#cve resultados de búsqueda
Observed threat actor abusing a vulnerable driver (wsftprm.sys, Topaz OFD – Brazilian antifraud vendor, #CVE-2023-52271) for defense evasion. Attack chain: cartel.exe → vulnerable driver → Lazarus.exe (final payload, extension ".cry"). First seen in Colombia. 1/3
Just got 3 CVEs assigned for 0-days i discovered in a major LMS (30 Million+ users): 1. CVE-2025-59541 : CSRF (High 🟠) 2. CVE-2025-59542 : Account Takeover (Critical🔴) 3. CVE-2025-59543 : Account Takeover (Critical🔴) Can’t disclose much, public release is pending. #CVE
Analysis of Windows CLFS #EoP vuln (#CVE-2025-29824) in-the-wild exploitation sample and root cause Report: ti.qianxin.com/blog/articles/… ITW sample: virustotal.com/gui/file/808cb…
#CVE-2025-61882 PoC leak is real. The exploit requires outbound connections to a malicious server. 🤔🤔🤔 nuclei detect for ssrf: gist.github.com/tuo4n8/0e16056…
🚨 CVE-2020-4427 - critical 🚨 IBM Data Risk Manager - Authentication Bypass via SAML > IBM Data Risk Manager versions 2.0.1 through 2.0.6 are vulnerable to authentication b... 👾 cloud.projectdiscovery.io/library/CVE-20… @pdnuclei #NucleiTemplates #cve
🎉 We are excited to welcome Azure Access Technology as a #CVE Partner to help disseminate vulnerability information! For more info on efforts to protect #ICS or how your org can become a CVE Numbering Authority, visit 👉 cve.org/PartnerInforma…
🚨 CVE-2021-33766 - high 🚨 Microsoft Exchange - Authentication Bypass > Microsoft Exchange Server Information Disclosure Vulnerability. This vulnerability en... 👾 cloud.projectdiscovery.io/library/CVE-20… @pdnuclei #NucleiTemplates #cve
Your attack surface isn’t just servers and endpoints 🤖 A single #CVE can turn an everyday tool into an entry point. That’s why CVE literacy is key to building CTEM maturity, helping you spot patterns of risk, not just individual bugs. 📚 Read the full breakdown of the CUPS…
Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884) - helpnetsecurity.com/2025/10/12/ano… - @Oracle #vulnerability #CVE @OracleSecurity #CyberSecurityNews #CyberSecurity
Fluid Attacks' research team found a zero-day vulnerability in Ghost. As a #CNA, we assigned the ID CVE-2025-9862. Details here: 🔗 fluidattacks.com/pt/advisories/…. We have disclosed 201 #CVE to this date: 🔗fluidattacks.com/advisories/
Almaviva is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities in its proprietary software solutions: Joshua CybeRisk Vision, Jiano, Sofia, & Giotto cve.org/Media/News/ite… #cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity @CVEnew
🎉 We are excited to welcome Leonardo Spa as a #CVE Partner to help disseminate vulnerability information! For more info on efforts to protect #ICS or how your org can become a CVE Numbering Authority, visit 👉 cve.org/PartnerInforma…
YesWeHack is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities discovered by @YesWeHack community hunters on products with the permission of their owners cve.org/Media/News/ite… #cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity @CVEnew
Echo is now a CVE Numbering Authority (CNA) assigning CVE IDs for Echo products + vulnerabilities discovered by or reported to Echo not in another CNA’s scope cve.org/Media/News/ite… #cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity @CVEnew
Offensive SIEM 👊🏽 Flip your SIEM mindset from reactive detection to proactive hunting. Uncover local privilege escalations, hidden misconfigs, and even potential #CVE before attackers do 🔥🔥 🎥 youtu.be/5nfL_4ek4dY #BlueTeam #SIEM #CyberSecurity #ThreatHunting #DFIR
youtube.com
YouTube
SEC-T 0x11: Erkan Ekici & Shanti Lindström - Offensive SIEM: When the...
Azure Access is now a CVE Numbering Authority (CNA) assigning CVE IDs for Azure Access branded products and technologies only cve.org/Media/News/ite… #cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity @CVEnew
Uniview is now a CVE Numbering Authority (CNA) assigning CVE IDs for Uniview products only cve.org/Media/News/ite… #cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity @CVEnew
Top 5 Trending CVEs: 1 - CVE-2012-0157 2 - CVE-2025-33073 3 - CVE-2025-3600 4 - CVE-2023-50428 5 - CVE-2025-25257 #cve #cvetrends #cveshield #cybersecurity cveshield.com/dashboard
CVE-2025-3719 (CVSS:7.2, HIGH) is Analyzed. An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being p..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-3718 (CVSS:5.8, HIGH) is Analyzed. A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing valid..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11396 (CVSS:6.9, HIGH) is Analyzed. A vulnerability was identified in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the ..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11389 (CVSS:7.4, HIGH) is Undergoing Analysis. A security flaw has been discovered in Tenda AC15 15.03.05.18. Affected is an unknown function of the file /goform/saveA..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-0603 (CVSS:9.8, CRITICAL) is Awaiting Analysis. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Callvision Healthc..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11388 (CVSS:7.4, HIGH) is Analyzed. A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpg..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11387 (CVSS:7.4, HIGH) is Analyzed. A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fast_sett..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11386 (CVSS:7.4, HIGH) is Analyzed. A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/Set..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11385 (CVSS:7.4, HIGH) is Analyzed. A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file ..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11356 (CVSS:7.4, HIGH) is Analyzed. A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /go..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11355 (CVSS:7.4, HIGH) is Awaiting Analysis. A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Affected by this vulnerability is the function strcp..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-10162 (CVSS:7.5, HIGH) is Awaiting Analysis. The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11362 (CVSS:8.7, HIGH) is Awaiting Analysis. Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttl..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11350 (CVSS:6.9, HIGH) is Analyzed. A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. The affected element is..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11349 (CVSS:6.9, HIGH) is Analyzed. A vulnerability was identified in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown funct..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11348 (CVSS:6.9, HIGH) is Analyzed. A vulnerability was determined in Campcodes Online Apartment Visitor Management System 1.0. This issue affects some unkn..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
CVE-2025-11347 (CVSS:6.9, HIGH) is Undergoing Analysis. A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function mov..nvd.nist.gov/vuln/detail/CV… #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
🚨 CVE-2020-4427 - critical 🚨 IBM Data Risk Manager - Authentication Bypass via SAML > IBM Data Risk Manager versions 2.0.1 through 2.0.6 are vulnerable to authentication b... 👾 cloud.projectdiscovery.io/library/CVE-20… @pdnuclei #NucleiTemplates #cve
🚨 CVE-2021-33766 - high 🚨 Microsoft Exchange - Authentication Bypass > Microsoft Exchange Server Information Disclosure Vulnerability. This vulnerability en... 👾 cloud.projectdiscovery.io/library/CVE-20… @pdnuclei #NucleiTemplates #cve
Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884) - helpnetsecurity.com/2025/10/12/ano… - @Oracle #vulnerability #CVE @OracleSecurity #CyberSecurityNews #CyberSecurity
Just got 3 CVEs assigned for 0-days i discovered in a major LMS (30 Million+ users): 1. CVE-2025-59541 : CSRF (High 🟠) 2. CVE-2025-59542 : Account Takeover (Critical🔴) 3. CVE-2025-59543 : Account Takeover (Critical🔴) Can’t disclose much, public release is pending. #CVE
Looks like the patch for #CVE-2025-33073 might not fully resolve the issue... curious to see where this leads
Observed threat actor abusing a vulnerable driver (wsftprm.sys, Topaz OFD – Brazilian antifraud vendor, #CVE-2023-52271) for defense evasion. Attack chain: cartel.exe → vulnerable driver → Lazarus.exe (final payload, extension ".cry"). First seen in Colombia. 1/3
🚨Detect Actor Token Abuse (#CVE-2025-55241) After verifying the details with @_dirkjan, I created a query to detect Actor Token abuse, regardless of the activity involved. The idea is simple: If these activities are S2S, they should originate from Microsoft service IPs. 🧐…
Analysis of Windows CLFS #EoP vuln (#CVE-2025-29824) in-the-wild exploitation sample and root cause Report: ti.qianxin.com/blog/articles/… ITW sample: virustotal.com/gui/file/808cb…
Excited 🎉 to share that I have been credited with my 4th CVE from Apple: CVE-2025-43356. This issue was addressed in Apple’s new security releases of iOS 26, iPadOS 26, and Safari 26. #Apple #CVE #BugBounty #iOS #ApplicationSecurity #iOS26
【情报】SAP NetWeaver存在RCE漏洞🚨🚨🚨 SAP NetWeaver Visual Compose的指定路径下可以未授权利用该漏洞上传恶意文件,导致服务器失陷,漏洞编号为CVE-2025-31324🥲 资产分布中国和美国使用量都比较大,目前漏洞细节已经公开,存在大范围在野利用🧐 #CVE #redteam #CyberSec #hacker
My research on CVE-2025-49113 is out. fearsoff.org/research/round…. Happy reading! #CVE #roundcube #poc @FearsOff
The exploit for CVE-2025-49113 is already available for sale on the dark web. I feel sorry for anyone who hasn’t upgraded to the newest version yet. Doomsday is coming, believe me. #roundcube #CVE @FearsOff
📊 #VulnReport Security Summary - April 16, 2025. Today's vulnerability report shows over 200 new #CVE's across various platforms 🧵👇 ⚠️ Oracle Critical Patch Update released today with 50+ security fixes. Most critical: CVE-2025-30727 (CRITICAL 9.8) in Oracle Scripting.…
#CVE-2025-61882 PoC leak is real. The exploit requires outbound connections to a malicious server. 🤔🤔🤔 nuclei detect for ssrf: gist.github.com/tuo4n8/0e16056…
Don't whisper your secrets just yet 🤫 What happens when a doc silently instructs Copilot and hides prompts with zero clicks? We break down the attack flow, real-world demo, and practical mitigations of a Copilot #CVE on our #blog. Read more: okt.to/c7zLPG #HackTheBox…
🎉 We are excited to welcome Azure Access Technology as a #CVE Partner to help disseminate vulnerability information! For more info on efforts to protect #ICS or how your org can become a CVE Numbering Authority, visit 👉 cve.org/PartnerInforma…
Understand the SharePoint RCE: Exploitations, Detections, and Mitigations: akamai.com/blog/security-… #sharepoint #cve #rce #cybersecurity #informationsecurity #microsoft #exploitation #vulnerability
I’m excited to announce that I've been credited with my third CVE from @Apple CVE-2025-43228 Funny thing is, I reported this vulnerability back in August 2024 It has been addressed in the new iOS 18.6 and Safari 18.6 security update support.apple.com/en-us/124147 #CVE #BugBounty
6/21 SJ @darksheikftf @JordanCruzPro @KoTalphazo @DaveDutra @SandraMoonepie @kiddbanditpro @BrookeHavok @chrisnastyy_ @GinSevani @fatu_journey @JuicyFinau @link2futureftf @niczanderyb @boynamedrichie #cve #ddrefresh +more! Tickets⬇️ eventbrite.com/e/125868065070…
#CVE-2025-53833 挺直给的一个漏洞,直接官方demo即可快速复现,步骤见图1,和grok协同搞了个漏洞分析报告,见图2. 题外话,没看懂360这个复现。 github.com/saleem-hadad/l…
🟥 CVE-2025-7775, CVSS: 9.2 (#Critical) NetScaler ADC and NetScaler Gateway, and NDcPP, Citrix. A memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service. #CyberSecurity #CVE #Vulnerability #Citrix #RemoteCodeExecution #DenialOfService…
Something went wrong.
Something went wrong.
United States Trends
- 1. Good Sunday 46.7K posts
- 2. Discussing Web3 N/A
- 3. #sundayvibes 4,137 posts
- 4. Auburn 47.2K posts
- 5. Wordle 1,576 X N/A
- 6. MACROHARD 8,296 posts
- 7. Gilligan's Island 5,230 posts
- 8. #SEVENTEEN_NEW_IN_TACOMA 39.5K posts
- 9. #MakeOffer 20.7K posts
- 10. QUICK TRADE 2,183 posts
- 11. Kirby 24.9K posts
- 12. #SVT_TOUR_NEW_ 31.4K posts
- 13. FDV 5min 2,207 posts
- 14. Utah 25.4K posts
- 15. Market Cap Surges N/A
- 16. Dissidia 7,327 posts
- 17. Whale - Buy 1,829 posts
- 18. Boots 51.4K posts
- 19. Arizona 41K posts
- 20. mingyu 111K posts