Lucene search
K

57 matches found

OSV
OSV
added 2019/06/07 11:0 a.m.3 views

SUSE-SU-2019:1450-1 Security update for Cloud7 packages

This update provides fixes for the following packages issues: caasp-openstack-heat-templates: - Update to version 1.0+git.1553079189.3bf8922: SCRD-2813 Add support for CPI parameters - Update to version 1.0+git.1547562889.43707e7: Switch LB protocol from HTTP to HTTPS crowbar: - Update to version...

8.1CVSS7.6AI score0.0252EPSS
Exploits1References21
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.4 views

The vulnerability of the NX-API network operating system function of Cisco NX-OS routers allows attackers to execute arbitrary commands.

The vulnerability of the NX-API network operating system function in Cisco NX-OS routers is related to the lack of measures for input data sanitization. Exploiting this vulnerability allows a malicious actor to remotely execute arbitrary commands with superuser privileges by sending malicious HTT...

9CVSS7.9AI score0.04034EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:37 p.m.24 views

Security Bulletin: A vulnerability in the Firefox component of the Synthetic Playback agent affects IBM Performance Management products.

Summary Multiple browsers could allow a remote attacker to obtain sensitive information, caused by the failure to consider the role of the TCP congestion window in providing information about content length by the HTTPS protocol or by the HTTP/2 protocol. By visiting a Web site owned by a malicio...

5.3CVSS5.7AI score0.13983EPSS
Exploits0Affected Software1
Hacker One
Hacker One
added 2016/11/09 11:34 p.m.23 views

Paragon Initiative Enterprises: Using plain git protocol (vulnerable to MITM)

Using plain git protocol git://domain is insecure as the server is not verified MITM attacker can return different content if last commit not checked against known one more information about this issue Protocols to choose from when cloning: https://gist.github.com/grawity/4392747...

0.6AI score
Exploits0
ICS
ICS
added 2016/09/18 6:0 a.m.42 views

OmniMetrix OmniView Vulnerabilities

OVERVIEW Bill Voltmer of Elation Technologies LLC has identified vulnerabilities in OmniMetrix’s OmniView web application. OmniMetrix has produced a new software version for its web interface that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCT...

8AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2016/09/06 10:59 a.m.25 views

CVE-2016-7152

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...

5.3CVSS6.1AI score0.13983EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/07/21 12:0 a.m.25 views

Moodle 2.0.x < 2.0.10 Multiple Vulnerabilities

Binary data 9403.prm...

6.5CVSS6.8AI score0.02105EPSS
Exploits0References7
Hacker One
Hacker One
added 2015/08/20 5:16 p.m.42 views

ownCloud: apps.owncloud.com: SSL Session cookie without secure flag set

URL: https://apps.owncloud.com/usermanager/login.php Issue detail The following cookie was issued by the application and does not have the secure flag set: PHPSESSID=27caghhkfjvuso3mmiqajqt2n4; path=/; HttpOnly The cookie appears to contain a session token, which may increase the risk associated...

0.2AI score
Exploits0
OSV
OSV
added 2015/04/29 12:0 a.m.27 views

DSA-3240-1 curl - security update

Bulletin has no description...

5CVSS9.4AI score0.07538EPSS
Exploits0
Packet Storm
Packet Storm
added 2015/03/25 12:0 a.m.30 views

WordPress Marketplace 2.4.0 Add Administrator

!/usr/bin/python Exploit Name: WP Marketplace 2.4.0 Remote Command Execution Vulnerability discovered by Kacper Szurek http://security.szurek.pl Exploit written by Claudio Viviani -------------------------------------------------------------------- The vulnerable function is located on...

0.6AI score
Exploits0
Hacker One
Hacker One
added 2014/06/03 9:24 a.m.17 views

Automattic: Serving Transitions From: HTTP Protocol (not secure)

Dear Sir, I've Noticed from your SourceCode that you are using HTTP Protocol, and that will makes Insecure served for data transition. we will give the attacker a chance for "MIMT" man in the middle attack as you know that the name of the attack itself explain the steps. -check the source code of...

0.2AI score
Exploits0
myhack58
myhack58
added 2014/05/29 12:0 a.m.19 views

WordPress Cookie handling process can lead to account hijacking-vulnerability warning-the black bar safety net

! Write ahead: This is actually a cookie transmission does not use the https problem, the most natural of seemingly unrelated picture, but in front of a burst of lead to ebay account disclosure of intrusion events, also has this vulnerability in the shadow. ps: looks like this hack was a girl...

7.2AI score
Exploits0
myhack58
myhack58
added 2013/11/19 12:0 a.m.27 views

A jingdong log security vulnerabilities-vulnerability warning-the black bar safety net

Table of Contents 1 Introduction 2 the inspection process 3 Summary 1 Introduction Recently looking at an open source site code, found if the login page via the http Protocol requests, will be redirected to use the https Protocol of the url, so you can ensure login security. Today a whim, want to...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/05/23 1:59 a.m.9 views

NASA SSL Digital Certificate hacked by Iranian Hackers

NASA SSL Digital Certificate hacked by Iranian Hackers Iranian hackers 'Cyber Warriors Team' announced in an online post that it compromised an SSL certificate belonging to NASA and subsequently accessed information on thousands of NASA researchers. A space agency representative revealed that...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2012/02/10 12:51 p.m.5 views

Iran Shutdown Google ,Yahoo & other Major sites using Https Protocol

Iran Shutdown Google ,Yahoo & other Major sites using Https Protocol We Received latest reports from Iran ,Governments has blocked access to the major sites plus websites using certain Https protocol like Gmail, Google ,Yahoo. On the eve of the anniversary of the revolution that overthrew the...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2008/09/29 12:0 a.m.61 views

Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet Advisory ID: cisco-sa-20080924-ssl http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml Revision 1.0 For Public Release 2008 September 24 1600 UTC GMT -...

7.8CVSS0.4AI score0.03165EPSS
Exploits1
Exploit DB
Exploit DB
added 2007/02/07 12:0 a.m.33 views

Advanced Poll 2.0.5-dev - Remote Admin Session Generator

!/usr/bin/perl -w Advanced Poll 2.0.0 = 2.0.5-dev textfile admin session gen. 0day! KEEP IT PRIVATE 0day! date: 30/07/06 diwou PHCKSEC c 2001-2006. see templates for code execution ;. use strict; use warnings; use LWP::UserAgent; use MD5; my...

7.4AI score
Exploits0
Rows per page
Query Builder