5 Red Flags That Tell You Vendors Are Lying About AI

This is the original version of this article: The term Artificial Intelligence has become a buzzword that people use in sales pitches all the time. You will hear about it in the latest ad copy for new gadgets and programs. It also happens to be the most important tool in the cyber security field...

XML External Entity Injection And Information Disclosure

Falcon is vulnerable to XML external entity injection and information disclosure. It is possible to inject an external entity during XML entity parsing, and leak the location of the credential files in log messages during the data source entity parsing...

Director Error "Cannot retrieve data. Data source unresponsive or reported an error".

The following error is seen in the event viewer of the Director server: Log Name: Application Source: Citrix Director Service Date: 1/20/2017 11:05:33 AM Event ID: 5 Task Category: None Level: Error Keywords: Classic User: N/A Computer: CtxDirector.RepLab.Local Description: The description for...

[SECURITY] Fedora 25 Update: mojarra-2.2.13-1.fc25

JvaServerTM Faces technology simplifies building user interfaces for JavaServer applications. Developers of various skill levels can quickly bui ld web applications by: assembling reusable UI components in a page; connecting these components to an application data source; and wiring...

Ubiquiti Inc.: JetBrains .idea project directory

Vulnerability description The .idea directory contains a set of configuration files .xml for your project. These configuration files contain information core to the project itself, such as names and locations of its component modules, compiler settings, etc. If you've defined a data source the fi...

The vulnerability of the Firefox ESR browser, which allows a hacker to read data from uninitialized memory areas

The vulnerability of the YCbCrImageDataDeserializer::ToDataSourceSurface function in Firefox ESR browsers is related to code errors. Exploiting this vulnerability may allow an attacker to read data from uninitialized memory areas remotely...

CVE-2015-0002

creationtimestamp| type| source ---|---|--- 2015-01-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35661 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ntapphelpcachecontrol.rb 2025-02-06 03:13:42+00:00...

DEBIAN-CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

DEBIAN-CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

UBUNTU-CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

Stack overflow

Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file...

SAP Crystal Reports Datasource Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...

CSWorks Software Framework SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CSWorks. Authentication is not required to exploit this vulnerability. The specific flaw exists within the data source templating. CSWorks does not properly sanitize or validate the data used to...

Hosting Controller 1.x DSNManager Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4759/info Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems. The DSNManager script does not sufficiently filter...

CVE-2013-6221

creationtimestamp| type| source ---|---|--- 2014-06-27 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33891 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hpautopasslicensetraversal.rb 2025-02-06...

CVE-2014-3914

creationtimestamp| type| source ---|---|--- 2014-06-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33807 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/rocketservergraphfilerequestorrce.rb 2025-02-06...