Aggregator

CVE-2012-5039 | Cisco IOS up to 12.2 resource management

4 days 2 hours ago

A vulnerability classified as problematic was found in Cisco IOS up to 12.2. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to improper resource management. The identification of this vulnerability is CVE-2012-5039. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.

vuldb.com

CVE-2012-5044 | Cisco IOS up to 15.3 memory corruption (SBV-44282)

Vuldb Updates

4 days 2 hours ago

A vulnerability, which was classified as critical, has been found in Cisco IOS up to 15.3. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is referenced as CVE-2012-5044. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

vuldb.com

CVE-2012-5422 | Cisco As5400xm Universal Gateway denial of service (SBV-44403)

Vuldb Updates

4 days 2 hours ago

A vulnerability, which was classified as problematic, was found in Cisco As5400xm Universal Gateway. This affects an unknown part. The manipulation results in denial of service. This vulnerability is identified as CVE-2012-5422. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

vuldb.com

CVE-2012-5427 | Cisco IOS up to 15.3 input validation

Vuldb Updates

4 days 2 hours ago

A vulnerability has been found in Cisco IOS up to 15.3 and classified as problematic. This vulnerability affects unknown code. This manipulation causes improper input validation. This vulnerability is tracked as CVE-2012-5427. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

vuldb.com

UK water company allowed hackers to lurk undetected for nearly two years, regulator finds

The Record

4 days 3 hours ago

The Information Commissioner's Office (ICO) fined South Staffordshire Water £963,900 ($1.3 million) on Monday over an attack by the Cl0p ransomware group that led to the personal data of 633,887 customers and employees being published in August 2022.

11th May – Threat Intelligence Report

Check Point Research

4 days 3 hours ago

For the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Instructure, the US education technology company behind the Canvas learning platform, has confirmed a major data breach affecting its cloud-hosted environment. Exposed data reportedly includes student and staff records and private messages, while […]

The post 11th May – Threat Intelligence Report appeared first on Check Point Research.

urias

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

The Hackers News

4 days 3 hours ago

Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access paths, same “how the hell is this still open” feeling. One report this week basically reads like a guy tripped over root access by accident and decided to stay

The Hacker News

Trending Hugging Face Repository With 200k Downloads Executes Malware on Windows Machines

Cyber Security News

4 days 3 hours ago

A popular artificial intelligence repository on Hugging Face was recently found hiding dangerous malware that targeted Windows users. The repository, named “Open-OSS/privacy-filter,” had racked up over 200,000 downloads before the platform’s team stepped in and removed it. The malicious package disguised itself as a legitimate privacy filtering tool. It copied its model card nearly verbatim […]

Tushar Subhra Dutta

9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems

Hack Read

4 days 3 hours ago

The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks.

Deeba Ahmed

《Forza Horizon 6》游戏文件提前 10 天泄露

Solidot

4 days 3 hours ago

微软旗下工作室 Playground Games 提前 10 天向 Steam 上传了《Forza Horizon 6》的未加密游戏文件。多个盗版网站已经放出了《Forza Horizon 6》的下载。《Forza Horizon 6》是以日本为背景的赛车游戏，预计于 5 月 19 日正式发售，游戏容量约 155 GB。这不是第一次 3A 游戏作品以这种方式泄露，今年 3 月小岛工作室游戏《Death Stranding 2》的 PC 版本也是在发售前几天以未加密的方式将游戏文件上传到 Steam。

Webinar this week: Prevention alone is not enough against modern attacks

Bleeping Computer.

4 days 3 hours ago

This upcoming webinar explores how organizations need to combine security, backups, and recovery planning to reduce the impact of modern cyberattacks. [...]

BleepingComputer

ACTF 2026落幕，dda_com战队夺冠！

XCTF联赛

4 days 3 hours ago

ACTF落幕，恭喜dda_com战队！

Dirty Frag: Linux kernel hit by second major security flaw in two weeks

The Record

4 days 3 hours ago

The issue was found in the same area of the Linux kernel that produced last month’s Copy Fail bug, and also allows anyone with a basic account on an affected computer to seize full administrative control.

Akira

Dark Feed IO

4 days 3 hours ago

You must login to view this content

cohenido

CVE-2014-2890 | Siege phpMyID 0.9 MyID.php wrap_html openidmode cross site scripting (BID-66665)

Vuldb Updates

4 days 3 hours ago

A vulnerability marked as problematic has been reported in Siege phpMyID 0.9. Impacted is the function wrap_html of the file MyID.php. The manipulation of the argument openidmode leads to cross site scripting. This vulnerability is uniquely identified as CVE-2014-2890. The attack is possible to be carried out remotely. No exploit exists.

vuldb.com

CVE-2014-2892 | libmms 0.6/0.6.1/0.6.2/0.6.3 mmsh.c get_answer memory corruption (03bcfccc / Nessus ID 73744)

Vuldb Updates

4 days 3 hours ago

A vulnerability described as critical has been identified in libmms 0.6/0.6.1/0.6.2/0.6.3. The affected element is the function get_answer of the file mmsh.c. The manipulation results in memory corruption. This vulnerability was named CVE-2014-2892. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.

vuldb.com

CVE-2014-2899 | yaSSL CyaSSL up to 2.9.0 input validation (Nessus ID 96228 / BID-66780)

Vuldb Updates

4 days 3 hours ago

A vulnerability classified as problematic has been found in yaSSL CyaSSL. The impacted element is an unknown function. This manipulation causes improper input validation. The identification of this vulnerability is CVE-2014-2899. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2014-2900 | yaSSL CyaSSL up to 2.9.0 Certificates cryptographic issue (Nessus ID 96228 / BID-66780)

Vuldb Updates

4 days 3 hours ago

A vulnerability classified as critical was found in yaSSL CyaSSL. This affects an unknown function of the component Certificates. Such manipulation leads to cryptographic issues. This vulnerability is referenced as CVE-2014-2900. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

vuldb.com

CVE-2012-0360 | Cisco IOS 15.1 IKEv2 resource management (SBV-44266)

Vuldb Updates

4 days 3 hours ago

A vulnerability, which was classified as problematic, has been found in Cisco IOS 15.1. This impacts an unknown function of the component IKEv2 Handler. Performing a manipulation results in improper resource management. This vulnerability is identified as CVE-2012-0360. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

vuldb.com

CVE-2012-1317 | Cisco IOS 15.1 Multicast memory corruption (SBV-44286)

Vuldb Updates

4 days 3 hours ago

A vulnerability, which was classified as problematic, was found in Cisco IOS 15.1. Affected is an unknown function of the component Multicast Handler. Executing a manipulation can lead to memory corruption. This vulnerability is tracked as CVE-2012-1317. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

vuldb.com

Aggregator

Managed ad