388 matches found
What makes a good "DNS Blacklist"? - Part 2
In "What makes a good 'DNS Blacklist'? - Part 1", we explored the background and factors that have gone into Akamai's thinking behind New security products like Enterprise Threat Protect ETP. This article continues with a list of factors and questions to ask any DNS Threat Feed providers, includi...
Cacti cross-site scripting vulnerability (CNVD-2017-18620)
Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in Cacti version 0.8.8b...
UBUNTU-CVE-2017-1000032
Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...
Open Source Intelligence Automation: Spiderfoot
Open Source Intelligence Automation SpiderFoot is an open source footprinting tool, available for Windows and Linux. It is written in Python and provides an easy-to-use GUI. SpiderFoot obtains a wide range of information about a target, such as web servers, netblocks, e-mail addresses and more...
Personalized User Focused Security: Stethoscope
Stethoscope is a web application that collects information from existing device data sources e.g., JAMF or LANDESK on a given user’s devices and gives them clear and specific recommendations for securing their systems. Stethoscope consists of two primary pieces: a Python-based back-end and a...
CVE-2016-7255
creationtimestamp| type| source ---|---|--- 2016-12-20 15:35:19+00:00| seen| MISP/58594faf-e98c-4c03-a58c-43cf95ca48b7 2016-12-30 12:25:23+00:00| seen| https://t.me/canyoupwnme/509 2017-01-10 21:57:16+00:00| published-proof-of-concept| https://t.me/informationsecuritychannel/3172 2017-01-10...
CVE-2016-4171
creationtimestamp| type| source ---|---|--- 2016-06-14 20:49:46+00:00| seen| MISP/57606c78-187c-491e-9486-2dc85b86d7e5 2016-06-14 23:09:57+00:00| exploited| https://t.me/itsecalert/31 2016-06-17 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=81 2019-10-11 07:41:10+00:00|...
Bime: Bime Unable to load Data Sources
The BIME unable to load the datasource, when user has created larger number of data source , and as a result it's throws error poppup and the enduser can't do any thing, the entire PAGE got broken, can't delete any datasources which leads entire BIME functionality broken This is Error Popup Messa...
CVE-2016-0167
creationtimestamp| type| source ---|---|--- 2016-05-11 22:56:59+00:00| exploited| https://t.me/xakepru/224 2017-01-07 13:55:47+00:00| seen| MISP/5870f2f5-5744-4ded-a6f5-469c950d210f 2020-10-07 09:53:36+00:00| seen| MISP/a40c9aed-cf24-43e6-859b-e00435209aa0 2020-10-09 13:19:59+00:00| seen|...
Security Intelligence Collector: Machinae
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater , another excellent tool for collecting information. The Machinae...
SpiderFoot v2.6.1 - Open Source Intelligence Automation
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...
FreeBSD : cacti -- Multiple XSS and SQL injection vulnerabilities (0bfda05f-2e6f-11e5-a4a5-002590263bf5)
The Cacti Group, Inc. reports : Important Security Fixes - Multiple XSS and SQL injection vulnerabilities - CVE-2015-4634 - SQL injection in graphs.php Changelog - bug: Fixed various SQL Injection vectors - bug0002574: SQL Injection Vulnerabilities in graph items and graph template items -...
CVE-2014-5025
Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...
DEBIAN-CVE-2014-5025
Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...
Cross site scripting
Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...
CVE-2014-5025
Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...
UBUNTU-CVE-2014-5025
Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...
MS VM 2000/3000/3100/3188/3200/3300/3802/3805 series JDBC Class Code Execution
No description provided by source. source: http://www.securityfocus.com/bid/5751/info Java Database Connectivity JDBC classes are used by the Virtual Machine to provide connectivity to various data sources. It is possible to spoof a JDBC class request to make it appear as though it came from an...
MS14-025: Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486)
The remote Windows host is potentially affected by a vulnerability in the way that Active Directory distributes passwords that are configured using Group Policy preferences. This could allow a remote attacker to retrieve and decrypt passwords stored with Group Policy preferences. The following...
Microsoft Excel REPT Function Integer Overflow (MS08-057) - Ver2 (CVE-2008-4019)
Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formula, and various data sources. The common extension used for Microsoft Excel documents is .xls, .xlsx a...