Lucene search
K

286 matches found

Packet Storm
Packet Storm
added 2015/03/20 12:0 a.m.37 views

EMC M&R (Watch4net) MIB Browser Path Traversal

------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net MIB Browser ------------------------------------------------------------------------ Han Sahin, November 2014...

4CVSS6.5AI score0.07414EPSS
Exploits7
0day.today
0day.today
added 2015/03/20 12:0 a.m.72 views

EMC M&R (Watch4net) MIB Browser Path Traversal Vulnerability

A path traversal vulnerability was found in EMC M&R Watch4net MIB Browser. This vulnerability allows an attacker to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts and binaries...

4CVSS6.2AI score0.07414EPSS
Exploits7
exploitpack
exploitpack
added 2015/03/19 12:0 a.m.57 views

EMC MR (Watch4net) - Directory Traversal

EMC MR Watch4net - Directory Traversal Abstract A path traversal vulnerability was found in EMC M&R Watch4net Device Discovery. This vulnerability allows an attacker to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts an...

4CVSS0.2AI score0.07414EPSS
Exploits7
ThreatPost
ThreatPost
added 2015/03/03 10:10 a.m.9 views

Government Report Critical of FAA Security Controls

The Federal Aviation Administration has been put on notice that its information security controls are not up to par and that a risk-based program must be implemented from the ground up in order to assure the safety of its networks and passengers in the sky. A scathing Government Accounting Office...

0.3AI score
Exploits0References2
The Hacker News
The Hacker News
added 2015/02/17 4:9 p.m.27 views

How to Diagnose Network Fault with Log & Event Manager

Diagnosing network fault is one of the toughest questions for an IT Pro to answer because there is no single or best way. IT infrastructures are multi-layered and integrate many different systems which makes identifying the cause of network fault a difficult task. At a high level, the process of...

6.9AI score
Exploits0
Drupal
Drupal
added 2014/10/22 12:0 a.m.24 views

SA-CONTRIB-2014-100 - Bad Behavior - Information Disclosure

This module enables you to to target any malicious software directed at a Web site, whether it be a spambot, ill-designed search engine bot, or system crackers. It blocks such access and then logs their attempts. Information Disclosure The module doesn't sufficiently sanitize log data, allowing...

4CVSS6.4AI score0.01218EPSS
Exploits0References11
OSV
OSV
added 2014/10/15 12:0 a.m.2 views

UBUNTU-CVE-2014-6463

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML...

3.3CVSS6.5AI score0.02815EPSS
Exploits0References4
NVD
NVD
added 2014/09/18 10:55 a.m.18 views

CVE-2014-4357

Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log...

2.1CVSS5AI score0.00354EPSS
Exploits0References8
Prion
Prion
added 2014/09/18 10:55 a.m.18 views

Information disclosure

Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log...

2.1CVSS5.3AI score0.00354EPSS
Exploits0References8Affected Software2
Cvelist
Cvelist
added 2014/09/18 10:0 a.m.26 views

CVE-2014-4357

Accounts Framework in Apple iOS before 8 and Apple TV before 7 allows attackers to obtain sensitive information by reading log data that was not intended to be present in a log...

5AI score0.00354EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2014/09/16 5:28 a.m.5 views

luci: unauthorized administrative access granted to non-administrative users

It was discovered that various components in the luci site extension-related URLs were not properly restricted to administrative users. A remote, authenticated attacker could escalate their privileges to perform certain actions that should be restricted to administrative users, such as adding use...

5.5CVSS5.6AI score0.01428EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Ultimate PHP Board 1.9 admin_iplog.PHP Arbitrary PHP Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7678/info A vulnerability has been reported in Ultimate PHP Board. The problem is said to occur due to insufficient sanitization of user-supplied input before including log data into a PHP file. As a result, it may be...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution

No description provided by source. Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution homepage: http://www.quest.com/intrust/ description: InTrust securely collects, stores, reports and alerts on event log data from Windows, Unix and...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.22 views

openSUSE Security Update : logrotate (openSUSE-SU-2011:0536-1)

This update for logrotate provides the following fixes : - The shredfile function in logrotate might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostna...

6.9CVSS5.6AI score0.00412EPSS
Exploits1References7
Cvelist
Cvelist
added 2014/03/14 10:0 a.m.27 views

CVE-2014-1279

Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data...

5.1AI score0.00299EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2013/08/27 12:0 a.m.16 views

HP ArcSight Logger HTTP Detection

The remote host's HTTP server is hosting an HP ArcSight Logger install, which is used for viewing and managing collected log data. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69445; scriptversion"1.3"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"HP ArcSigh...

5.5AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/12/21 3:37 a.m.2 views

Loctouch for Android information management vulnerability

Overview Loctouch for Android contains an information management vulnerability. Loctouch provided by NHN Japan, is an application that logs location information. Loctouch for Android contains an information management vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported...

2.6CVSS6.3AI score0.00992EPSS
Exploits0References6
NVD
NVD
added 2012/12/06 11:45 a.m.11 views

CVE-2012-5175

Cross-site scripting XSS vulnerability in KENT-WEB ACCESS REPORT 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to access-log data...

4.3CVSS5.6AI score0.01148EPSS
Exploits0References3
Prion
Prion
added 2012/12/06 11:45 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in KENT-WEB ACCESS REPORT 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to access-log data...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2012/12/06 11:45 a.m.18 views

Stack overflow

Stack-based buffer overflow in uam.exe in the User Access Manager UAM component in HP Intelligent Management Center IMC before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data...

10CVSS8.7AI score0.61762EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder