Lucene search
K

115 matches found

CVE
CVE
added 2025/09/12 12:0 a.m.25 views

CVE-2024-45433

OpenSynergy BlueSDK Bluetooth stack (BlueSDK) up to version 6.x is affected by an Incorrect Control Flow Scoping flaw. The root cause is improper handling of exceptional conditions and lack of proper return control flow after detecting an unusual state, enabling bypass of security validation and ...

6.5CVSS6.7AI score0.00489EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.6 views

OpenSynergy BlueSDK 安全漏洞

OpenSynergy BlueSDK is a Bluetooth stack from OpenSynergy, Germany. A security vulnerability exists in OpenSynergy BlueSDK 6.x and prior versions, which stems from the lack of proper return control flow after an exception condition is detected in the BlueSDK Bluetooth stack, which could lead to...

6.5CVSS6.7AI score0.00489EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/09/12 12:0 a.m.10 views

CVE-2024-45433

OpenSynergy BlueSDK aka Blue SDK through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper return control flow after detecting an unusual condition. An attacker can leverage this to bypass a security...

0.00489EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/29 11:35 p.m.7 views

CVE-2025-43275

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox...

0.00587EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2025/07/16 12:0 a.m.444 views

Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges

Exploit Title : Microsoft Graphics Component Windows 11 Pro Build 26100+ - Local Elevation of Privileges Author: nu11secur1ty Date: 07/11/2025 --- Overview This repository contains a PowerShell script to validate whether a Windows 11 system is vulnerable to CVE-2025-49744—a critical local privile...

7CVSS7.4AI score0.0071EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/05/02 12:0 a.m.2 views

A Rusty Link in the AI Supply Chain: Detecting Evil Configurations in Model Repositories

Recent advancements in large language models LLMs have spurred the development of diverse AI applications from code generation and video editing to text generation; however, AI supply chains such as Hugging Face, which host pretrained models and their associated configuration files contributed by...

7.7AI score
Exploits0
hivepro
hivepro
added 2025/04/29 2:0 p.m.4 views

The Rise of Intelligent Security Validation: What a Month of Enhanced BAS Revealed

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Four weeks ago, a major healthcare...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.6 views

PT-2025-17135 · Buildium · Buildium

Name of the Vulnerable Software and Affected Versions: Listings for Buildium versions 0.1.4 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that also allows Stored XSS. This means an attacker could potentially trick a user into performing unintende...

7.1CVSS7.4AI score0.00127EPSS
Exploits0References3
hivepro
hivepro
added 2025/04/16 2:0 p.m.3 views

From Searching in the Dark to Seeing Ahead With Hive Pro’s Enhanced BAS

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on Hive Pro's Enhanced BAS! During a recent incident response, I...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/03/27 1:31 p.m.10 views

Unpacking a post-compromise breach simulation with Vector Command

The reality of modern cyber threats In today’s evolving cyber landscape, breaches are not a matter of if , but when. Attackers continue to refine their techniques, using stealthy post-compromise tactics to maintain persistence, escalate privileges, and move laterally across networks. The key to...

8.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/11 12:0 a.m.6 views

Windows Registry Enumerated Software Report

Reports details about software enumerated using the registry TRUSTED...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 11:30 a.m.5 views

Cyber Story Time: The Boy Who Cried "Secure!"

As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation ASV tools?" We've covered that pretty extensively in the past, so today, instead of covering the "What is ASV?" I wanted to address the "Why ASV?"...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/11 11:30 a.m.4 views

The ROI of Security Investments: How Cybersecurity Leaders Prove It

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn't buy a car without knowing i...

7.1AI score
Exploits0
OSV
OSV
added 2024/11/07 10:0 p.m.13 views

GHSA-6JRF-RCJF-245R changedetection.io path traversal using file URI scheme without supplying hostname

Summary The validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. Details The check used for URL protocol, issafeurl, allows file: as ...

8.6CVSS8.3AI score0.00697EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/11/07 10:0 p.m.23 views

changedetection.io path traversal using file URI scheme without supplying hostname

Summary The validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. Details The check used for URL protocol, issafeurl, allows file: as ...

8.6CVSS6.5AI score0.00697EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2024/10/28 9:8 p.m.23 views

CVE-2024-44175

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data...

0.00636EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/09/18 11:0 a.m.19 views

Why Pay A Pentester?

The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the grandmaster Garry Kasparov in 1997, only to be stunned when the machine claimed victory. Fast forward to today, would we have imagined just three years...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/27 1:21 p.m.17 views

CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures

Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in thi...

7.3AI score
Exploits0
NVD
NVD
added 2024/08/27 1:15 p.m.22 views

CVE-2024-4872

A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential...

9.9CVSS0.00496EPSS
Exploits0References1
OSV
OSV
added 2024/08/20 8:32 p.m.37 views

GO-2023-1993 Helm Improper Certificate Validation in helm.sh/helm

Helm Improper Certificate Validation in helm.sh/helm...

9.8CVSS9.5AI score0.01358EPSS
Exploits0References6
Rows per page
Query Builder