Lucene search
K

71 matches found

CVE
CVE
added 2020/11/06 7:48 a.m.256 views

CVE-2020-27616

CVE-2020-27616 : In QEMU 4.2.1, ati_2d_blt in hw/display/ati_2d.c can trigger an outside-limits calculation, allowing a guest to crash the QEMU process. Connected advisories (Astra Linux, openSUSE/SUSE) reference this exact issue and list it among other QEMU fixes, but no explicit remediation or ...

6.5CVSS6.2AI score0.02498EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2020/05/08 7:49 p.m.169 views

Black Hat USA, DEF CON 28 Go Virtual

Cybersecurity conferences Black Hat USA and DEF CON 28 will not be held in person this year due to the coronavirus pandemic. The conferences will both instead be transformed into completely virtualized events. Both back-to-back annual conferences were set to take place in Las Vegas this year; Bla...

7.1AI score
Exploits0References15
Wired Threat Level
Wired Threat Level
added 2020/03/11 7:32 p.m.38 views

No, a Border Wall Won't Stop Coronavirus

Donald Trump's latest pitch for the wall ignores basic science—and might only make things worse...

1.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2020/01/21 11:15 p.m.43 views

CVE-2020-7595

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation...

7.5CVSS6.8AI score0.07836EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/01/21 10:54 p.m.22 views

CVE-2020-7595

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation...

7.8AI score0.07836EPSS
Exploits0References15
Microsoft Secure
Microsoft Secure
added 2019/06/06 4:0 p.m.78 views

Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness

The “Lessons learned from the Microsoft SOC” blog series is designed to share our approach and experience with security operations center SOC operations, so you can use what we learned to improve your SOC. The learnings in the series come primarily from Microsoft’s corporate IT security operation...

7.3AI score
Exploits0
Prion
Prion
added 2019/05/02 8:29 p.m.10 views

Authentication flaw

An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass account takeover exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a...

5CVSS9.5AI score0.01603EPSS
Exploits0References1Affected Software1
Wired Threat Level
Wired Threat Level
added 2018/10/23 10:0 a.m.49 views

It Started as an Online Gaming Prank. Then It Turned Deadly

A $1.50 wager on a "Call of Duty" match led to a fake 911 call reporting a violent hostage situation in Wichita. Here’s how it all went horribly awry...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/09/24 12:0 a.m.31 views

Beyond Remote 2.2.5.3 - Denial of Service (PoC)

Exploit Title: Beyond Remote 2.2.5.3 - Denial of Service PoC Author: Erenay Gencay Discovey Date: 2018-09-24 Vendor notified : 2018-09-24 Software Link: https://beyond-remote-client-and-server.jaleco.com/ Tested Version: 2.2.5.3 Tested on OS: Windows XP Professional sp3 ENG Steps to Reproduce: Ru...

7.4AI score
Exploits0
Slackware Linux
Slackware Linux
added 2018/09/21 7:47 p.m.185 views

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.157/: Upgraded. This kernel removes the unnecessary vmacacheflushall code which could have led to a use-after-free situation and...

7.8CVSS0.4AI score0.03206EPSS
Exploits4
Carbon Black Blog
Carbon Black Blog
added 2018/02/06 5:13 p.m.24 views

Examining & Evaluating Security Before a “Pressure Event” is Critical…Especially on a Hot Summer Day

There are countless parallels between cyber and physical security. I often use physical security to explain cyber to the uninitiated. The thick walls, soundproofed vents, locks and codes and even the key on the door to Robert Hanssen’s SCIF are mirrored by the malware detectors, firewalls next-ge...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/12/29 9:17 p.m.44 views

Kansas Man Killed In ‘SWATting’ Attack

A 28-year-old Kansas man was shot and killed by police officers on the evening of Dec. 28 after someone fraudulently reported a hostage situation ongoing at his home. The false report was the latest in a dangerous hoax known as "swatting," wherein the perpetrator falsely reports a dangerous...

6.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/09/25 3:49 p.m.58 views

Canadian Man Gets 9 Months Detention for Serial Swattings, Bomb Threats

A 19-year-old Canadian man was found guilty of making almost three dozen fraudulent calls to emergency services across North America in 2013 and 2014. The false alarms, two of which targeted this author -- involved phoning in phony bomb threats and multiple attempts at "swatting" -- a dangerous...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2017/09/08 9:15 a.m.14 views

Equifax Data Breach: Steps You should Take to Protect Yourself

Equifax has suffered one of the largest data breaches in history that has left highly sensitive data of as many as 143 million people—that's nearly half of the US population—in the hands of hackers. Based on the company's investigation, some unknown hackers managed to exploit a security flaw on t...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/05 2:4 p.m.9 views

shacklocks.co.uk XSS vulnerability

Vulnerable URL: http://www.shacklocks.co.uk/situations/situation-detail.php?situationid=1"...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2016/07/12 12:0 a.m.27 views

McAfee Email Gateway - Application Protections Bypass

MEG is vulnerable to file attachments containing the null character. The scanning mechanism fails to identify the file name properly. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.5CVSS6.5AI score0.00719EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2016/06/22 3:30 p.m.10 views

Nuclear, Angler Exploit Kit Activity Has Disappeared

Criminal hackers are fickle about their attack vectors. You need to look no further for evidence of this than their constant migration from one exploit kit to another. And while there is an expansive menu of exploit kits, attackers do seem to congregate around a precious few. Researchers who stud...

6.8AI score
Exploits0References7
myhack58
myhack58
added 2016/04/09 12:0 a.m.23 views

Adobe Flash Player is really into a hopeless situation-vulnerability and early warning-the black bar safety net

! Adobe Flash Player can be smoothly applied to a variety of platforms, but it is also because its application is broad and its own vulnerability, causing it to always be hackers of all ages, this time is no exception. For a long time, hackers always like to use some of the underground network to...

7AI score
Exploits0
0day.today
0day.today
added 2013/08/18 12:0 a.m.34 views

PhpVibe 3.1 Cross Site Scripting / SQL Injection Vulnerabilities

PhpVibe version 3.1 suffers from cross site scripting and remote error-based blind SQL injection vulnerabilities. Exploit Title: PhpVibe 3.1 - Multiples Vulnerabilites Product: PhpVibe Official site: http://phprevolution.com/ Risk Level: High Exploit Author: Esac Demo : http://playviralvideos.com...

7.9AI score
Exploits0
ThreatPost
ThreatPost
added 2012/05/18 7:34 p.m.12 views

Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops

Defense giant Northrop Grumman is hiring software engineers to help it carry out “offensive cyberspace operations,” according to a recent job posting. The job posting, for a “Cyber Software Engineer 2” appeared on the Website Clearancejobs.com and described a position on a Northrop R&D project to...

0.3AI score
Exploits0References8
Rows per page
Query Builder