35 matches found
Cisco Firepower Management Center Input Validation Error Vulnerability (CNVD-2019-40785)
Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. An input validation error vulnerability exists in the file and malware inspection feature in Cisco Firepower Management Center FMC, which arises from the program failing to adequately...
CVE-2019-12701
A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software...
CVE-2019-12701
A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software...
Design/Logic Flaw
A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software...
Cisco Firepower Management Center Software File and Malware Policy Bypass Vulnerability
A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software...
PT-2019-3817 · Cisco · Cisco Firepower Management Center
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue exists due to insufficient validation of incoming traffic, allowing a remote attacker to bypass file and malware inspection policies by...
MIG - Distributed And Real Time Digital Forensics At The Speed Of The Cloud
MIG is Mozilla's platform for investigative surgery of remote endpoints. Quick Start w/ Docker You can spin up a local-only MIG setup using docker. The container is not suitable for production use but lets you experiment with MIG quickly, providing a single container environment that has most of...
Web Shell Detector - PHP Script That Helps You Find And Identify PHP / CGI (Perl) / ASP / ASPX Shells
Web Shell Detector is a php script that helps you find and identify php/cgiperl/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and...
لاسلكي الشرطة - Dynamic Code Loading, External URLs, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application لاسلكي الشرطة published at the 'play' market has multiple vulnerabilities...
SA-CONTRIB-2009-001 - Project release - Multiple vulnerabilities
Exploitable from: Remote Vulnerabilities: Arbitrary file upload, Cross-site scripting XSS The Project release module is a component within the broader Project module. This announcement covers the following two issues: 1. Project release enables file attachments to create a specific version of cod...
SA-2007-026 - Drupal Core - Cross site scripting via uploads
The allowed extension list of the core Upload module contains the extension HTML by default. Such files can be used to execute arbitrary script code in the context of the affected site when a user views the file. Revoking upload permissions or removing the .html extension from the allowed extensi...
OS Identification : Linux Distribution
This plugin attempts to identify the operating system type and version by looking at certain files on the remote operating system e.g., '/etc/redhat-release' on Red Hat. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid25335;...
Design/Logic Flaw
Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption...
Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos AntiVirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the unpacking of Microsoft Cabinet files that contain invalid folder count values...
Security Update for Microsoft Word 2013 (KB2863834) 64-Bit Edition
A security vulnerability exists in Microsoft Word 2013 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...