Aggregator

Deal Brings Third-Party Data Ingestion, Risk Prioritization, Automated Workflows
Tenable has acquired Vulcan Cyber to bolster its exposure management strategy, integrating third-party asset data, AI-powered risk prioritization, and automated remediation workflows into Tenable One. The $150 million purchase aims to provide enterprises with a unified risk management platform.

Data Storage in China Sparks Privacy Concerns
Italian data regulator Garante launched an inquiry into data storage and processing practices of Chinese generative AI model DeepSeek following the Friday public debut of its R1 reasoning model. The DeepSeek app is no longer available in the Apple and Google app stores in Italy.

CEO Satya Nadella Highlights DeepSeek-R1 Model, AI Cost Reductions, Future Growth
Microsoft CEO Satya Nadella said AI scaling laws, compounded by Moore’s Law, are accelerating efficiency gains, with a 10x improvement per model generation. He revealed Microsoft’s strategy for optimizing AI costs and highlights DeepSeek-R1’s availability on Azure AI Foundry and GitHub.

A CVSS score 5.5 AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Alain Rodel, Daniel Kilimnik, Kolja Grassmann (Neodyme AG)' was reported to the affected vendor on: 2025-01-30, 5 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2025-01-30, 34 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.3 AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Alain Rodel, Daniel Kilimnik, Kolja Grassmann (Neodyme AG)' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'anonymous' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Aliakbar Zahravi' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Nikolai Skliarenko and Alex Williams of Trend Micro Security Research' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Micky Thongam - HackSys Inc' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Alex Williams of Trend Micro Security Research' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.8 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by '@ByteInsight' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.3 AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Mikhail Evdokimov (@konatabrk) from PCAutomotive' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.3 AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Mikhail Evdokimov (@konatabrk) from PCAutomotive' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.5 AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mikhail Evdokimov (@konatabrk) from PCAutomotive' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ISC（Internet Systems Consortium）が提供するISC BINDには、複数の脆弱性が存在します。

A vulnerability, which was classified as problematic, has been found in F5 NGINX Open Source and NGINX Plus. This issue affects some unknown processing of the component ngx_http_mp4_module. The manipulation leads to buffer over-read. The identification of this vulnerability is CVE-2024-7347. It is possible to launch the attack on the local host. There is no exploit available.