Lucene search
K

175 matches found

Talos Blog
Talos Blog
added 2022/03/02 6:1 a.m.12 views

Crowd-sourced attacks present new risk of crisis escalation

By Matt Olney.An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques. Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as... This ...

3.4AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/02/24 6:50 p.m.6 views

CVE-2020-10632 ICSA-20-140-02 Emerson OpenEnterprise

Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner...

8.8CVSS8.7AI score0.00466EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.13 views

The vulnerability of the zlib compression library in the “Avora” operating system allows a hacker to cause a service failure or have an unpredictable impact.

The vulnerability of the zlib compression library in the “Avora” operating system is related to integer overflows. Exploiting this vulnerability can allow attackers to cause service failures or have unpredictable effects using specially crafted .apk or .dex files...

7.3CVSS5.5AI score
Exploits0Affected Software2
OSV
OSV
added 2021/10/06 2:15 p.m.27 views

CVE-2021-28702

PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR". These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest...

7.6CVSS2.1AI score
Exploits0References7
NVD
NVD
added 2021/10/06 2:15 p.m.19 views

CVE-2021-28702

PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR". These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest...

7.6CVSS0.00427EPSS
Exploits0References7
Huntr
Huntr
added 2021/06/20 4:26 p.m.10 views

in phpservermon/phpservermon

✍️ Description Insecure randomness errors occur when a function that can produce predictable values is used as a source of randomness in security-sensitive context. This code uses the rand function to generate "unique" identifiers for the receipt pages it generates. In this case the function that...

1.5AI score
Exploits0References2
HackRead
HackRead
added 2021/05/28 12:22 a.m.56 views

5 Top Cybersecurity Threats to Businesses

By Waqas Cybersecurity threats are unpredictable but taking a closer look at them and implementing proper security measures seems like a wise decision. This is a post from HackRead.com Read the original post: 5 Top Cybersecurity Threats to Businesses...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:0776-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS3.9AI score0.00315EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.22 views

SUSE SLED15 / SLES15 Security Update : s390-tools (SUSE-SU-2021:0777-1)

This update for s390-tools fixes the following issues : Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target bsc1183041. CVE-2021-25316: Do not use predictable temporary file names bsc1182777. Made the...

3.3CVSS4.8AI score0.00315EPSS
Exploits1References7
OSV
OSV
added 2021/03/12 4:41 p.m.11 views

SUSE-SU-2021:0777-1 Security update for s390-tools

This update for s390-tools fixes the following issues: - Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target bsc1183041. - CVE-2021-25316: Do not use predictable temporary file names bsc1182777. - Mad...

3.3CVSS3.7AI score0.00315EPSS
Exploits1References6
Wired Threat Level
Wired Threat Level
added 2020/10/05 4:15 p.m.28 views

A Dangerous Year in America Enters Its Most Dangerous Month

Seven distinct factors between now and the election threaten to combine, compound, and reinforce each other in unpredictable ways...

3.3AI score
Exploits0
NVD
NVD
added 2020/06/23 6:15 p.m.16 views

CVE-2020-4188

IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. IBM X-Force ID: 174807...

5.3CVSS0.01067EPSS
Exploits0References2
NVD
NVD
added 2020/04/29 12:15 a.m.18 views

CVE-2019-15874

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results...

9.8CVSS9.4AI score0.01321EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/04/28 11:41 p.m.25 views

CVE-2019-15874

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results...

9.4AI score0.01321EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2020/04/21 12:0 a.m.66 views

FreeBSD -- ipfw invalid mbuf handling

Problem Description: Incomplete packet data validation may result in accessing out-of-bounds memory CVE-2019-5614 or may access memory after it has been freed CVE-2019-15874. Impact: Access to out of bounds or freed mbuf data can lead to a kernel panic or other unpredictable results...

9.8CVSS2.2AI score0.01321EPSS
Exploits0
Kitploit
Kitploit
added 2019/11/20 12:0 p.m.75 views

Ddoor - Cross Platform Backdoor Using Dns Txt Records

Cross-platform backdoor using dns txt records. What is ddor? ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both linux and windows machines List of around 10 public DN...

7.5AI score
Exploits0References1
OSV
OSV
added 2019/11/04 8:15 p.m.6 views

CVE-2019-17210

A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString is called by the function MQTTDeserializepublish to get the length and content of the MQTT topic name. In the function readMQTTLenString, mqttstring-lenstring.len is a part of us...

7.5CVSS7.1AI score0.01011EPSS
Exploits0References1
Prion
Prion
added 2019/11/04 8:15 p.m.20 views

Design/Logic Flaw

A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString is called by the function MQTTDeserializepublish to get the length and content of the MQTT topic name. In the function readMQTTLenString, mqttstring-lenstring.len is a part of us...

5CVSS7.4AI score0.01011EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/07/25 5:15 p.m.23 views

CVE-2019-2240

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

5.5CVSS5.8AI score0.00179EPSS
Exploits0References1
CVE
CVE
added 2019/07/25 4:33 p.m.55 views

CVE-2019-2240

CVE-2019-2240 affects Qualcomm Snapdragon platforms (Auto/Compute/Connectivity, Snapdragon family across IPQ4xxx through SDX lines, QCA wireless ICs, etc.). Description: error handling during rendering of surface content to the screen is not properly checked, causing unpredictable behavior. Root ...

5.5CVSS5.7AI score0.00179EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder