Lucene search
K

844 matches found

Imperva Blog
Imperva Blog
added 2017/11/21 4:30 p.m.21 views

Build-Your-Own Data Masking. Yes or No?

A lot of organizations are taking great strides to protect their sensitive data with a multi-layered strategy—one that includes data masking. We’ve even seen many tackling this critical data security component in DIY fashion, often tasking one resource with developing and implementing scripts to...

6.7AI score
Exploits0
CNVD
CNVD
added 2017/11/21 12:0 a.m.3 views

Cisco HyperFlex System system logging information disclosure vulnerability

Cisco HyperFlex System is the United States Cisco Cisco a data platform equipment. system logging is one of the system logger. An information disclosure vulnerability exists in system logging on the Cisco HyperFlex System, which arises from the program's failure to properly mask sensitive...

6CVSS5.9AI score0.00326EPSS
Exploits0References1
OSV
OSV
added 2017/11/16 7:29 a.m.6 views

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

6CVSS5.8AI score0.00326EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/16 7:0 a.m.21 views

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

5.7AI score0.00326EPSS
Exploits0References2
Cisco
Cisco
added 2017/11/15 4:0 p.m.46 views

Cisco HyperFlex System Authenticated Information Disclosure Vulnerability

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

6CVSS5.7AI score0.00326EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/06 12:0 a.m.5 views

Apache Hive Information Disclosure Vulnerability

Apache Hive is a set of Hadoop Distributed Systems Infrastructure based data warehouse software from the Apache Apache Software Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...

4.3CVSS6.2AI score0.01431EPSS
Exploits3References1
Prion
Prion
added 2017/11/01 1:29 p.m.18 views

Code injection

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...

4CVSS4.7AI score0.01431EPSS
Exploits3References2Affected Software1
OSV
OSV
added 2017/11/01 1:29 p.m.21 views

CVE-2017-12625

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...

4.3CVSS6.9AI score
Exploits0References2
Cvelist
Cvelist
added 2017/11/01 1:0 p.m.26 views

CVE-2017-12625

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...

4.6AI score0.01431EPSS
Exploits3References2
CVE
CVE
added 2017/11/01 1:0 p.m.89 views

CVE-2017-12625

The CVE-2017-12625 issue affects Apache Hive: versions 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface for defining masking policies on tables/views (e.g., via Apache Ranger). Root cause: when a view is created over a table, policy enforcement is not correctly a...

4.3CVSS4.6AI score0.01431EPSS
Exploits3References2Affected Software1
Veracode
Veracode
added 2017/11/01 8:23 a.m.23 views

Information Disclosure

Apache Hive Query Language is vulnerable to information disclosure. The vulnerability is possible because it does not enforce the policy to restrict users from creating views on tables with column masking rules defined...

4.3CVSS4.6AI score0.01431EPSS
Exploits3References5Affected Software1
Schneier on Security
Schneier on Security
added 2017/07/19 3:35 p.m.50 views

Password Masking

Slashdot asks if password masking -- replacing password characters with asterisks as you type them -- is on the way out. I don't know if that's true, but I would be happy to see it go. Shoulder surfing, the threat is defends against, is largely nonexistent. And it is becoming harder to type in...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/07/10 3:30 p.m.80 views

Static Versus Dynamic Data Masking

Most participants in the trench warfare of IT security agree that the best way to protect data is to apply a layered approach to security. Data masking is a security and privacy enhancing technology recommended by industry analysts as a must-have data protection layer. While terminology varies...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.6 views

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software is related to the use of memory after it is freed, caused by multiple masking of screen objects. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.14425EPSS
Exploits0References3Affected Software1
Imperva Blog
Imperva Blog
added 2017/06/08 3:30 p.m.24 views

Data Anonymization: Motivation and Mechanics

Data is one of the most valuable assets a company has in its possession. And while it may not be listed as a line item on the balance sheet, when a company’s data is breached it can have a very negative impact on the bottom line—in a company’s stock price, reputation and brand. One approach to...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2017/05/09 8:45 p.m.7 views

flash-plugin: multiple code execution issues fixed in APSB17-15

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...

9.3CVSS7.7AI score0.0621EPSS
Exploits0References5
OSV
OSV
added 2017/05/09 4:29 p.m.4 views

CVE-2017-3071

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...

8.8CVSS6AI score0.0621EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2017/05/09 4:29 p.m.30 views

CVE-2017-3071

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...

9.3CVSS7.4AI score0.0621EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/05/09 4:0 p.m.25 views

CVE-2017-3071

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...

9AI score0.0621EPSS
Exploits0References5
ArchLinux
ArchLinux
added 2017/05/09 12:0 a.m.37 views

[ASA-201705-8] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201705-8 ========================================= Severity: Critical Date : 2017-05-09 CVE-ID : CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Package : flashplugin Type : arbitrary code execution Remote : Yes Li...

9.3CVSS1.4AI score0.20353EPSS
Exploits2References9
Rows per page
Query Builder