Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/12/15 9:29 p.m.9 views

CVE-2025-67634

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would...

6.1CVSS6.1AI score0.00162EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.6 views

CISA Software Acquisition Guide Supplier Response Web Tool 安全漏洞

CISA Software Acquisition Guide Supplier Response Web Tool is an interactive Web tool from the CISA organization in the United States. A security vulnerability exists in versions of the CISA Software Acquisition Guide Supplier Response Web Tool prior to 2025-12-11, which stems from a cross-site...

6.1CVSS6.1AI score0.00162EPSS
Exploits0References3
CISA
CISA
added 2024/08/06 12:0 p.m.5 views

CISA Releases Secure by Demand Guidance

Today, CISA and the Federal Bureau of Investigation FBI have released Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem to help organizations drive a secure technology ecosystem by ensuring their software manufacturers prioritize secure technology from the...

7.2AI score
Exploits0References2
Trellix
Trellix
added 2022/08/25 12:0 a.m.18 views

A Door Isn’t a Door When It’s Ajar - Part 3

A Door Isn’t a Door When It’s Ajar - Part III By Trellix · August 25, 2022 This story was also written by Steve Povolny and Sam Quinn Contents Installing OnGuard by Third Party Vendor Exploitation and Hacking the Planet! Putting it all Together Building the Final Demo System The Demo Lessons and...

7.6AI score
Exploits0
Rows per page
Query Builder