1561 matches found
Microsoft Surface Security Feature Bypass Vulnerability
...
Microsoft Surface 输入验证错误漏洞
Microsoft Surface is a tablet computer from Microsoft Corporation USA. An input validation error vulnerability exists in Microsoft Surface. An attacker exploiting this vulnerability could bypass certain features. The following products and versions are affected:Surface Laptop 4 with Intel...
PT-2025-6294
Name of the Vulnerable Software and Affected Versions Microsoft Surface affected versions not specified Description The issue concerns a security feature bypass. No specific details about technical exploitation or affected devices are provided. Recommendations At the moment, there is no informati...
Vector Command Opportunistic Phishing Blog
Gone Phishing with Vector Command During one of our customer engagements, our red team will continuously attack your network to see if we can exploit a vulnerability. One of the tactics, techniques and proceduresTTPs we use is “Opportunistic Phishing”. First, let’s share a quick reminder about...
Managed Network Cloud Firewall: Comprehensive Protection for Network Attack Surface
...
4 Reasons Why MSPs & MSSPs Need to Enhance Attack Surface Management
In today’s rapidly evolving digital landscape, Managed Service Providers MSPs and Managed Security Service Providers MSSPs face increasing challenges. As businesses expand their digital footprints, MSPs and MSSPs are under pressure to deliver comprehensive security services while managing costs,...
CVE-2022-2037
Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0...
Take Command | Rapid7’s 2025 Cybersecurity Summit: Own Your Attack Surface on April 9
Save the date:April 9, 2025 Take Command is back. After a hugely successful event last year, Rapid7’s cybersecurity summit returns with another stellar lineup to equip security teams with the latest threat intelligence, expert insights, and real-world strategies to take control of an evolving...
CVE-2020-36549
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...
CVE-2024-36518
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard...
ROS-20250205-01
A vulnerability in the net/mlx5 components of the Linux operating system kernel is related to errors in accessing statistics of of commands after release. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the platform/surface...
Introducing the Exposure Management Webinar Series: Commanding Your Attack Surface
The digital landscape is expanding rapidly, and with it, the complexity of managing an organization's attack surface. To help cybersecurity professionals navigate this challenge, Rapid7 presents a three-part webinar series, "Commanding Your Attack Surface." This series dives deep into the evolvin...
Qualys TotalAppSec Delivers AI-powered Unified Application Risk Management for Modern Web Apps and APIs
" If you can’t measure it, you can’t manage it." - This adage rings truer than ever in the world of cybersecurity. Today, the modern attack surface has exploded, fueled by APIs that now drive 83% of all web traffic, powering critical integrations, microservices, and digital experiences. Security...
What Is Attack Surface Management?
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what's exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and...
Key Takeaways: Mastering Risk Prioritization with Rapid7 Surface Command
Managing risk in today’s sprawling IT environments demands precision and adaptability. Security teams face a constant influx of data from various tools, each offering fragmented insights. Rapid7’s Surface Command takes control of this chaos, consolidating data and delivering actionable insights...
PYSEC-2025-131
lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovgsurfacecreate...
PYSEC-2025-131
lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovgsurfacecreate...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the plutovgsurfacecreate component. An attacker can cause a denial of service by creating a surface with an excessively large size. Details Denial of Service DoS describes a family of attacks, all aimed at maki...
LunaSVG 安全漏洞
LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG that stems from the discovery of a containment allocation size oversize error via the component plutovgsurfacecreate. No detailed vulnerability details are provided at this time...
PT-2025-3550 · Lunasvg · Lunasvg
Name of the Vulnerable Software and Affected Versions: lunasvg version 3.0.0 Description: The issue is related to an allocation-size-too-big bug in the plutovg surface create component. This bug can be exploited. Recommendations: For lunasvg version 3.0.0, consider disabling the plutovg surface...