Lucene search
K

9528 matches found

Prion
Prion
added 2014/04/10 8:55 p.m.15 views

Code injection

Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue...

5CVSS6.8AI score0.01173EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2014/04/10 3:16 p.m.13 views

OpenSSL Heartbleed Bug Exploited Before This Week?

Bruce Schneier stood on the Source Boston keynote stage yesterday and used the word “ginormous” to describe the severity of the OpenSSL heartbleed bug. “My guess is that when heartbleed became public, the top 20 governments in the world started exploiting it immediately,” Schneier said. That’s...

7.4AI score
Exploits0References11
CVE
CVE
added 2014/04/10 3:0 p.m.42 views

CVE-2013-7359

The CVE-2013-7359 entries concern an unspecified vulnerability in SAP Mobile Infrastructure that allows remote attackers to obtain sensitive port information via unknown vectors, associated with an internal port scanning issue. Documents identify the affected product (SAP Mobile Infrastructure) a...

5CVSS6.4AI score0.01173EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/04/10 3:0 p.m.17 views

CVE-2013-7359

Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue...

6.2AI score0.01173EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/04/03 6:16 p.m.5 views

Moderate: Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform 3 Bug Fix and Enhancement Advisory

Updated packages for Red Hat Enterprise Linux OpenStack Platform 3.0 Grizzly, which fix bugs and add enhancements, are now available. Red Hat Enterprise Linux OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service IaaS cloud running on commonly...

4.3CVSS5.9AI score0.01884EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/03/31 12:0 a.m.24 views

OpenStack python-keystoneclient Cache安全绕过漏洞

OpenStack是由Rackspace和NASA共同开发的云计算平台,帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。 缓存处理多个,多次请求时存在错误,可被利用以另一个用户身份进行认证操作。 0 OpenStack python-keystoneclient 0.x OpenStack python-keystoneclient 0.7.0及之后版本以修复此漏洞,建议用户下载使用: https://launchpad.net/python-keystoneclient...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/03/27 8:44 p.m.6 views

Nagios XI - The industry standard for IT infrastructure monitoring

Nagios XI is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services SMTP, POP3, HTTP, NNTP, ICMP, etc., monitoring of host resources...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2014/03/25 5:52 a.m.12 views

CASH! CASH! Hacking ATM Machines with Just a Text Message

As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world’s 3 million ATM machines are run on it. Microsoft's decision to withdraw support for Windows XP poses critical security threat to the economic infrastructure...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/21 11:43 a.m.16 views

ICS Vulnerabilities Afffect Critical Infrastructure Security

Industrial control systems manufacturer, Siemens, has released new versions of its SIMATIC S7-1200 CPU family, resolving six security vulnerabilities in that product, and its SIMATIC S7-1200 PLC programmable logic controller, resolving an addition two vulnerabilities there. These patches are...

0.7AI score
Exploits0References5
The Hacker News
The Hacker News
added 2014/03/18 11:9 p.m.9 views

Snowden's disclosures haven't changed much about Facebook Security

Mark Zuckerberg is continually denying working with the NSA or any other Government Intelligence Agency in serving out data they gathered through extended surveillance, and even he expressed his indignation over the damage the Government is creating for all, on the phone call to the US President...

6.5AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/10 2:45 p.m.13 views

Researcher Eric Filiol Withdraws CanSecWest Presentation

A presenter at this week’s CanSecWest security conference has withdrawn his scheduled talk for fear the information could be used to attack critical infrastructure worldwide. Eric Filiol, scientific director of the Operational Cryptology and Virology lab. CTO/CSO of the ESIEA in France, pulled hi...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2014/03/07 12:0 a.m.24 views

HP SiteScope 'loadFileContents' SOAP请求远程代码执行漏洞

BUGTRAQ ID: 65972 CVECAN ID: CVE-2013-6207 HP SiteScope是无代理监控软件,可维护其分布式IT 基础架构的可用性和性能。 SiteScope 10.1x, 11.1x, 11.21版本的loadFileContents SOAP功能存在安全漏洞,成功利用后可导致任意代码执行、任意文件下载和拒绝服务。 0 HP SiteScope 11.21 HP SiteScope 11.1x HP SiteScope 10.1x 厂商补丁: HP -- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

9.4CVSS6.4AI score0.034EPSS
Exploits1
ThreatPost
ThreatPost
added 2014/03/04 4:11 p.m.15 views

Institute for Electric Grid Cybersecurity Girds Utilities

Critical infrastructure policymakers are advocating the foundation of a new entity, the Institute for Electric Grid Cybersecurity, along with a new set of guidelines, to better protect the North American electric grid from cyber-attacks and determine how to respond if the grid is ever compromised...

Exploits0References3
seebug.org
seebug.org
added 2014/02/28 12:0 a.m.46 views

Schneider Electric SCADA多个产品异常处理拒绝服务漏洞

CVE ID:CVE-2013-2824 施耐德电气为100多个国家的能源及基础设施、工业、数据中心及网络、楼宇和住宅市场提供整体解决方案。其中多个产品使用的SESU工具用于更新windows PC系统上的软件。 Schneider Electric多个产品服务器存在拒绝服务攻击,允许远程攻击者利用漏洞发送特制的报文,可使进程停止响应,造成拒绝服务攻击。 0 Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40 Schneider Electric Vijeo Citect 7.20 - 7.30SP1...

7.8CVSS6.6AI score0.01786EPSS
Exploits1
seebug.org
seebug.org
added 2014/02/28 12:0 a.m.39 views

Cisco Prime Infrastructure任意命令执行漏洞(CVE-2014-0679)

BUGTRAQ ID: 65816 CVECAN ID: CVE-2014-0679 Cisco Prime Infrastructure是通过思科技术LMS和NCS进行无线管理的解决方案。 Cisco Prime Infrastructure没有正确验证URL请求,未经身份验证的远程攻击者可以root级别的权限执行任意命令。 0 Cisco Prime Infrastructure 2.0 Cisco Prime Infrastructure 1.4 Cisco Prime Infrastructure 1.3 Cisco Prime Infrastructure 1.2 厂商补丁:...

9CVSS6.6AI score0.02106EPSS
Exploits1
NVD
NVD
added 2014/02/27 8:55 p.m.24 views

CVE-2014-0679

Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308...

9CVSS7.3AI score0.02106EPSS
Exploits1References1
Prion
Prion
added 2014/02/27 8:55 p.m.24 views

Command injection

Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308...

9CVSS7.8AI score0.02106EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2014/02/27 8:0 p.m.48 views

CVE-2014-0679

Cisco Prime Infrastructure versions 1.2/1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 are affected by CVE-2014-0679 due to improper validation of URL requests. An authenticated, remote attacker could exploit an unspecified URL to execute arbitrary commands with root p...

9CVSS7.5AI score0.02106EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/02/27 8:0 p.m.26 views

CVE-2014-0679

Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308...

7.3AI score0.02106EPSS
Exploits1References1
Cisco
Cisco
added 2014/02/26 4:0 p.m.31 views

Cisco Prime Infrastructure Command Execution Vulnerability

A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper validation of URL requests. An attacker could exploit this vulnerability by requesting an unauthorized command...

9CVSS7.2AI score0.02106EPSS
Exploits1References1
Rows per page
Query Builder