174 matches found
CVE-2017-14012
Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...
CVE-2017-14014
Summary of CVE-2017-14014 : The Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI before it is transferred to removable media. This creates a vulnerability (CWE-321: Use of Hard-coded Cryptographic Key) with CVSS3 base score 4.6 (vector AV:P/AC:L/PR...
secure.pqarchiver.com XSS vulnerability
Open Bug Bounty ID: OBB-607338 Description| Value ---|--- Affected Website:| secure.pqarchiver.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
VIDEO: Carbon Black Hackathon Competition Features MBTA Charlie Tracker
The Carbon Black R&D team just finished its third quarterly “hackathon” – a block of free time completely dedicated to collaboration and innovation. Projects can be anything a submitting team desires and submission do not need to be related to a product or even Carbon Black itself. The main purpo...
February 9, 2018 – Morning Cyber Coffee Headlines – “Opening Ceremony” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! February 9, 2018 - Headlines Carbon Black in the News: 10 Questions Today’s CEO...
api-jobsearch.livecareer.com XSS vulnerability
Open Bug Bounty ID: OBB-385767 Description| Value ---|--- Affected Website:| api-jobsearch.livecareer.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
#CbChats: 3 Questions with Carbon Black’s Chief People Officer Amy Robinson
Amy Robinson is Carbon Black's Chief People Officer. She is also taking over Boston tech, according to Rev3, a list comprising the top 20 female tech executives in Boston. Amy is the third Carbon Black honoree on the Rev Boston list. Both Di Hall and Sandra O' Sullivan were named to the list in...
boston-theater.com XSS vulnerability
Open Bug Bounty ID: OBB-360974 Description| Value ---|--- Affected Website:| boston-theater.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
Boston Scientific ZOOM LATITUDE PRM Hardcoded Encryption Vulnerability
The ZOOM LATITUDE PRMs are a suite of Boston Scientific's portable cardiac rhythm management systems for communicating with implantable pacemakers and defibrillators, deployed in healthcare and public health. The Boston Scientific ZOOM LATITUDE PRMs have a hard-coded encryption vulnerability that...
Boston Scientific ZOOM LATITUDE PRM Error Encryption Vulnerability
The ZOOM LATITUDE PRMs are a suite of Boston Scientific's portable cardiac rhythm management systems for communicating with implantable pacemakers and defibrillators, deployed in healthcare and public health. A false encryption vulnerability exists in the Boston Scientific ZOOM LATITUDE PRMs, whi...
ICSMA-17-292-01_Boston Scientific ZOOM LATITUDE PRM Vulnerabilities
OVERVIEW Researchers Jonathan Butts and Billy Rios of Whitescope have identified two vulnerabilities in Boston Scientific’s ZOOM LATITUDE Programmer/Recorder/Monitor PRM – Model 3120. Boston Scientific has provided compensating controls to reduce the risk of exploitation. AFFECTED PRODUCTS The...
On SOURCE Boston, DoublePulsar, and HipChat
Mike Mimoso and Chris Brook recap this year’s SOURCE Boston Conference and discuss the week in news, including the long term implications of the NSA’s DoublePulsar exploit, and the HipChat breach. Download: ThreatpostNewsWrapApril282017.mp3...
Rapid7: Supporting the Community at BSides Boston
One of the things I love about working at Rapid7 is how deeply this company embodies the concept of giving back to the Security Community. Whether it be discussing research on adversary analytics, attack methods for breaking out of sandboxes, or simply breaking into the industry - Rapid7 encourag...
bostonschoolshub.org XSS vulnerability
Vulnerable URL: http://bostonschoolshub.org/search.php?n=%22%3E%3C/title%3E%27%3E;%3C/script%3E%3Csvg/onload=alert/OPENBUGBOUNTY/%3E=all Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VI...
jobs.bostonscientific.com XSS vulnerability
Vulnerable URL: https://jobs.bostonscientific.com/apply/talentcommunity/subscribe/?slp=/talentcommunity/profile/%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 18.08.2016 Latest check for patch:| 18.08.2016 11:05 GMT Vulnerability type:| XSS...
web.bostonchamber.com XSS vulnerability
Vulnerable URL: http://web.bostonchamber.com/cwt/external/wcpages/wcdirectory/directory.aspx?listingid=99=2N6C9K2N=uweb=data:text/html;base64,PHNjcmlwdD5hbGVydCgvWFNTUE9TRUQvKTwvc2NyaXB0Pg== Details: Description| Value ---|--- Patched:| Yes, at 26.01.2016 Latest check for patch:| 26.01.2016 03:42...
ir.bostonprivate.com Open Redirect vulnerability
Vulnerable URL: http://ir.bostonprivate.com/PDFPageView.aspx?iid=100758=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 16.03.2016 Latest check for patch:| 16.03.2016 04:25 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank|...
cosmeticsurgeonboston.com XSS vulnerability
Vulnerable URL: http://www.cosmeticsurgeonboston.com/core/index.cfm?Message=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3933983...
web.bostonchamber.com vulnerability
Vulnerable URL: http://web.bostonchamber.com/external/wcpages3/wcdirectory/directory.aspx?listingid=1929=289Q180G7C=uweb=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 21.12.2015 Latest check for patch:| 21.12.2015 16:07 GMT Vulnerability status:| Publicly disclos...
Important: Red Hat Security Advisory: ntp security update
Updated ntp packages that fix one security issue are now available for Red Hat Enterprise Linux 6.5 and 6.6 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...