Lucene search
K

44 matches found

Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.10 views

PINSIGHT: A Comprehensive Threat Exploration of Domain-Adaptive Wi-Fi Based PIN Code Inference

Wi-Fi signals can be exploited by adversaries as a sensing side channel to eavesdrop on physical information. By monitoring propagation effects of radio waves within the victim's environment, attackers can remotely infer sensitive information. One particularly concerning example is PIN code...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/31 11:50 a.m.4 views

The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority

The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities or tools, but a dramatic increase in speed. Speed of attack, speed of exploitation, and speed of change across modern environments. This is the defining...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53691

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00668EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/15 8:30 p.m.11 views

CVE-2025-21585

...

4.9CVSS0.00716EPSS
Exploits0References1
Circl
Circl
added 2025/03/25 7:24 p.m.14 views

CVE-2025-30567

creationtimestamp| type| source ---|---|--- 2025-03-25 19:24:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8738 2025-03-25 21:05:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lla6dgu4zc24 2025-03-25 22:00:04+00:00| seen|...

7.5CVSS5.8AI score0.02628EPSS
In wildExploits0References19
Chainguard
Chainguard
added 2025/02/25 1:11 p.m.27 views

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: k3s, temporal-fips, datadog-agent-fips, kube-logging-operator, hello-world-golang, gomplate, dive, kubernetes-event-exporter, kubebuilder, temporal-ui-server, keda-fips, govulncheck, haproxy-ingress, kube-state-metrics-fips, kustomize, cass-operator-fips-no-pvc-delet...

5.9AI score
Exploits0
Circl
Circl
added 2025/01/14 2:17 p.m.10 views

CVE-2024-48890

creationtimestamp| type| source ---|---|--- 2025-01-14 14:17:52+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgwyuidj2r 2025-01-14 15:39:39+00:00| seen| https://t.me/cvedetector/15255 2025-01-14 16:28:27+00:00| seen|...

8.8CVSS5.3AI score0.01098EPSS
Exploits0References4
Chainguard
Chainguard
added 2024/06/05 4:15 p.m.33 views

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: k3s, kube-logging-operator, hello-world-golang, haproxy-ingress, kube-fluentd-operator, q, protoc-gen-go, nri-jmx, kubernetes-csi-driver-hostpath, paranoia, tigera-operator, nri-kafka, prometheus-postgres-exporter-fips, kafkaexporter, gobump, kubevela,...

9.8CVSS6.7AI score0.01952EPSS
Exploits0
Wallarm Lab
Wallarm Lab
added 2024/01/24 10:38 a.m.28 views

Security Testing: Types, Tools, and Best Practices

Opening Note: Understanding the Core Concepts of Security Analysis Continual developments in technology have elevated the significance of security analysis, a critical phase in software design. You can think of it as a vital diagram within the process of coding, engineered to identify and resolve...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/30 11:31 a.m.28 views

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

In today's fast-paced digital landscape, the widespread adoption of AI Artificial Intelligence tools is transforming the way organizations operate. From chatbots to generative AI models, these SaaS-based applications offer numerous benefits, from enhanced productivity to improved decision-making...

6.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/12/07 5:0 p.m.28 views

Mitigate threats with the new threat matrix for Kubernetes

Today, we are glad to release the third version of the threat matrix for Kubernetes, an evolving knowledge base for security threats that target Kubernetes clusters. The matrix, first released by Microsoft in 2020, was the first attempt to systematically cover the attack landscape of Kubernetes...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/23 2:0 p.m.15 views

6 reasons MSPs need a patch management platform

Weve all heard the stories: Organizations getting breached like there's no tomorrow thanks to threat actors exploiting unpatched vulnerabilities. Likewise, weve also all heard the familiar refrain: Patch regularly! But for many businesses--including the Managed Service Providers MSPs that serve...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/02/08 1:55 p.m.13 views

Introducing Qualys Context XDR: the Difference between Chaos & Clarity

In my role as a product leader, I have the pleasure of meeting security practitioners from organizations big and small, across multiple industry segments and geographies. No matter how large or small their budget or staff is, how much they’ve invested in their tech stack or how much experience th...

7AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/02/02 6:1 a.m.39 views

What is threat modeling ❓ Definition, Methods, Example

Threat modeling is a method for upgrading the security of an application, system, or business process by distinguishing objections and weaknesses, just as carrying out countermeasures to stay away from or alleviate the impacts of structure dangers. Threat modeling supports recognizing the securit...

7.4AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/05/11 11:20 a.m.147 views

What is Vulnerability Assessment and How to Prevent Them❓

A vulnerability assessment is an essential starting step to surveying your association’s receptiveness to security challenges, including physical and computerized security. It can likewise be portrayed as a lot of specific tests planned to recognize deficiencies in your network and its key...

7.3AI score
Exploits0
OSV
OSV
added 2021/03/10 9:7 p.m.21 views

GHSA-XHFX-HGMF-V6VP October CMS vulnerable to Potential Host Header Poisoning on misconfigured servers

Impact When running on servers that are configured to accept a wildcard as a hostname i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header Poisoning attacks to succeed. See the following resources for more information on...

7.5CVSS6.9AI score0.01514EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2021/02/10 2:32 a.m.85 views

October CMS Session ID not invalidated after logout

Impact When logging out, the session ID was not invalidated. This is not a problem while the user is logged out, but as soon as the user logs back in the old session ID would be valid again; which means that anyone that gained access to the old session cookie would be able to act as the logged in...

9.8CVSS8.9AI score0.02903EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2021/02/10 2:32 a.m.107 views

GHSA-7GGW-H8PP-R95R October CMS Session ID not invalidated after logout

Impact When logging out, the session ID was not invalidated. This is not a problem while the user is logged out, but as soon as the user logs back in the old session ID would be valid again; which means that anyone that gained access to the old session cookie would be able to act as the logged in...

9.8CVSS9.5AI score0.02903EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2020/11/23 8:54 p.m.103 views

Bypass of fix for CVE-2020-15247, Twig sandbox escape

Impact A bypass of CVE-2020-15247 fixed in 1.0.469 and 1.1.0 was discovered that has the same impact as CVE-2020-15247: An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide PHP code to be execut...

6.7CVSS1AI score0.00289EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2020/11/23 7:47 p.m.35 views

GHSA-RFJC-XRMF-5VVW Privilege escalation by backend users assigned to the default "Publisher" system role

Impact Backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user has. This means that a user with "Publisher" access has the ability to escalate their access to "Developer" access. Patches Issue has been patched in...

4CVSS4.2AI score0.00309EPSS
Exploits0References5
Rows per page
Query Builder