Lucene search
+L

388 matches found

Akamai Blog
Akamai Blog
added 2017/08/23 6:43 p.m.631 views

What makes a good "DNS Blacklist"? - Part 2

In "What makes a good 'DNS Blacklist'? - Part 1", we explored the background and factors that have gone into Akamai's thinking behind New security products like Enterprise Threat Protect ETP. This article continues with a list of factors and questions to ask any DNS Threat Feed providers, includi...

6.6AI score
Exploits0
CNVD
CNVD
added 2017/07/28 12:0 a.m.5 views

Cacti cross-site scripting vulnerability (CNVD-2017-18620)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in Cacti version 0.8.8b...

6.1CVSS6.3AI score0.00887EPSS
Exploits0References1
OSV
OSV
added 2017/07/17 1:18 p.m.6 views

UBUNTU-CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

6.1CVSS6.9AI score0.00887EPSS
Exploits0References3
n0where
n0where
added 2017/06/02 4:15 a.m.71 views

Open Source Intelligence Automation: Spiderfoot

Open Source Intelligence Automation SpiderFoot is an open source footprinting tool, available for Windows and Linux. It is written in Python and provides an easy-to-use GUI. SpiderFoot obtains a wide range of information about a target, such as web servers, netblocks, e-mail addresses and more...

0.1AI score
Exploits0
n0where
n0where
added 2017/03/20 7:39 a.m.23 views

Personalized User Focused Security: Stethoscope

Stethoscope is a web application that collects information from existing device data sources e.g., JAMF or LANDESK on a given user’s devices and gives them clear and specific recommendations for securing their systems. Stethoscope consists of two primary pieces: a Python-based back-end and a...

Exploits0References1
Circl
Circl
added 2016/12/20 3:35 p.m.6 views

CVE-2016-7255

creationtimestamp| type| source ---|---|--- 2016-12-20 15:35:19+00:00| seen| MISP/58594faf-e98c-4c03-a58c-43cf95ca48b7 2016-12-30 12:25:23+00:00| seen| https://t.me/canyoupwnme/509 2017-01-10 21:57:16+00:00| published-proof-of-concept| https://t.me/informationsecuritychannel/3172 2017-01-10...

7.8CVSS7AI score0.80968EPSS
Exploits24References9
Circl
Circl
added 2016/06/14 8:49 p.m.13 views

CVE-2016-4171

creationtimestamp| type| source ---|---|--- 2016-06-14 20:49:46+00:00| seen| MISP/57606c78-187c-491e-9486-2dc85b86d7e5 2016-06-14 23:09:57+00:00| exploited| https://t.me/itsecalert/31 2016-06-17 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=81 2019-10-11 07:41:10+00:00|...

10CVSS7.5AI score0.19903EPSS
Exploits0References7
Hacker One
Hacker One
added 2016/05/28 12:8 p.m.23 views

Bime: Bime Unable to load Data Sources

The BIME unable to load the datasource, when user has created larger number of data source , and as a result it's throws error poppup and the enduser can't do any thing, the entire PAGE got broken, can't delete any datasources which leads entire BIME functionality broken This is Error Popup Messa...

7.2AI score
Exploits0
Circl
Circl
added 2016/05/11 10:56 p.m.32 views

CVE-2016-0167

creationtimestamp| type| source ---|---|--- 2016-05-11 22:56:59+00:00| exploited| https://t.me/xakepru/224 2017-01-07 13:55:47+00:00| seen| MISP/5870f2f5-5744-4ded-a6f5-469c950d210f 2020-10-07 09:53:36+00:00| seen| MISP/a40c9aed-cf24-43e6-859b-e00435209aa0 2020-10-09 13:19:59+00:00| seen|...

7.8CVSS7.2AI score0.05729EPSS
Exploits0References7
n0where
n0where
added 2016/03/08 6:8 p.m.19 views

Security Intelligence Collector: Machinae

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater , another excellent tool for collecting information. The Machinae...

Exploits0References2
Kitploit
Kitploit
added 2015/12/03 9:35 p.m.28 views

SpiderFoot v2.6.1 - Open Source Intelligence Automation

SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/21 12:0 a.m.34 views

FreeBSD : cacti -- Multiple XSS and SQL injection vulnerabilities (0bfda05f-2e6f-11e5-a4a5-002590263bf5)

The Cacti Group, Inc. reports : Important Security Fixes - Multiple XSS and SQL injection vulnerabilities - CVE-2015-4634 - SQL injection in graphs.php Changelog - bug: Fixed various SQL Injection vectors - bug0002574: SQL Injection Vulnerabilities in graph items and graph template items -...

7.5CVSS8.2AI score0.02178EPSS
Exploits1References5
OSV
OSV
added 2014/10/20 5:55 p.m.8 views

CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

6.8AI score
Exploits0References12
OSV
OSV
added 2014/10/20 5:55 p.m.4 views

DEBIAN-CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

3.5CVSS5.9AI score0.01778EPSS
Exploits1References1
Prion
Prion
added 2014/10/20 5:55 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

3.5CVSS5.6AI score0.01778EPSS
Exploits1References7Affected Software3
UbuntuCve
UbuntuCve
added 2014/10/20 5:55 p.m.36 views

CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

3.5CVSS7.2AI score0.01778EPSS
Exploits1References2
OSV
OSV
added 2014/10/20 5:55 p.m.5 views

UBUNTU-CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

3.5CVSS7.4AI score0.01778EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

MS VM 2000/3000/3100/3188/3200/3300/3802/3805 series JDBC Class Code Execution

No description provided by source. source: http://www.securityfocus.com/bid/5751/info Java Database Connectivity JDBC classes are used by the Virtual Machine to provide connectivity to various data sources. It is possible to spoof a JDBC class request to make it appear as though it came from an...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/14 12:0 a.m.358 views

MS14-025: Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486)

The remote Windows host is potentially affected by a vulnerability in the way that Active Directory distributes passwords that are configured using Group Policy preferences. This could allow a remote attacker to retrieve and decrypt passwords stored with Group Policy preferences. The following...

9CVSS8.2AI score0.65117EPSS
Exploits3References2
Check Point Advisories
Check Point Advisories
added 2014/04/16 12:0 a.m.45 views

Microsoft Excel REPT Function Integer Overflow (MS08-057) - Ver2 (CVE-2008-4019)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formula, and various data sources. The common extension used for Microsoft Excel documents is .xls, .xlsx a...

9.3CVSS7.5AI score0.34415EPSS
Exploits5
Rows per page
Query Builder