Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4shell-poc-maven ⚠️ INTENTIONALLY VULNERABLE FOR SCA T...

When Scanners Lie: Evaluator Instability in LLM Red-Teaming

Automated LLM vulnerability scanners are increasingly used to assess security risks by measuring different attack type success rates ASR. Yet the validity of these measurements hinges on an often-overlooked component: the evaluator who determines whether an attack has succeeded. In this study, we...

xtream-ui-security-audit

🔐 Xtream UI Security Audit & Exploitation Framework !Python...

Threat Exposure Management vs. Legacy Scanners: A Clear Winner

Attackers don’t think in terms of CVSS scores. They think in terms of attack paths. They look for the weakest link—a misconfiguration here, an unpatched server there—that they can chain together to reach your most valuable assets. Traditional vulnerability scanners are completely blind to this...

What is Breach and Attack Simulation (BAS)? A Guide

If you’re on a vulnerability management team, you’re likely drowning in a sea of CVEs. Your scanners produce massive lists of potential weaknesses, but with limited time and resources, which ones do you fix first? A high CVSS score doesn't always translate to real-world risk. You need context to...

A Practical Solution to Systematically Monitor Inconsistencies in SBOM-Based Vulnerability Scanners

Software Bill of Materials SBOM provides new opportunities for automated vulnerability identification in software products. While the industry is adopting SBOM-based Vulnerability Scanning SVS to identify vulnerabilities, we increasingly observe inconsistencies and unexpected behavior, that resul...

5 Best Threat Exposure Management Tools for 2025

A long list of vulnerabilities without context isn't a security strategy—it's just noise. Legacy vulnerability scanners are great at finding potential flaws, but they often fail to answer the most important question: "What should we fix right now?" This is why Threat Exposure Management TEM...

Exploring an Untethered, Unified Approach to CTEM

We live in a world where traditional Vulnerability Management VM has become infosec’s version of ‘whack-a-mole’— an attempt to tackle risks that constantly shift, multiply, and morph. As organizations push workloads to the cloud, offer customers digital experiences, or as they build AI-enabled...

Check Point response to CVE-2025-32728 - The SSH directive "DisableForwarding" fails to disable "X11 Forwarding" and "Agent Forwarding"

Symptoms - A flaw was found in OpenSSH - in affected versions of SSHD, the directive "DisableForwarding" does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and Agent forwarding, which may allow unintended access under certain configurations...

GO-2025-3512 kubevirt-csi: PersistentVolume allows access to HCP's root node in github.com/kubevirt/csi-driver

kubevirt-csi: PersistentVolume allows access to HCP's root node in github.com/kubevirt/csi-driver. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

GO-2025-3391 Rancher UI has Stored Cross-site Scripting vulnerability in github.com/rancher/rancher

Rancher UI has Stored Cross-site Scripting vulnerability in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

Upgrade Struts to avoid false-positive scanner warnings about CVE-2024-53677

h3. Issue Summary Recent CVE-2024-53677 at Struts triggers vulnerability scanners warning. panel:title=Bamboo is not affected Supported versions of Bamboo 9.2+, 9.6+, 10.2+ are not affected because FileUploadInterceptor doesn't handle uploaded files. panel h3. Steps to Reproduce See WEB-INB/lib...

GO-2024-3212 AWS Load Balancer Controller automatically detaches externally associated web ACL from Application Load Balancers in sigs.k8s.io/aws-load-balancer-controller

AWS Load Balancer Controller automatically detaches externally associated web ACL from Application Load Balancers in sigs.k8s.io/aws-load-balancer-controller. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module...

GO-2024-3007 snapd failed to restrict writes to the $HOME/bin path in github.com/snapcore/snapd

snapd failed to restrict writes to the $HOME/bin path in github.com/snapcore/snapd. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...

Detect and Manage the Risk of Apache Struts (CVE-2023-50164) Comprehensively

Introduction In the vast landscape of cybersecurity, staying vigilant against potential threats is crucial. A critical vulnerability that surfaced recently is CVE-2023-50164, affecting Apache Struts 2, a widely used open-source framework for Java development. This path traversal vulnerability,...

How to choose a free vulnerability scanner: Insights from an industry veteran

The cybersecurity market is awash with expensive, high-end solutions for detecting vulnerabilities in third-party applications. However, for smaller security teams, free vulnerability scanners offer a practical alternative. But of course, free doesn’t always mean better—it’s crucial to thoroughly...

Discover and Assess the Risk of Embedded Open-Source Software (OSS) Vulnerabilities

Runtime Software Composition Analysis with the Qualys Cloud Agent In a blog post published last week, we discussed the importance of managing risk across software developed in-house. A great deal of that risk is introduced by vulnerabilities in open-source packages like Log4Shell, OpenSSL, etc...

Citrix License Server susceptibility to certain Apache CVEs

Citrix License Server may be flagged by vulnerability scanners as potentially impacted byCVE-2006-20001, CVE-2022-36760, and/or CVE-2022-37436. This is because Citrix License Server uses Apache version 2.4.54 inLicense Server version 11.17.2 build 42000 and older versions of Apache in older build...

K84695749: Samba vulnerability CVE-2021-44142

Security Advisory Description The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow...

Log4j: One Year Later

One year ago, the Log4j remote code execution vulnerability known as Log4Shell CVE-2021-44228 was announced. The critical severity level vulnerability in a logging framework used across virtually all Java environments quickly set the internet on fire when it was released and exploited. It’s...