7669 matches found
CVE-2016-3031
Consolidated findings for CVE-2016-3031: IBM Cognos Analytics 11.0.x is affected by a cross-site scripting (XSS) vulnerability in the Web UI that can allow an attacker to inject arbitrary JavaScript and potentially disclose credentials within a trusted session. The IBM bulletins cite affected ver...
CVE-2016-3031
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference : 1998887...
IBM Cognos Analytics Cross-Site Scripting Vulnerability
IBM Cognos Analytics formerly known as Cognos BI is a suite of business intelligence software from the American company IBM. The software includes reports, dashboards and scorecards, and can assist companies in adjusting their decisions by analyzing key factors and key stakeholders. A cross-site...
IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2017-05154)
IBM Cognos Analytics formerly known as Cognos BI is a suite of business intelligence software from the American company IBM. The software includes reports, dashboards and scorecards, and can assist companies in adjusting their decisions by analyzing key factors and key stakeholders. A cross-site...
Rapid7: Supporting the Community at BSides Boston
One of the things I love about working at Rapid7 is how deeply this company embodies the concept of giving back to the Security Community. Whether it be discussing research on adversary analytics, attack methods for breaking out of sandboxes, or simply breaking into the industry - Rapid7 encourag...
Advanced Threat Analytics プレイブックを使って攻撃をシミュレーションし検出する方法
本記事は、Microsoft Advanced Threat Analytics Team のブログ “How to simulate and detect attacks with the Advanced Threat Analytics Playbook” 2017 年 2 月 23...
Legal Robot: Token leakage by referrer
A security researcher discovered that password reset tokens were leaked to Intercom which provides our support chat interface and Google Analytics. While the time between a user clicking on a password reset link and actually resetting the password is typically quite low, there was still some risk...
Maximarkets Analytics - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Maximarkets Analytics published at the 'play' market has multiple vulnerabilities...
WP SlimStat <= 3.5.5 - Overview URI Stored XSS
The Slimstat Analytics WordPress plugin was affected by an Overview URI Stored XSS security vulnerability...
WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...
WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...
WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...
SA144 : OpenSSH Vulnerabilities January 2017
SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker with access to an SSH server can exploit these vulnerabilities to execute arbitrary code on an SSH client. A local attacker can also exploit these vulnerabilities to obtain...
WordPress Google Analytics Dashboard Plugin Cross-Site Scripting Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress Google Analytics Dashboard plugin, which allows attackers to fra...
Multiple F5 BIG-IP Products Privilege Enhancement Vulnerability
F5 BIG-IP Analytics and others are products of F5 Corporation in the U.S. F5 BIG-IP Analytics is a suite of Web application performance analytics software. the APM is a suite of solutions that provide secure and unified access to business-critical applications and networks. and the LTM is a local...
Denial of Service Vulnerability in Multiple F5 BIG-IP Products (CNVD-2017-02730)
F 5BIG-IP Analytics and others are products of F5 Corporation in the U.S. F5 BIG-IP Analytics is a suite of Web application performance analytics software. the APM is a suite of solutions that provide secure and unified access to business-critical applications and networks. and the LTM is a local...
Google Analytics Dashboard - Authenticated Cross-Site Scripting (XSS)
The google-analytics-dashboard WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...
CVE-2017-5682
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...
Code injection
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...
Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.
Summary: Intel PSET Application Install wrapper contains an escalation of privilege vulnerability. Description: Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer a...