Lucene search
K

286 matches found

Positive Technologies
Positive Technologies
added 2022/03/08 12:0 a.m.4 views

PT-2022-17549 · Samsung · Galaxy Watch Plugin

Name of the Vulnerable Software and Affected Versions: Galaxy Watch Plugin versions prior to 2.2.05.220126741 Description: The issue allows attackers to access user information in log, potentially exposing sensitive data. Recommendations: For Galaxy Watch Plugin versions prior to 2.2.05.220126741...

3.3CVSS3.7AI score0.00199EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/02/07 1:48 p.m.4 views

log4j: Unsafe deserialization flaw in Chainsaw log viewer

A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run...

9CVSS7.1AI score0.52458EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/12/10 12:0 a.m.3 views

Apache Log4j 代码问题漏洞

Apache Log4j is a U.S. Apache Apache Foundation of a Java-based open source logging tool . Apache Log4j There is a code problem vulnerability , due to the existence of JNDI injection vulnerability in ApacheLog4j , an attacker can design a data request to send to the server using the ApacheLog4j...

6.5AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/11/23 2:0 p.m.16 views

DataStream: Real-time Log Delivery for All Akamai Customers

We are pleased to announce that DataStream 2 is now available for all our customers. DataStream 2 provides customers with detailed log data from requests on the Akamai Intelligent Edge Platform within minutes. DataStream 2 gives customers unparalleled visibility into events at the Akamai edge and...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2021/11/19 11:30 a.m.41 views

Msticpy - Microsoft Threat Intelligence Security Tools

Microsoft Threat Intelligence Python Security Tools. msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks. It includes functionality to: query log data from multiple sources enrich the data with Threat Intelligence, geolocations and Azure resource data extract Indicator...

6.5AI score
Exploits0References27
CNVD
CNVD
added 2021/10/08 12:0 a.m.28 views

Cobbler Arbitrary File Writing Vulnerability

Cobbler is a network installation server suite, which is mainly used to quickly set up Linux network installation environment.Cobbler in versions prior to 3.3.0 there is an arbitrary file writing vulnerability, the vulnerability originates from the system does not do effective filtering of user...

7.5CVSS3.2AI score0.68635EPSS
Exploits0References1
PyPA
PyPA
added 2021/10/04 6:15 a.m.3 views

PYSEC-2021-374

Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...

7.5CVSS7.2AI score0.68635EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/10/04 6:15 a.m.1 views

UBUNTU-CVE-2021-40324

Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...

7.5CVSS7.3AI score0.68635EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/10/04 5:39 a.m.36 views

CVE-2021-40324

Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...

8.8AI score0.68635EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/04 12:0 a.m.4 views

Cobbler 代码问题漏洞

Cobbler is a network installation server suite, which is mainly used to quickly set up Linux network installation environment.Cobbler in versions prior to 3.3.0 there is an arbitrary file writing vulnerability, the vulnerability originates from the system does not do effective filtering of user...

7.5CVSS5.8AI score0.68635EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/09/20 12:0 a.m.6 views

PT-2021-22860 · Cobbler +2 · Cobbler +2

Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 3.3.0 Description: The issue allows arbitrary file write operations via upload log data. Recommendations: For versions prior to 3.3.0, update to version 3.3.0 or later to resolve the issue...

10CVSS8.1AI score0.88482EPSS
Exploits6References107
Imperva Blog
Imperva Blog
added 2021/07/22 1:29 p.m.213 views

Logging: A Deep Dive

Our RASP product At Imperva our team builds a product called RASP which stands for Runtime Application Self Protection. As indicated by the name, it is a security product which plugs directly into the runtime of an application in order to provide a similar and complementary set of capabilities as...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/07/06 5:57 p.m.51 views

Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 1

New to writing regular expressions? No problem. In this two-part blog series, we’ll cover the basics of regular expressions and how to write regular expression statements regex to extract fields from your logs while using the custom parsing tool. Like learning any new language, getting started ca...

6.7AI score
Exploits0
CNVD
CNVD
added 2021/07/02 12:0 a.m.10 views

Grok Buffer Overflow Vulnerability

Grok is a regular expression that uses a combination of multiple predefined . A tool used to match split text and map to keywords. Often used to preprocess log data. A security vulnerability exists in Grok versions 7.6.6 through 9.2.0 that stems from a heap-based buffer overflow in the...

7.8CVSS7.2AI score0.01175EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/04/22 2:30 a.m.14 views

CVE-2021-31546

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data...

5.6AI score0.00719EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/04/22 12:0 a.m.2 views

PT-2021-19416 · Mediawiki +1 · Abusefilter +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.2 Description: An issue in the AbuseFilter extension for MediaWiki incorrectly logged sensitive suppression deletions. These deletions should not have been visible to users with access to view AbuseFilter log...

9.8CVSS6.4AI score0.03832EPSS
Exploits18References74
Rapid7 Blog
Rapid7 Blog
added 2021/04/05 2:8 p.m.105 views

InsightIDR’s Log Search: Recent Enhancements and Upcoming Investments

Log data is critical to ensuring that you have full visibility into what’s going on across your environment. Alongside endpoint and network data, log data enables teams to detect malicious activity, prove compliance, and have better visibility across their environment. Within InsightIDR, our Log...

6.8AI score
Exploits0
NVD
NVD
added 2021/03/18 3:15 a.m.17 views

CVE-2021-28667

StackStorm before 3.4.1, in some situations, has an infinite loop that consumes all available memory and disk space. This can occur if Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data from an action or rule name...

7.5CVSS0.02232EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2021/02/16 9:53 p.m.49 views

Monitor Google Cloud Platform (GCP) Data With InsightIDR

InsightIDR was built in the cloud to support dynamic and rapidly changing environments—including remote workers, hybrid cloud and on-premises architectures, and fully cloud environments. Today, more and more organizations are adopting multi-cloud or hybrid environments, creating increasingly more...

0.2AI score
Exploits0
Circl
Circl
added 2020/12/11 7:35 a.m.5 views

CVE-2020-7541

creationtimestamp| type| source ---|---|--- 2020-12-11 07:35:12+00:00| seen| https://t.me/cibsecurity/19776 2020-12-11 07:38:14+00:00| seen| https://t.me/cibsecurity/19796 2020-12-11 08:25:28+00:00| seen| https://t.me/cibsecurity/19816 2020-12-11 09:25:23+00:00| seen| https://t.me/cibsecurity/198...

5.3CVSS6.5AI score0.00867EPSS
Exploits0References18
Rows per page
Query Builder