Lucene search
+L

1704 matches found

seebug.org
seebug.org
added 2014/04/21 12:0 a.m.35 views

JBoss Overlord Runtime Governance for JBossAS MVEL表达式Java代码执行漏洞

CVE ID:CVE-2013-6469 JBoss Overlord Runtime Governance for JBossAS是一款管理JBoss SOA平台的应用。 JBoss Overlord Runtime Governance for JBossAS处理部分MVEL表达式时存在未明错误,允许攻击者提交特制的表达式执行任意Java代码。 0 JBoss Overlord Runtime Governance for JBossAS 1.0 目前没有详细解决方案: https://www.jboss.org/overlord...

6.5CVSS6.7AI score0.01653EPSS
Exploits1
NVD
NVD
added 2014/01/10 12:2 p.m.19 views

CVE-2013-6334

IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite aka Atlas Policy Suite do not properly validate...

6.4CVSS6.5AI score0.01358EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/01/10 11:0 a.m.29 views

CVE-2013-6321

SQL injection vulnerability in IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite aka Atlas Policy Suit...

8.2AI score0.0121EPSS
Exploits0References3
CVE
CVE
added 2014/01/10 11:0 a.m.52 views

CVE-2013-6321

SQL injection vulnerability (CVE-2013-6321) affects IBM Atlas Suite components (Atlas eDiscovery Process Management 6.0.1.5 and earlier/6.0.2; Disposal and Governance Management for IT 6.0.1.5 and earlier/6.0.2; Global Retention Policy and Schedule Management 6.0.1.5 and earlier/6.0.2). Root caus...

7.5CVSS8.5AI score0.0121EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2014/01/10 11:0 a.m.48 views

CVE-2013-6334

CVE-2013-6334 affects IBM Atlas Suite components (Atlas eDiscovery Process Management 6.0.1.5 and earlier, 6.0.2; Disposal and Governance Management for IT 6.0.1.5 and earlier, 6.0.2; Global Retention Policy and Schedule Management 6.0.1.5 and earlier, 6.0.2). The issue is improper session valida...

6.4CVSS6.7AI score0.01358EPSS
Exploits0References3Affected Software4
ThreatPost
ThreatPost
added 2013/10/23 2:41 p.m.25 views

NIST Publishes Preliminary Cybersecurity Framework

Following an Executive Order issued by U.S. President Barack Obama in February of this year, the National Institute of Standards and Technology NIST yesterday made public a provisional copy of the government’s cybersecurity framework and says it will accept public comment on the draft for the nex...

0.1AI score
Exploits0References1
The Hacker News
The Hacker News
added 2013/07/02 5:13 a.m.9 views

Who Governs The Internet and whose property is it?

The recent exposes and revelations by Edward Snowden about the Top Secret Internet Snooping program currently run by US National Security Agency NSA have shocked the world. The extent of snooping is even more shocking and what has just stunned the world is the sheer name of top Internet companies...

6.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2013/03/21 2:48 p.m.17 views

Information Governance: Get Data Classification Right First

Data classification is one of the most crucial elements of an effective information governance process--yet its also one that many companies fail to implement well. In its simplest terms, data classification is the process of categorizing data based on its level of sensitivity. When done properly...

2.2AI score
Exploits0
ThreatPost
ThreatPost
added 2012/12/19 8:28 p.m.27 views

ENISA Outlines Security Regulations for EU Smart Grid Expansion

The European Union has set a series of ambitious goals for itself: by 2020, the 27 member states expect to collectively use 20 percent renewable energy, reduce CO2 emissions by 20 percent, and increase energy efficiency by 20 percent. In order to accomplish these goals, Europe will need to perfor...

0.1AI score
Exploits0References4
The Coalfire Blog
The Coalfire Blog
added 2012/05/10 11:12 a.m.21 views

Coalfire Acquires Digital Resources Group in California

We have reached a new milestone at Coalfire and have announced the recent acquisition of privately held Digital Resources Group DRG in Redwood City, California. We are excited about our latest venture as it consolidates our leadership position within the IT Governance Risk and Compliance IT GRC...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2012/04/27 11:11 a.m.11 views

90% SSL sites vulnerable to the BEAST SSL attack

90% of the Internet's top 200,000 HTTPS-enabled websites are vulnerable to known types of SSL Secure Sockets Layer attack, according to a report released Thursday by the Trustworthy Internet Movement TIM, a nonprofit organization dedicated to solving Internet security, privacy and reliability...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/23 12:0 a.m.52 views

Chengdu Bureau Of Commerce SQL Injection

Title: ====== Chengdu Bureau of Commerce - SQL Injection Vulnerability Date: ===== 2012-04-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=312 VL-ID: ===== 312 Introduction: ============= May 20, by my bureau composed of 10 members, participated in by the Chinese...

Exploits0
ThreatPost
ThreatPost
added 2012/01/01 9:27 p.m.11 views

Hackers Plan Satellite Network to Fight Internet Censorship

A group of hackers are reportedly declaring war on Internet censorship, and they plan to fight back with their own satellite communications network. Sound like science fiction? According to BBC News, the plan was recently outlined at the Chaos Communication Congress in Berlin. Dubbed the...

Exploits0References3
Vulnerability Lab
Vulnerability Lab
added 2011/11/25 12:0 a.m.14 views

CN Academy of Governance NSA - Postgre SQL Injection

Document Title: =============== CN Academy of Governance NSA - Postgre SQL Injection References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=311 CNNVD ID: CNNVD-201111-474 Release Date: ============= 2011-11-25 Vulnerability Laboratory ID VL-ID:...

0.5AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2011/11/25 12:0 a.m.28 views

CN Academy of Governance NSA - Postgre SQL Injection

Document Title: =============== CN Academy of Governance NSA - Postgre SQL Injection References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=311 CNNVD ID: CNNVD-201111-474 Release Date: ============= 2011-11-25 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2011/02/20 7:53 a.m.11 views

How easy it is to hack AMC's sites !

An 'ethical' hacker demonstrates how one can break into the civic corporation's e-governance site and I P Gautam's official domain to access confidential info. The state government's websites are under threat of being hacked. A BCA student, who calls himself an 'ethical' hacker, demonstrated how ...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/01/03 2:6 a.m.10 views

Be Aware Hacker - Honeypots now in India trap to lure hackers !

Decoys have been present in each and every culture, to capture the unknown as well as the known defaulters. The honey, which was used in turning the heads of bears that we used to find in jungles, well the same honey, but in a revisited version is being implemented and used here and has already...

6.7AI score
Exploits0
NVD
NVD
added 2010/12/22 9:0 p.m.22 views

CVE-2010-2644

IBM WebSphere Service Registry and Repository WSRR 7.0.0 before FP1 does not properly implement access control, which allows remote attackers to perform governance actions via unspecified API requests to an EJB interface...

5CVSS6.6AI score0.01209EPSS
Exploits0References4
Prion
Prion
added 2010/12/22 9:0 p.m.16 views

Improper access control

IBM WebSphere Service Registry and Repository WSRR 7.0.0 before FP1 does not properly implement access control, which allows remote attackers to perform governance actions via unspecified API requests to an EJB interface...

5CVSS7.1AI score0.01209EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2010/12/22 8:0 p.m.48 views

CVE-2010-2644

IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 has an access-control flaw in the EJB interface that could allow remote attackers to perform governance actions via unspecified API requests. Affected product: IBM WSRR 7.0.0 pre-FP1. Root cause: improper access-control impleme...

5CVSS6.7AI score0.01209EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder