CVE-2021-32756

ManageIQ is an open-source management platform. In versions prior to jansa-4, kasparov-2, and lasker-1, there is a flaw in the MiqExpression module of ManageIQ where a low privilege user could enter a crafted Ruby string which would be evaluated. Successful exploitation will allow an attacker to...

CVE-2020-15378

The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface...

CVE-2020-0702

A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'...

CVE-2025-48414

CVE-2025-48414 affects eCharge Hardy Barth cPH2 / cPP2 charging stations. Connected sources describe hard-coded credentials in the web interface scripts, granting access to admin/debug functionality and increasing attack surface. Public details confirm the issue but do not provide a confirmed pat...

Securing RAG: a Risk Assessment and Mitigation Framework

Retrieval Augmented Generation RAG has emerged as the de facto industry standard for user-facing NLP applications, offering the ability to integrate data without re-training or fine-tuning Large Language Models LLMs. This capability enhances the quality and accuracy of responses but also introduc...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

gimp: dds buffer overflow RCE

A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process...

Measuring Security in 5G and Future Networks

In today's increasingly interconnected and fast-paced digital ecosystem, mobile networks, such as 5G and future generations such as 6G, play a pivotal role and must be considered as critical infrastructures. Ensuring their security is paramount to safeguard both individual users and the industrie...

Exploring an Untethered, Unified Approach to CTEM

We live in a world where traditional Vulnerability Management VM has become infosec’s version of ‘whack-a-mole’— an attempt to tackle risks that constantly shift, multiply, and morph. As organizations push workloads to the cloud, offer customers digital experiences, or as they build AI-enabled...

Configuring the SSH Service Port Properly

A server typically has multiple NICs and IP addresses. You need to plan IP addresses to determine which ones are used for services or management. Not all IP addresses need to listen on SSH connections. You can specify only some IP addresses to perform SSH connections to reduce the attack surface...

Ensure That Removable Device Partitions Are Mounted Using noexec and nodev

The security of removable devices cannot be ensured completely due to a lot of factors, such as the source, usage, and transportation process. In this sense, removable devices are the main host for viruses. Therefore, removable devices must be mounted using noexec and nodev to improve security an...

Do Not Install Insecure SNMP Versions

Simple Network Management Protocol SNMP is a standard protocol designed to manage network nodes in IP networks. This protocol allows the exchange of network management and control data between network elements NEs. If SNMP is installed in scenarios where SNMP is not required, additional system...

Avoid Using Wireless Networks

If the hardware device contains wireless modules such as Wi-Fi and Wi-Fi is enabled in the system, the server may connect to the network wirelessly. If the connection is not managed, the network may be unstable and the attack surface increases. If no wireless network is used, you are advised to...

Do Not Enable the Avahi Service

Avahi is a zero-configuration networking implementation, including a system for multicast DNS/DNS-SD service discovery and automatic broadcast. For example, you can connect a server to the network and use Avahi to automatically broadcast network services running on the server for other user to...

Do Not Install the Avahi Service

Avahi is a zero-configuration networking implementation, including a system for multicast DNS/DNS-SD service discovery and automatic broadcast. For example, you can connect a server to the network and use Avahi to automatically broadcast network services running on the server for other user to...

Configure at and cron Services Properly

The at service is used to execute simple tasks once, and the cron service is used to execute periodic and scheduled tasks. In the cron command, the /etc/cron.deny file is the blocklist configuration file, and the /etc/cron.allow file is the allowlist configuration file, which is absent by default...

Do Not Use auditctl to Set auditd Rules

auditd service rules can be configured using either rule files in the /etc/audit/rules.d/ directory applied after server restart or the auditctl command for immediate effect. The permission of the /etc/audit/rules.d/ directory is 750, while that of the auditctl command is 755. Therefore,...

Do Not Enable the LDAP Service

Lightweight Directory Access Protocol LDAP is a protocol that provides access control and is used to maintain distributed directory information. The LDAP service increases system resource usage and expands the attack surface. If the LDAP service is not required, do not install the LDAP service. T...

Avoid Enabling Unnecessary Services and Ports

In the zones, you need to specify the interfaces, ports, and services that need to be enabled or disabled. Correct configuration prevents illegitimate packets from being received and processed, reduces the number of exposed ports on the server, and reduces the attack surface. If the configuration...

Security Misconfiguration Detected (High)

Security misconfigurations present a risk of increased attack surface by allowing malicious entities to communicate with the target assets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...