Lucene search
K

694 matches found

n0where
n0where
added 2017/04/20 5:40 p.m.33 views

Mozilla InvestiGator: MIG

Mozilla InvestiGator Mozilla’s real-time digital forensics and investigation platform MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents...

0.1AI score
Exploits0References3
Kitploit
Kitploit
added 2017/04/07 2:30 p.m.96 views

oletools - Tools to analyze MS OLE2 files and MS Office documents, for malware analysis, forensics and debugging

oletools is a package of python tools to analyze Microsoft OLE2 files also called Structured Storage, Compound File Binary Format or Compound Document File Format, such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on the...

7.2AI score
Exploits0References20
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.43 views

Kaseya VSA 6.5.0.0 XSS / Brute Force

https://www.osisecurity.com.au/kaseya-parameter-reflected-xss-enumeration-and-bruteforce-weakness.html Date: 04-Apr-2017 Software: Kaseya Affected version: Kaseya VSA v6.5.0.0. Vulnerability details: 1. The "forgot password" function at https://target/access/logon.asp reveals whether a username i...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.53 views

Tweek!DM Document Management Bypass / SQL Injection

https://www.osisecurity.com.au/tweekdm-document-management-authentication-bypass-sql-injection-vulnerabilities.html Date: 04-Apr-2017 Product: Tweek!DM Document Management Versions affected: Unknown Vulnerabilities: 1 Authentication bypass - the software sends a 301 Location redirect back to the...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.51 views

Kaseya VSA 9.02.00.04 Information Disclosure

https://www.osisecurity.com.au/kaseya-information-disclosure-vulnerability.html Date: 04-Apr-2017 Product: Kaseya VSA Versions affected: 9.02.00.04 Vulnerability: Installations of Kaseya contain the following installation page: https://target/install/kaseya.html When the product is installed, it...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.91 views

Inchoo Facebook Connect Cross Site Scripting

https://www.osisecurity.com.au/inchoo-facebook-connect-extension-for-magento-parameter-xss.html Date: 04-Apr-2017 Product: Inchoo Facebook Connect Magento Plugin Vulnerability: Reflected cross-site scripting. Details: Within ./app/code/community/Inchoo/Facebook/Block/Channel.php return 'isSecure ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/04 12:0 a.m.49 views

LanternCMS Cross Site Scripting / SQL Injection

https://www.osisecurity.com.au/lantern-cms-path-disclosure-sql-injection-reflected-xss.html Date: 04-Apr-2017 Product: LanternCMS Versions affected: Unknown Vulnerabilities: 1 Path disclosure By requesting a site with an invalid intSiteI or numRedirectCount:...

0.2AI score
Exploits0
CNVD
CNVD
added 2017/03/31 12:0 a.m.5 views

IBM QRadar SIEM and QRadar Incident Forensics Cross-Site Request Forgery Vulnerabilities

IBM QRadar SIEM and QRadar Incident Forensics are both products of IBM USA. The former is a suite of solutions that utilize security intelligence to protect assets and information from advanced threats; the latter is a suite of security forensic investigation software. A cross-site request forger...

4.3CVSS8.4AI score0.00348EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/31 12:0 a.m.5 views

IBM QRadar SIEM and QRadar Incident Forensics Cross-Site Scripting Vulnerabilities

IBM QRadar SIEM and QRadar Incident Forensics are both products of IBM USA. The former is a suite of solutions that utilize security intelligence to protect assets and information from advanced threats; the latter is a suite of security forensic investigation software. A cross-site scripting...

5.4CVSS8AI score0.00516EPSS
Exploits0References1
n0where
n0where
added 2017/03/17 6:13 a.m.63 views

Online Malware & URL Analysis: MalSub

Online Malware & URL Analysis malsub is a Python 3.6.x framework that wraps several web services of online malware and URL analysis sites through their RESTful Application Programming Interfaces APIs . It supports submitting files or URLs for analysis, retrieving reports by hash values, domains,...

0.1AI score
Exploits0References1
Kitploit
Kitploit
added 2017/03/16 2:11 p.m.115 views

SSLsplit - transparent SSL/TLS interception

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a...

7.1AI score
Exploits0References1
n0where
n0where
added 2017/03/13 5:19 a.m.36 views

Port Scan Attack Detector: PSAD

Port Scan Attack Detector The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to work with Linux iptables/ip6tables/firewalld firewalling code to detect suspicious traffic such as port scans and sweeps, backdoors, botnet command and control communications, and...

7.9AI score
Exploits0References2
OSV
OSV
added 2017/03/07 5:59 p.m.3 views

CVE-2016-9725

IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing CORS, which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them. IBM Reference : 1999539...

5.3CVSS7.3AI score0.00862EPSS
Exploits0References2
Prion
Prion
added 2017/03/07 5:59 p.m.13 views

Cross site request forgery (csrf)

IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference : 1999549...

4.3CVSS7AI score0.00348EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2017/03/07 5:59 p.m.19 views

Design/Logic Flaw

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference : 1999542...

9CVSS7.5AI score0.02343EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2017/03/07 5:59 p.m.5 views

CVE-2016-9726

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference : 1999542...

8.8CVSS6.1AI score0.02343EPSS
Exploits0References1
OSV
OSV
added 2017/03/07 5:59 p.m.4 views

CVE-2016-9730

IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference : 1999549...

4.3CVSS7.2AI score0.00348EPSS
Exploits0References1
CVE
CVE
added 2017/03/07 5:0 p.m.46 views

CVE-2016-9730

CVE-2016-9730 affects IBM Security QRadar SIEM and QRadar Incident Forensics 7.2.x. The issue is a cross-site request forgery (CSRF) vulnerability that could allow an attacker to perform malicious and unauthorized actions transmitted from a trusted user’s session. The publicly available connected...

4.3CVSS5.1AI score0.00348EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2017/03/07 5:0 p.m.49 views

CVE-2016-9725

CVE-2016-9725 affects IBM QRadar Incident Forensics (7.2.x). The issue is described as overly permissive Cross-Origin Resource Sharing (CORS) policies in the Incident Forensics component, enabling cross-origin requests that would normally be restricted. Connected IBM bulletin references confirm t...

5.3CVSS5.5AI score0.00862EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/03/07 5:0 p.m.30 views

CVE-2016-9725

IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing CORS, which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them. IBM Reference : 1999539...

5.2AI score0.00862EPSS
Exploits0References2
Rows per page
Query Builder