Lucene search
K

7672 matches found

Cvelist
Cvelist
added 2015/01/21 11:0 a.m.21 views

CVE-2014-6172

IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to obtain sensitive analytics information in an encrypted form via unspecified vectors...

6AI score0.02072EPSS
Exploits0References4
CVE
CVE
added 2014/12/10 12:0 a.m.461 views

CVE-2014-8730

CVE-2014-8730 is listed in Brocade ASCG advisories as addressed by security updates; the connected document shows this CVE mapped to general remote services and notes fixes are provided via ASCG updates (e.g., 3.3.0/3.3.0a). The initial description describes a POODLE-style padding issue in SSL/TL...

4.3CVSS4.5AI score0.1372EPSS
Exploits0References14Affected Software1
Drupal
Drupal
added 2014/12/10 12:0 a.m.20 views

SA-CONTRIB-2014-120 - Piwik Web Analytics - Information disclosure

This module enables you to integrate Drupal with Piwik Web Analytics. The module leaks the site specific hash salt to authenticated users when user-id tracking is turned on. This vulnerability is mitigated by the fact that user-id tracking must be turned on and the attacker needs to have an accou...

6.9AI score
Exploits0References11
Drupal
Drupal
added 2014/12/10 12:0 a.m.14 views

SA-CONTRIB-2014-119 - Google Analytics - Information disclosure

This module enables you to integrate Drupal with Google Analytics. The module leaks the site specific hash salt to authenticated users when user-id tracking is turned on. This vulnerability is mitigated by the fact that user-id tracking must be turned on and the attacker needs to have an account ...

6.9AI score
Exploits0References11
ThreatPost
ThreatPost
added 2014/12/03 8:22 a.m.8 views

Avoiding Data Breaches: Context Aware Behavioral Analytics

RESTON, VA – Security, it turns out, is all about layers, where if one layer fails, there are secondary and tertiary and a long line of backup defenses. This is neither new nor revolutionary. It’s why castles had moats, drawbridges and parapets; it’s also why prisons have cells, walls and gates...

7.1AI score
Exploits0References3
NVD
NVD
added 2014/12/02 4:59 p.m.16 views

CVE-2014-9174

Cross-site scripting XSS vulnerability in the Google Analytics by Yoast google-analytics-for-wordpress plugin before 5.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Manually enter your UA code" manualuacodefield field in the General Settings...

4.3CVSS5.8AI score0.01959EPSS
Exploits0References5
Prion
Prion
added 2014/12/02 4:59 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Google Analytics by Yoast google-analytics-for-wordpress plugin before 5.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Manually enter your UA code" manualuacodefield field in the General Settings...

4.3CVSS6.2AI score0.01959EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/12/02 4:0 p.m.49 views

CVE-2014-9174

The CVE-2014-9174 entry corresponds to a Cross-site scripting (XSS) vulnerability in the WordPress plugin Google Analytics by Yoast (google-analytics-for-wordpress) prior to version 5.1.3. The issue arises from unsafely handling the value entered in the General Settings field “Manually enter your...

4.3CVSS5.9AI score0.01959EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/12/02 4:0 p.m.21 views

CVE-2014-9174

Cross-site scripting XSS vulnerability in the Google Analytics by Yoast google-analytics-for-wordpress plugin before 5.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Manually enter your UA code" manualuacodefield field in the General Settings...

5.7AI score0.01959EPSS
Exploits0References5
Patchstack
Patchstack
added 2014/12/02 12:0 a.m.21 views

WordPress Google Analytics Plugin <= 5.1.2 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "Manually enter your UA code" field in the General Settings. Solution Update the plugin...

4.3CVSS2.6AI score0.01959EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2014/11/30 12:0 a.m.43 views

Open Web Analytics 1.5.6 PHP Object Injection Vulnerability

Exploit for php platform in category web applications Open Web Analytics setSetting'base', 'isremoteeventqueue', true; $owa-e-debug$POST; $rawevent = owacoreAPI::getRequestParam'event'; if $rawevent $dispatch = owacoreAPI::getEventDispatch; $event = unserialize base64decode $rawevent ;...

9.2AI score0.02808EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2014/11/26 11:44 a.m.22 views

Google Analytics by Yoast <= 5.1.2 Cross-Site Scripting (XSS)

The value of the input field "manualuacodefield" Analytics Settings is saved without any validation. Malicious JavaScript code can be injected. Screenshots: http://imgur.com/4TA6sSe,DFUlAy51 http://imgur.com/4TA6sSe,DFUlAy50...

4.3CVSS0.1AI score0.01959EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2014/11/17 4:3 p.m.12 views

Open Source OpenSOC Security Analytics Framework Released

Cisco announced today that it has made available through open source a framework that integrates data analytics tools into security operations. “The OpenSOC framework helps organizations make big data part of their technical security strategy by providing a platform for the application of anomaly...

0.3AI score
Exploits0References1
CVE
CVE
added 2014/11/01 11:0 p.m.63 views

CVE-2014-6032

CVE-2014-6032 describes multiple XXE flaws in the Configuration utility of F5 BIG-IP products (LTM, ASM, GTM, Link Controller, AAM, ARM, Analytics, APM/Edge Gateway, PEM, PSM, WOM, Enterprise Manager) affecting versions ranging from 10.0.0 through 10.2.4 and 11.0.0 through 11.6.0 (and related hot...

5.5CVSS6.7AI score0.02896EPSS
Exploits2References12Affected Software1
Prion
Prion
added 2014/10/26 8:55 p.m.28 views

Code injection

F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value...

7.5CVSS7.5AI score0.02043EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/10/26 8:0 p.m.28 views

CVE-2013-7408

F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value...

7AI score0.02043EPSS
Exploits1References2
CVE
CVE
added 2014/10/26 8:0 p.m.42 views

CVE-2013-7408

Summary of CVE-2013-7408 (F5 BIG-IP Analytics): 11.x before 11.4.0 uses a predictable analytics session cookie, allowing remote attackers to guess the cookie value with unspecified impact. The vulnerability affects BIG-IP Analytics across multiple sources, with evidence in Red Hat and F5 advisory...

7.5CVSS7.2AI score0.02043EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/10/13 12:0 a.m.31 views

TIBCO Spotfire Analytics Server Authentication Module Unspecified Information Disclosure

The remote host is running a version of TIBCO Spotfire Analytics Server that is affected by an information disclosure vulnerability due to an unspecified flaw in the Authentication Module. A remote attacker can exploit this vulnerability to access sensitive information by sending a specially...

5CVSS5.6AI score0.01667EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/10/13 12:0 a.m.41 views

TIBCO Spotfire Analytics Server Web Application Multiple Vulnerabilities

The remote host is running a version of TIBCO Spotfire Analytics Server that is affected by multiple vulnerabilities : - A cross-site scripting vulnerability exists that allows a remote attacker to view or modify sensitive information. CVE-2011-3132 - A session fixation vulnerability exists that...

7.5CVSS5.4AI score0.02201EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.41 views

F5 Networks BIG-IP : iControl vulnerability (K15220)

The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 11.0.0 through 11.3.0, Enterprise Manager...

7.1CVSS5.9AI score0.3905EPSS
Exploits8References2
Rows per page
Query Builder