OSINT 탐지 내용
330
Alleged Sale of Mass Exploit for FortiGate targeting CVE-2024-55591 Cc @DarkWebInformer
Alleged Sale of Mass Exploit for FortiGate targeting CVE-2024-55591 Cc @DarkWebInformer
2025. 07. 05.
CVE-2025-49493 : Akamai CloudTest Allows File Inclusion via XML External Entity (XXE) injection. Cc @B1ackash
CVE-2025-49493 : Akamai CloudTest Allows File Inclusion via XML External Entity (XXE) injection. Cc @B1ackash
2025. 07. 05.
2025. 07. 04.
Becoming the trainer - Attacking Machine Learning (ML) training infrastructure https://www.ibm.com/think/x-force/becoming-the-trainer-attacking-ml-training-infrastructure
Becoming the trainer - Attacking Machine Learning (ML) training infrastructure https://www.ibm.com/think/x-force/becoming-the-trainer-attacking-ml-training-infrastructure
2025. 07. 03.
CVE-2025-20309 : Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials
CVE-2025-20309 : Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials
2025. 07. 03.
CVE-2024-54085 (CVSS 10.0) : A critical vulnerability affecting the American Megatrends Inc. (AMI) MegaRAC SPx firmware package for baseboard management controllers (BMCs). Attackers can bypass authentication in the Redfish Host Interface by modifying the X-Server-Addr or Host header in HTTP requests, tricking the BMC into believing requests originate from the host system itself. **Exploitation does not require authentication.**
CVE-2024-54085 (CVSS 10.0) : A critical vulnerability affecting the American Megatrends Inc. (AMI) MegaRAC SPx firmware package for baseboard management controllers (BMCs). Attackers can bypass authentication in the Redfish Host Interface by modifying the X-Server-Addr or Host header in HTTP requests, tricking the BMC into believing requests originate from the host system itself. **Exploitation does not require authentication.**
2025. 07. 03.
......
Page 32 of 55