Lucene search
K

39 matches found

Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.5 views

A Bayesian Network Approach for Enhancing Security-Focused Decision Support Systems

The adoption and integration of heterogeneous stacks in most of today's open-source based networks brings clear benefits like interoperability and availability of advanced features. Yet, on the other hand the increasing number of interconnecting components and moving parts requires maintaining an...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/10 12:0 a.m.7 views

QRS: A Rule-Synthesizing Neuro-Symbolic Triad for Autonomous Vulnerability Discovery

Static Application Security Testing SAST tools are integral to modern DevSecOps pipelines, yet tools like CodeQL, Semgrep, and SonarQube remain fundamentally constrained: they require expert-crafted queries, generate excessive false positives, and detect only predefined vulnerability patterns...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : java-21-openjdk-21.0.9.0.10-1.el9.ML.1 (AXSA:2025-11028:16)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11028:16 advisory. JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 JDK: Enhance String Handling CVE-2025-61748 Tenable has...

7.5CVSS6.6AI score0.00633EPSS
Exploits0References4
Krebs on Security
Krebs on Security
added 2025/11/13 2:47 p.m.8 views

Google Sues to Disrupt Chinese SMS Phishing Triad

Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast out text message lures, and convert phished payment card data into mobile wallets from Apple and...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/24 6:35 p.m.3 views

Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation

The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit 42. "Although these domains are...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.32 views

EUVD-2024-17507

Malicious code in bioql PyPI...

6.1CVSS7AI score0.00374EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-3752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a rac...

7.9CVSS6.6AI score0.01751EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:22 a.m.18 views

CVE-2024-1782

The Blue Triad EZAnalytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'btwebid' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

6.1CVSS6.4AI score0.00374EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2025/04/03 11:5 a.m.12 views

Web 3.0 Requires Data Integrity

If you've ever taken a computer security class, you've probably learned about the three legs of computer security--confidentiality, integrity, and availability--known as the CIA triad. When we talk about a system being secure, that's what we're referring to. All are important, but to different...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 12:34 p.m.12 views

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout

The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach n...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.6 views

The vulnerability of the File Name Handler component in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the File Name Handler component in the Vim text editor exists due to a mistake in the use of pointers after memory release in the dialogchanged function. Exploiting this vulnerability can allow an attacker to trigger a pointer use-after-free error, resulting in a malfunction ...

4.2CVSS6.7AI score0.00289EPSS
Exploits0References10Affected Software11
Wired Threat Level
Wired Threat Level
added 2024/08/08 2:50 p.m.7 views

USPS Text Scammers Duped His Wife, So He Hacked Their Operation

The Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities...

7.3AI score
Exploits0
HackRead
HackRead
added 2024/07/25 2:52 p.m.5 views

Chinese SMS Phishing Group Hits iPhone Users in India Post Scam

The notorious Chinese Smishing Triad gang, known for its SMS phishing attacks against Pakistan, the US, and European…...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.5 views

The vulnerability of the `get_scaler_data_for_plane()` function in the `drivers/gpu/drm/amd/display/dc/dml2/dml2_translation_helper.c` file, a video driver for AMD cores in the Linux operating system, allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the getscalerdataforplane function in the drivers/gpu/drm/amd/display/dc/dml2/dml2translationhelper.c file, a video driver for AMD cores in the Linux operating system, is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to...

7.8CVSS5.9AI score0.0025EPSS
Exploits0References9Affected Software2
The Hacker News
The Hacker News
added 2024/04/22 11:30 a.m.31 views

Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation

Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain. Alarming? Absolutel...

7.3AI score
Exploits0
OSV
OSV
added 2024/03/05 2:15 a.m.7 views

CVE-2024-1782

The Blue Triad EZAnalytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'btwebid' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

6.1CVSS6AI score0.00374EPSS
Exploits0References2
CVE
CVE
added 2024/03/05 1:55 a.m.50 views

CVE-2024-1782

CVE-2024-1782 concerns the Blue Triad EZAnalytics WordPress plugin. Affected versions are all up to and including 1.0, with a Reflected Cross-Site Scripting vulnerability via the bt_webid parameter caused by insufficient input sanitization and output escaping. This enables unauthenticated attacke...

6.1CVSS6.4AI score0.00374EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.12 views

WordPress Plugin Blue Triad EZAnalytics Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.1CVSS6.2AI score0.00374EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/03/04 12:0 a.m.19 views

Blue Triad EZAnalytics <= 1.0 - Reflected Cross-Site Scripting via 'bt_webid'

Description The Blue Triad EZAnalytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'btwebid' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS6.3AI score0.00374EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/04 12:0 a.m.7 views

PT-2024-18302 · Blue Triad · Ezanalytics

Name of the Vulnerable Software and Affected Versions: Blue Triad EZAnalytics plugin for WordPress versions up to, and including, 1.0 Description: The issue allows unauthenticated attackers to inject arbitrary web scripts in pages due to insufficient input sanitization and output escaping via the...

6.1CVSS7.5AI score0.00374EPSS
Exploits0References5
Rows per page
Query Builder