NAME__________Tenda i9 buffer overflowPlatforms Affected:Tenda i9 1.0.0.9(4122)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda i9 is vulnerable to a stack-based buffer overflow,...
NAME__________SHARP Energy Management Controller with Cloud Service security bypassPlatforms Affected:SHARP Energy Management Controller with Cloud Services B0.1.9.1Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SHARP...
NAME__________NODERP security bypassPlatforms Affected:Shanxi Diankeyun Technology NODERP 6.0.2 Shanxi Diankeyun Technology NODERP 6.0.1Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________NODERP could allow a remote...
NAME__________Tenda W6 buffer overflowPlatforms Affected:Tenda W6 1.0.0.9(4122)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda W6 is vulnerable to a stack-based buffer overflow,...
NAME__________Emerson Rosemount GC370XA, GC700XA, GC1500XA information disclosurePlatforms Affected:Emerson Rosemount GC370XA Emerson Rosemount GC700XA Emerson Rosemount GC1500XARisk Level:6.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Emerson Rosemount...
NAME__________Microsoft Edge (Chromium-based) privilege escalationPlatforms Affected:Microsoft Edge (Chromium-based) 120.0.2210.160 Microsoft Edge (Chromium-based) 121.0.2277.83Risk Level:6.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Microsoft Edge (Chromium-based) could allow...
NAME__________XenSource Xen HVM builds security bypassPlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________XenSource Xen could allow a local attacker to bypass security restrictions,...
NAME__________SHARP Energy Management Controller with Cloud Service server-side request forgeryPlatforms Affected:SHARP Energy Management Controller with Cloud Services B0.1.9.1Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access...
NAME__________SHARP Energy Management Controller with Cloud Service cross-site scriptingPlatforms Affected:SHARP Energy Management Controller with Cloud Services B0.1.9.1Risk Level:5.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SHARP...
NAME__________Mitsubishi Electric FA Engineering Software Products security bypassPlatforms Affected:Mitsubishi Electric FR Configurator2 Mitsubishi Electric MT Works2 Mitsubishi Electric GX Works3...
NAME__________Splunk Add-on Builder information disclosurePlatforms Affected:Splunk Add-on Builder 4.1.3Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Splunk Add-on Builder could allow a remote authenticated attacker...
NAME__________SHARP Energy Management Controller with Cloud Service cross-site request forgeryPlatforms Affected:SHARP Energy Management Controller with Cloud Services B0.1.9.1Risk Level:6.1Exploitability:UnprovenConsequences:Bypass Security...
NAME__________SHARP Energy Management Controller with Cloud Service directory traversalPlatforms Affected:SHARP Energy Management Controller with Cloud Services B0.1.9.1Risk Level:7.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________SHARP...
NAME__________XenSource Xen phantom functions information disclosurePlatforms Affected:XenSource XenRisk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________XenSource Xen could allow a local attacker to obtain sensitive...
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw...
The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking...
New York Attorney General Letitia James sued Citibank over its alleged failure to defend customers against hacks and scams and...
A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. Mercedes-Benz...
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was...
The Akira ransomware group is targeting small to medium-sized businesses (SMBs) - 80% of its victims, since March 2023, have been SMBs....
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local...
CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The company announced...
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims'...
