Lucene search
+L

3922 matches found

Cisco
Cisco
added 2014/07/28 8:9 p.m.25 views

Cisco Prime Data Center Network Manager Cross-Site Scripting Vulnerability

A vulnerability in the web server hosting the Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting XSS attack against the user of the web interface. The issue is due to insufficient input validation of parameters by the web...

4.3CVSS5.5AI score0.0217EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2014/07/17 1:26 p.m.6 views

Apple Implements Email Encryption For iCloud

Apple quietly began encrypting virtually all of the email flowing in and out of its servers for its iCloud.com, mac.com and me.com domains, a move that throws up an important roadblock for attackers and others attempting to snoop on those transmissions. The change from Apple comes as security...

1.2AI score
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Cisco Prime Data Center Network Manager - Arbitrary File Upload

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2014/06/06 12:16 p.m.27 views

WordPress to Deploy SSL on All its Sites by End of 2014

The movement by technology companies to encrypt their respective corners of the Internet continues to gain steam as more and more are enabling SSL and other encryption technologies such as Perfect Forward Secrecy to ward off surveillance and enhance the privacy and security of user data. WordPres...

7.5AI score
Exploits0References6
The Coalfire Blog
The Coalfire Blog
added 2014/05/07 2:38 p.m.19 views

Target Kill Chain Analysis

Last week, I talked with Wall Street Journal reporter Ben DiPietro about the persistent communications gap between the data center and the board room when it comes to recognizing and tackling security threats: In almost every breach situation after his company completes a forensic analysis, Mr...

1.1AI score
Exploits0
Symantec
Symantec
added 2014/05/02 8:0 a.m.36 views

Symantec Critical System Protection for Windows Default Policy Bypass

SUMMARY Symantec Critical System Protection SCSP, Windows version, default policy settings can be susceptible to policy bypass when installed on an out-of-the-box unpatched windows server. While this is not in any way a normal installation, it could permit unauthorized access to information store...

7.6CVSS0.1AI score0.02354EPSS
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2014/04/04 3:41 p.m.152 views

IE 12 to Support HSTS Encryption Protocol

Microsoft confirmed today it will support HTTPS Strict Transport Protocol HSTS in Internet Explorer 12, bringing its browser in line with other major vendors in its support of the protocol. Browsers supporting HSTS force any sessions sent over HTTP to be sent instead over HTTPS, encrypting...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References4
RedHat Linux
RedHat Linux
added 2014/04/03 8:18 p.m.29 views

Moderate: Red Hat Security Advisory: openstack-swift security update

Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

4.3CVSS5.8AI score0.01895EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2014/04/03 10:26 a.m.7 views

Yahoo Encrypts Data Center Communication Links

Yahoo certainly has taken its share of knocks during the past nine months of surveillance revelations and Snowden leaks for its encryption shortcomings. But the bruises are healing and the company is slowly working its way back into good graces. After months of being an encryption laggard, Yahoo...

7AI score
Exploits0References5
seebug.org
seebug.org
added 2014/03/14 12:0 a.m.47 views

Cisco Intelligent Automation for Cloud多个信息泄露漏洞(CVE-2014-0694)

BUGTRAQ ID: 66167 CVECAN ID: CVE-2014-0694 Cisco Intelligent Automation for Cloud是针对云计算和数据中心自动化推出的自助服务配置和协作软件解决方案。 Cisco Intelligent Automation for Cloud在实现上存在多个信息泄露漏洞,攻击者可利用这些漏洞获取敏感信息。 0 Cisco Intelligent Automation for Cloud 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

5CVSS6.5AI score0.01173EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/03/13 12:0 a.m.15 views

Cisco Prime Data Center Network Manager DownloadServlet Information Disclosure (CVE-2013-5487)

An information disclosure vulnerability exists in Cisco Prime Data Center Network Manager. The vulnerability is due to lack of authentication and insufficient input validation in DownloadServlet when processing HTTP requests. A remote unauthenticated attacker can download arbitrary files from...

1.6AI score0.02133EPSS
Exploits0
seebug.org
seebug.org
added 2014/02/28 12:0 a.m.49 views

Schneider Electric SCADA多个产品异常处理拒绝服务漏洞

CVE ID:CVE-2013-2824 施耐德电气为100多个国家的能源及基础设施、工业、数据中心及网络、楼宇和住宅市场提供整体解决方案。其中多个产品使用的SESU工具用于更新windows PC系统上的软件。 Schneider Electric多个产品服务器存在拒绝服务攻击,允许远程攻击者利用漏洞发送特制的报文,可使进程停止响应,造成拒绝服务攻击。 0 Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40 Schneider Electric Vijeo Citect 7.20 - 7.30SP1...

7.8CVSS6.6AI score0.01786EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/01/06 12:0 a.m.35 views

Cisco Prime Data Center Network Manager processImageSave.jsp Arbitrary File Upload (CVE-2013-5486)

An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager...

2.6AI score0.75962EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2013/12/31 12:0 a.m.63 views

Cisco Prime Data Center Network Manager FileUploadServlet Arbitrary File Upload (CVE-2013-5486; CVE-2019-1620)

An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager. The vulnerability is due to lack of authentication and insufficient input validation in the FileUploadServlet when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to...

10CVSS9.4AI score0.8378EPSS
Exploits11
0day.today
0day.today
added 2013/12/03 12:0 a.m.59 views

Cisco Prime Data Center Network Manager Arbitrary File Upload

This Metasploit module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in processImageSave.jsp, which can be abused through a directory traversal and a null byte injection to upload arbitrary files. The autodeploy JBoss application server feature is...

10CVSS10.1AI score0.75962EPSS
Exploits6
Packet Storm
Packet Storm
added 2013/12/03 12:0 a.m.39 views

Cisco Prime Data Center Network Manager Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Cisco Prime Data Center Network Manager Arbitrary File Upload', 'Description' = %q This module exploits a code execution flaw in Cisc...

10CVSS0.6AI score0.75962EPSS
Exploits6
0day.today
0day.today
added 2013/12/03 12:0 a.m.52 views

Cisco Prime Data Center Network Manager Arbitrary File Upload Vulnerability

Exploit for java platform in category remote exploits require 'msf/core' class Metasploit3 'Cisco Prime Data Center Network Manager Arbitrary File Upload', 'Description' = %q This module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in...

10CVSS9.2AI score0.75962EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/12/03 12:0 a.m.38 views

Cisco Prime Data Center Network Manager - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Cisco Prime Data Center Network Manager Arbitrary File Upload', 'Description' = %q This module exploits a code execution flaw in Cisc...

10CVSS7AI score0.75962EPSS
Exploits6
Metasploit
Metasploit
added 2013/11/30 5:11 a.m.30 views

Cisco Prime Data Center Network Manager Arbitrary File Upload

This module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in processImageSave.jsp, which can be abused through a directory traversal and a null byte injection to upload arbitrary files. The autodeploy JBoss application server feature is used to...

10CVSS8.4AI score0.75962EPSS
Exploits6
Zero Day Initiative
Zero Day Initiative
added 2013/11/24 12:0 a.m.28 views

Cisco Data Center Network Manager processImageSave_jsp Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Data Center Network Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processImageSavejsp servlet which contains an arbitrary file...

10CVSS4.7AI score0.75962EPSS
Exploits6References1
Rows per page
Query Builder