inTheWild
inTheWild – отрытый каталог эксплуатируемых уязвимостей и эксплойтов. Мы считаем, что способность реагировать на эксплуатируемые уязвимости в течение нескольких часов…
2024-03-05: [CVE-2023-21237] Android Pixel Information Disclosure Vulnerability
Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means…
2024-03-06: [CVE-2024-23296] Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel…
2024-03-06: [CVE-2024-23225] Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary…
2024-03-05: [CVE-2021-36380] Sunhillo SureLine OS Command Injection Vulnerablity
Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device…
2024-03-25: [CVE-2021-44529] Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute…
2024-03-25: [CVE-2019-7256] Nice Linear eMerge E3-Series OS Command Injection Vulnerability
Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution. CISA…
2024-03-07: [CVE-2024-27198] JetBrains TeamCity Authentication Bypass Vulnerability
JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions. CISA Known Exploited Vulnerabilities Catalog…
2024-03-25: [CVE-2023-48788] Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically…
Киберпреступники используют Microsoft Graph API для скрытых атак в облаке
Киберпреступники все чаще прибегают к Ссылка скрыта от гостей Microsoft Graph API, который изначально был создан для упрощения доступа…
2024-03-26: [CVE-2023-24955] Microsoft SharePoint Server Code Injection Vulnerability
Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code…
2024-04-04: [CVE-2024-29748] Android Pixel Privilege Escalation Vulnerability
Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device…
2024-04-04: [CVE-2024-29745] Android Pixel Information Disclosure Vulnerability
Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.…
2024-04-11: [CVE-2024-3273] D-Link Multiple NAS Devices Command Injection Vulnerability
D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024-3272, this can lead to remote,…
2024-04-12: [CVE-2024-3400] Palo Alto Networks PAN-OS Command Injection Vulnerability
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with…
2024-04-11: [CVE-2024-3272] D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability
D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading…
2024-04-23: [CVE-2022-38028] Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute…
HomoAdminus: Cистема интернет-перехвата
HomoAdminus: Cистема интернет-перехвата E-Detective - это система интернет-перехвата, мониторинга и судебной экспертизы в режиме реального времени, которая фиксирует, расшифровывает и…
Как найти на сервере сервисы, которые показывает nmap?
Как найти на сервере сервисы, которые показывает nmap? Привет. Я не настоящий сварщик, а так пет проект. Вобщем взял на…
имеет ли смысл шифровать диск облачного виртуального сервера?
имеет ли смысл шифровать диск облачного виртуального сервера? или мне таблетки пить, а хостер-извращуга все равно мои интимные конфиги понюхает?…