#ioc - Mastodon

104 posts19 participants17 posts today

Daily-CVE @CyberSignaler

CVE-2025-31330 - SAP SLT Unauthenticated Remote Code Execution Vulnerability April 08, 2025 at 08:15AM https://ift.tt/onJc6lR #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 1hCVE-2025-31330 - SAP SLT Unauthenticated Remote Code Execution VulnerabilitySAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system …

Daily-CVE @CyberSignaler

CVE-2025-30016 - SAP Financial Consolidation Unauthenticated Admin Account Access Vulnerability April 08, 2025 at 08:15AM https://ift.tt/0yCocQ3 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 1hCVE-2025-30016 - SAP Financial Consolidation Unauthenticated Admin Account Access VulnerabilitySAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises due to improper authentication mechanisms, due to which there is high impact on the Confidentiality, Integrity & Availability of the application.

Daily-CVE @CyberSignaler

CVE-2025-27429 - SAP S/4HANA ABAP Code Injection Backdoor April 08, 2025 at 08:15AM https://ift.tt/Bxj94bN #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 1hCVE-2025-27429 - SAP S/4HANA ABAP Code Injection BackdoorSAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining …

Daily-CVE @CyberSignaler

CVE-2025-23186 - SAP NetWeaver Application Server ABAP Remote Function Call Credential Exposure April 08, 2025 at 08:15AM https://ift.tt/RP6CAqs #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 1hCVE-2025-23186 - SAP NetWeaver Application Server ABAP Remote Function Call Credential ExposureIn certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in …

Ukraine War Bulletins and News @SocraticEthics@mastodon.online

️Russian war criminals has killed 591 Ukrainian athletes and coaches, while illegally holding 22 in captivity – FM (more) https://www.ukrinform.net/rubric-sports/3979376-russia-has-killed-591-ukrainian-athletes-and-coaches-with-22-held-in-captivity-fm.html #Ukraine #OSCE #IOC #NukesForUkraine #SouthKorea #Press #News #Taiwan #Media #Japan #NukesOrNATO #USA #US #UK #EU #NATO #UnitedStates #UnitedKingdom
#EuropeanUnion #russiaUkraineWar
#11yrInvasionOfUkraine
#RussiaIsATerroristState

Укрінформ · 9hRussia has killed 591 Ukrainian athletes and coaches, with 22 held in captivity – FMBy Ukrinform

VulDB @vuldb@infosec.exchange

New indicators for: RedLine Stealer (+1), Houdini (+1), XWorm (+2), Ghost RAT (+1), QakBot (+1), Chaos (+1) and NetSupportManager RAT (+5). https://vuldb.com/?actor #apt #cti #ioc

vuldb.comActorsPredictive activity analysis of APT actors in social media, private forums, chat rooms, and darknet markets.

Daily-CVE @CyberSignaler

CVE-2025-2004 - WordPress Simple WP Events Remote File Deletion Vulnerability April 08, 2025 at 05:15AM https://ift.tt/go3dpZE #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 4hCVE-2025-2004 - WordPress Simple WP Events Remote File Deletion VulnerabilityThe Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpe_delete_file AJAX action in all versions up to, and including, 1.8.17. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead …

Daily-CVE @CyberSignaler

CVE-2025-20946 - Galaxy Watch Bluetooth Vulnerability: Unauthenticated Bluetooth Pairing April 08, 2025 at 05:15AM https://ift.tt/1smT8D4 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 4hCVE-2025-20946 - Galaxy Watch Bluetooth Vulnerability: Unauthenticated Bluetooth PairingImproper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.

Daily-CVE @CyberSignaler

CVE-2025-20936 - Broadcom HDMI Compliance Module Privilege Escalation Vulnerability April 08, 2025 at 05:15AM https://ift.tt/kjSiHGC #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 4hCVE-2025-20936 - Broadcom HDMI Compliance Module Privilege Escalation VulnerabilityImproper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root.

Daily-CVE @CyberSignaler

CVE-2025-3364 - HGiga PowerStation SSH Chroot Escape April 08, 2025 at 03:15AM https://ift.tt/GwATpN5 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 6hCVE-2025-3364 - HGiga PowerStation SSH Chroot EscapeThe SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system.

Daily-CVE @CyberSignaler

CVE-2025-3363 - HGiga iSherlock OS Command Injection April 08, 2025 at 02:15AM https://ift.tt/7yOdCrs #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 7hCVE-2025-3363 - HGiga iSherlock OS Command InjectionThe web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

Daily-CVE @CyberSignaler

CVE-2025-3362 - HGiga iSherlock OS Command Injection Vulnerability April 08, 2025 at 02:15AM https://ift.tt/s92Qi34 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 7hCVE-2025-3362 - HGiga iSherlock OS Command Injection VulnerabilityThe web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

Daily-CVE @CyberSignaler

CVE-2025-3361 - HGiga iSherlock OS Command Injection Vulnerability April 08, 2025 at 02:15AM https://ift.tt/wUSA64P #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 7hCVE-2025-3361 - HGiga iSherlock OS Command Injection VulnerabilityThe web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

Daily-CVE @CyberSignaler

CVE-2025-2526 - Streamit Theme for WordPress Privilege Escalation via Account Takeover April 08, 2025 at 02:15AM https://ift.tt/LVFtire #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 7hCVE-2025-2526 - Streamit Theme for WordPress Privilege Escalation via Account TakeoverThe Streamit theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email in the 'st_Authentication_Controller::edit_profile' function. This makes it possible for unauthenticated …

Daily-CVE @CyberSignaler

CVE-2025-2525 - Streamit for WordPress Arbitrary File Upload Vulnerability April 08, 2025 at 02:15AM https://ift.tt/vcHwbxy #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 7hCVE-2025-2525 - Streamit for WordPress Arbitrary File Upload VulnerabilityThe Streamit theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'st_Authentication_Controller::edit_profile' function in all versions up to, and including, 4.0.1. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server …

Walk News @walknews@jforo.com

https://www.walknews.com/856324/ 日本フレスコボール協会、6月7-8日ブラジル・リオデジャネイロ開催『ブラジル選手権2025〈CIRCUITO CARIOCA DE FRESCOBOL – Ipanema〉』の日本代表派遣を公式発表。（2025年4月7日）｜BIGLOBEニュース #Brazil #IOC #ニュース #ブラジル #リオデジャネイロ #リリース #日本代表 #月 #経済ニュース #記事 #速報

日本フレスコボール協会、6月7-8日ブラジル・リオデジャネイロ開催『ブラジル選手権2025〈CIRCUITO CARIOCA DE FRESCOBOL - Ipanema〉』の日本代表派遣を公式発表。（2025年4月7日）｜BIGLOBEニュース

Bytes Europe @byteseu@pubeurope.com

France to possibly explore other sites to host 2030 Winter Games events https://www.byteseu.com/901079/ #France #IOC

Daily-CVE @CyberSignaler

CVE-2025-32409 - Ratta SuperNote A6 X2 Nomad Remote Code Execution Vulnerability April 07, 2025 at 10:15PM https://ift.tt/3mvA9sF #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 11hCVE-2025-32409 - Ratta SuperNote A6 X2 Nomad Remote Code Execution VulnerabilityRatta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct image-update location as a consequence of both directory traversal and unintended handling of concurrency.

Daily-CVE @CyberSignaler

CVE-2025-3332 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability April 07, 2025 at 03:15AM https://ift.tt/3pOLdXh #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 1dCVE-2025-3332 - Codeprojects Online Restaurant Management System SQL Injection VulnerabilityA vulnerability, which was classified as critical, was found in codeprojects Online Restaurant Management System 1.0. Affected is an unknown function of the file /admin/menu_save.php. The manipulation of the argument menu leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the …

Daily-CVE @CyberSignaler

CVE-2025-3331 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability April 07, 2025 at 03:15AM https://ift.tt/dpuLKfE #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

cvefeed.io · 1dCVE-2025-3331 - Codeprojects Online Restaurant Management System SQL Injection VulnerabilityA vulnerability, which was classified as critical, has been found in codeprojects Online Restaurant Management System 1.0. This issue affects some unknown processing of the file /payment_save.php. The manipulation of the argument mode leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the …

Drag & drop to upload