Lucene search
+L

72 matches found

HackRead
HackRead
added 2025/05/16 4:32 p.m.28 views

Ivanti EPMM Hit by Two Actively Exploited 0day Vulnerabilities

Ivanti EPMM users urgently need to patch against actively exploited 0day vulnerabilities CVE-2025-4427, CVE-2025-4428 that enable pre-authenticated remote…...

7.2CVSS7.2AI score0.99899EPSS
Exploits10
Krebs on Security
Krebs on Security
added 2025/05/14 11:57 a.m.43 views

Patch Tuesday, May 2025 Edition

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month's patch batch from Redmond are fixes for two other weaknesse...

7.8CVSS8AI score0.21228EPSS
Exploits11
Trellix
Trellix
added 2025/05/08 12:0 a.m.11 views

The Growing Threat of Vishing: How Cybercriminals Are Using Multimedia to Target You

The Growing Threat of Vishing: How Cybercriminals Are Using Multimedia to Target You By Mark Joseph Marti and Sandra Pagkaliwagan · May 8, 2025 Introduction Imagine being hacked through a phone call, and you can't even complain because you were the one who provided your sensitive information or...

5.4AI score
Exploits0
CISA
CISA
added 2025/05/06 12:0 p.m.6 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-27363link is external FreeType Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

8.1CVSS7.3AI score0.26049EPSS
In wildExploits1References6
Tenable Nessus
Tenable Nessus
added 2025/05/03 12:0 a.m.12 views

Fedora 41 : valkey (2025-d191ee2f9a)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d191ee2f9a advisory. Valkey 8.0.3 - Released Wed 23 Apr 2025 Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible. Bug fixes...

7.5CVSS7.7AI score0.00843EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/03 12:0 a.m.15 views

Fedora 40 : valkey (2025-59ebc165fc)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-59ebc165fc advisory. Valkey 8.0.3 - Released Wed 23 Apr 2025 Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible. Bug fixes...

7.5CVSS7.7AI score0.00843EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/15 8:30 p.m.11 views

CVE-2025-21574

...

6.5CVSS6.7AI score0.00975EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/04/14 5:56 p.m.7 views

WordPress Testimonial Slider and Showcase Pro plugin <= 2.1.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Testimonial Slider And Showcase Pro versions = 2.1.7...

7.5CVSS8.4AI score0.00573EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/14 12:0 a.m.9 views

WordPress Grip Theme <= 1.0.9 is vulnerable to Local File Inclusion

Software Grip Type Theme Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26735 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID b5e4d6f7b083 Credits tahu.datar Required privilege Unauthenticated Publishe...

7.5CVSS6.8AI score0.00467EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/04/10 2:1 p.m.9 views

WordPress Solace Extra plugin <= 1.3.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by theviper17 in WordPress Plugin Solace Extra versions = 1.3.1...

9.9CVSS8.4AI score0.00379EPSS
Exploits0Affected Software1
Malwarebytes
Malwarebytes
added 2025/03/31 8:30 a.m.20 views

Why we’re no longer doing April Fools’ Day

The internet is filled with falsehoods. We’re forever investigating new scams here at Malwarebytes, and so we get how hard it is to know what—or who—to trust online. There’s the scam that takes advantage of grieving people and tricks them into paying for a funeral live stream. There’s the fake...

7.6AI score
Exploits0
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.17 views

openSUSE Security Advisory (SUSE-SU-2024:3453-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.01127EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.4 views

openSUSE Security Advisory (openSUSE-SU-2024:0242-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS9.6AI score0.00781EPSS
Exploits10References2
Rockylinux
Rockylinux
added 2025/02/13 8:34 p.m.12 views

gnome-shell-extensions bug fix update

An update is available for gnome-shell-extensions. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNOME Shell extensions allow for modifying the default GNOME...

7.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.4 views

PT-2025-6222 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: A vulnerability has been reported, but details are scarce. There is a mention of not waiting for vulnerability scanning results, implying...

7AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2025/02/06 5:28 p.m.16 views

New scams could abuse brief USPS suspension of inbound packages from China, Hong Kong

I would be the last one to provide scammers with good ideas, but as a security provider, sometimes we need to think like criminals to stay ahead in the race. Recently, the US Postal Service USPS announced that it would suspend inbound packages from China and Hong Kong until further notice. That...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2025/01/29 12:0 a.m.9 views

openSUSE: Security Advisory for podman (SUSE-SU-2025:0267-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.4AI score0.01345EPSS
Exploits0References2
OSV
OSV
added 2025/01/24 9:49 a.m.4 views

MAL-2025-579 Malicious code in lexical-esm-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 808bb38341306bbd08d655abd9928c5cf279412658db15774579d78f195f5a39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/12/04 4:52 a.m.5 views

MAL-2024-11197 Malicious code in stacks-blockchain-dist-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b57ff71a1fa8a796d254711f77c61001b106406614239e93a1b59405fc6c1a3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Wiz blog
Wiz blog
added 2024/03/29 10:2 p.m.119 views

Backdoor in XZ Utils allows RCE: everything you need to know

Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgently...

10CVSS7AI score0.85974EPSS
Exploits40
Rows per page
Query Builder