286 matches found
PT-2022-17549 · Samsung · Galaxy Watch Plugin
Name of the Vulnerable Software and Affected Versions: Galaxy Watch Plugin versions prior to 2.2.05.220126741 Description: The issue allows attackers to access user information in log, potentially exposing sensitive data. Recommendations: For Galaxy Watch Plugin versions prior to 2.2.05.220126741...
log4j: Unsafe deserialization flaw in Chainsaw log viewer
A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run...
Apache Log4j 代码问题漏洞
Apache Log4j is a U.S. Apache Apache Foundation of a Java-based open source logging tool . Apache Log4j There is a code problem vulnerability , due to the existence of JNDI injection vulnerability in ApacheLog4j , an attacker can design a data request to send to the server using the ApacheLog4j...
DataStream: Real-time Log Delivery for All Akamai Customers
We are pleased to announce that DataStream 2 is now available for all our customers. DataStream 2 provides customers with detailed log data from requests on the Akamai Intelligent Edge Platform within minutes. DataStream 2 gives customers unparalleled visibility into events at the Akamai edge and...
Msticpy - Microsoft Threat Intelligence Security Tools
Microsoft Threat Intelligence Python Security Tools. msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks. It includes functionality to: query log data from multiple sources enrich the data with Threat Intelligence, geolocations and Azure resource data extract Indicator...
Cobbler Arbitrary File Writing Vulnerability
Cobbler is a network installation server suite, which is mainly used to quickly set up Linux network installation environment.Cobbler in versions prior to 3.3.0 there is an arbitrary file writing vulnerability, the vulnerability originates from the system does not do effective filtering of user...
PYSEC-2021-374
Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...
UBUNTU-CVE-2021-40324
Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...
CVE-2021-40324
Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...
Cobbler 代码问题漏洞
Cobbler is a network installation server suite, which is mainly used to quickly set up Linux network installation environment.Cobbler in versions prior to 3.3.0 there is an arbitrary file writing vulnerability, the vulnerability originates from the system does not do effective filtering of user...
PT-2021-22860 · Cobbler +2 · Cobbler +2
Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 3.3.0 Description: The issue allows arbitrary file write operations via upload log data. Recommendations: For versions prior to 3.3.0, update to version 3.3.0 or later to resolve the issue...
Logging: A Deep Dive
Our RASP product At Imperva our team builds a product called RASP which stands for Runtime Application Self Protection. As indicated by the name, it is a security product which plugs directly into the runtime of an application in order to provide a similar and complementary set of capabilities as...
Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 1
New to writing regular expressions? No problem. In this two-part blog series, we’ll cover the basics of regular expressions and how to write regular expression statements regex to extract fields from your logs while using the custom parsing tool. Like learning any new language, getting started ca...
Grok Buffer Overflow Vulnerability
Grok is a regular expression that uses a combination of multiple predefined . A tool used to match split text and map to keywords. Often used to preprocess log data. A security vulnerability exists in Grok versions 7.6.6 through 9.2.0 that stems from a heap-based buffer overflow in the...
CVE-2021-31546
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data...
PT-2021-19416 · Mediawiki +1 · Abusefilter +2
Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.2 Description: An issue in the AbuseFilter extension for MediaWiki incorrectly logged sensitive suppression deletions. These deletions should not have been visible to users with access to view AbuseFilter log...
InsightIDR’s Log Search: Recent Enhancements and Upcoming Investments
Log data is critical to ensuring that you have full visibility into what’s going on across your environment. Alongside endpoint and network data, log data enables teams to detect malicious activity, prove compliance, and have better visibility across their environment. Within InsightIDR, our Log...
CVE-2021-28667
StackStorm before 3.4.1, in some situations, has an infinite loop that consumes all available memory and disk space. This can occur if Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data from an action or rule name...
Monitor Google Cloud Platform (GCP) Data With InsightIDR
InsightIDR was built in the cloud to support dynamic and rapidly changing environments—including remote workers, hybrid cloud and on-premises architectures, and fully cloud environments. Today, more and more organizations are adopting multi-cloud or hybrid environments, creating increasingly more...
CVE-2020-7541
creationtimestamp| type| source ---|---|--- 2020-12-11 07:35:12+00:00| seen| https://t.me/cibsecurity/19776 2020-12-11 07:38:14+00:00| seen| https://t.me/cibsecurity/19796 2020-12-11 08:25:28+00:00| seen| https://t.me/cibsecurity/19816 2020-12-11 09:25:23+00:00| seen| https://t.me/cibsecurity/198...