Calamp.com Incorrect Privilege Assignment

There is also a full write up on https://medium.com/@evstykas/remote-smart-car-hacking-with-just-a-phone-2fe7ca682162 Vulnerability Security Advisory ======================================================================= title: Incorrect Privilege Assignment product: lenderoutlook on...

CVE-2016-0040

creationtimestamp| type| source ---|---|--- 2018-05-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44586 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ms16014wmirecvnotif.rb 2020-10-07 09:53:36+00:00|...

ALPINE-CVE-2018-9258

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...

DEBIAN-CVE-2018-9258

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...

SpiderFoot 2.12 - Automates OSINT to find out everything possible about your target

SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources OSINT to gather intelligence on IP addresses, domain names, e-mail addresses, names and more. You simply specify the target you want to investigate, pick which modules to enable and then SpiderFoot will...

CVE-2017-5070

creationtimestamp| type| source ---|---|--- 2017-09-04 17:48:58+00:00| exploited| https://t.me/informationsecuritychannel/8457 2019-09-25 08:28:15+00:00| seen| MISP/5d8b23ae-50d0-4a09-86da-4dc9950d210f 2020-10-09 14:30:50+00:00| seen| MISP/bbad3705-75de-41f7-980c-0e90136909de 2022-06-07...

What makes a good "DNS Blacklist"? - Part 2

In "What makes a good 'DNS Blacklist'? - Part 1", we explored the background and factors that have gone into Akamai's thinking behind New security products like Enterprise Threat Protect ETP. This article continues with a list of factors and questions to ask any DNS Threat Feed providers, includi...

Cacti cross-site scripting vulnerability (CNVD-2017-18620)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in Cacti version 0.8.8b...

UBUNTU-CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

Open Source Intelligence Automation: Spiderfoot

Open Source Intelligence Automation SpiderFoot is an open source footprinting tool, available for Windows and Linux. It is written in Python and provides an easy-to-use GUI. SpiderFoot obtains a wide range of information about a target, such as web servers, netblocks, e-mail addresses and more...

Personalized User Focused Security: Stethoscope

Stethoscope is a web application that collects information from existing device data sources e.g., JAMF or LANDESK on a given user’s devices and gives them clear and specific recommendations for securing their systems. Stethoscope consists of two primary pieces: a Python-based back-end and a...

CVE-2016-7255

creationtimestamp| type| source ---|---|--- 2016-12-20 15:35:19+00:00| seen| MISP/58594faf-e98c-4c03-a58c-43cf95ca48b7 2016-12-30 12:25:23+00:00| seen| https://t.me/canyoupwnme/509 2017-01-10 21:57:16+00:00| published-proof-of-concept| https://t.me/informationsecuritychannel/3172 2017-01-10...

CVE-2016-4171

creationtimestamp| type| source ---|---|--- 2016-06-14 20:49:46+00:00| seen| MISP/57606c78-187c-491e-9486-2dc85b86d7e5 2016-06-14 23:09:57+00:00| exploited| https://t.me/itsecalert/31 2016-06-17 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=81 2019-10-11 07:41:10+00:00|...

Bime: Bime Unable to load Data Sources

The BIME unable to load the datasource, when user has created larger number of data source , and as a result it's throws error poppup and the enduser can't do any thing, the entire PAGE got broken, can't delete any datasources which leads entire BIME functionality broken This is Error Popup Messa...

CVE-2016-0167

creationtimestamp| type| source ---|---|--- 2016-05-11 22:56:59+00:00| exploited| https://t.me/xakepru/224 2017-01-07 13:55:47+00:00| seen| MISP/5870f2f5-5744-4ded-a6f5-469c950d210f 2020-10-07 09:53:36+00:00| seen| MISP/a40c9aed-cf24-43e6-859b-e00435209aa0 2020-10-09 13:19:59+00:00| seen|...

Security Intelligence Collector: Machinae

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater , another excellent tool for collecting information. The Machinae...

SpiderFoot v2.6.1 - Open Source Intelligence Automation

SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...

FreeBSD : cacti -- Multiple XSS and SQL injection vulnerabilities (0bfda05f-2e6f-11e5-a4a5-002590263bf5)

The Cacti Group, Inc. reports : Important Security Fixes - Multiple XSS and SQL injection vulnerabilities - CVE-2015-4634 - SQL injection in graphs.php Changelog - bug: Fixed various SQL Injection vectors - bug0002574: SQL Injection Vulnerabilities in graph items and graph template items -...

CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

DEBIAN-CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...