Lucene search
K

2553 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/07/07 5:41 p.m.58 views

Security Bulletin: Third party vulnerable library Jackson-Databind affects IBM Engineering Lifecycle Optimization - Publishing

Summary There are some vulnerabilities in the Jackson-Databind library that affects IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details CVEID: CVE-2018-7489 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused ...

10CVSS1AI score0.49727EPSS
Exploits4Affected Software1
Cvelist
Cvelist
added 2020/07/07 12:26 p.m.36 views

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

8.1AI score0.00276EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2020/07/07 12:26 p.m.30 views

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

7.8CVSS8.2AI score0.00276EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/06/29 2:20 p.m.60 views

CVE-2020-15358

A heap buffer overflow was found in SQLite in the query flattening optimization technique. This flaw allows an attacker to execute SQL statements to crash the application, resulting in a denial of service...

2.1CVSS3.5AI score0.01027EPSS
Exploits1References3
OSV
OSV
added 2020/06/27 12:15 p.m.31 views

CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation...

5.5CVSS7AI score
Exploits0References22
OSV
OSV
added 2020/06/27 12:15 p.m.1 views

DEBIAN-CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation...

5.5CVSS8.9AI score0.01027EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/06/27 12:15 p.m.30 views

CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation...

5.5CVSS6.8AI score0.01027EPSS
Exploits1References3
CVE
CVE
added 2020/06/27 11:39 a.m.591 views

CVE-2020-15358

CVE-2020-15358 (SQLite) affects the SQLite library, specifically the query engine path in select.c where the query-flattener optimization mishandles constant propagation for multiSelectOrderBy. The root cause is a mishandling of transitive properties during constant propagation, leading to a heap...

5.5CVSS6.8AI score0.01027EPSS
Exploits1References22Affected Software1
Debian CVE
Debian CVE
added 2020/06/27 11:39 a.m.39 views

CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation...

5.5CVSS7.3AI score0.01027EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2020/06/27 11:39 a.m.98 views

CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation...

5.5CVSS7.1AI score0.01027EPSS
Exploits1
ThreatPost
ThreatPost
added 2020/06/23 1:0 p.m.35 views

The Evolution of DevSecOps

The DevOps methodology offers organizations of all sizes from across all industries a framework for delivering value and responsiveness. Instead of traditional distinct development and operations teams, DevOps embraces multidisciplinary teams that use efficient practices that support continuous...

1.5AI score
Exploits0References1
CNVD
CNVD
added 2020/06/23 12:0 a.m.7 views

Verint Workforce Optimization (WFO) Injection Vulnerability

Verint Workforce Optimization is a unified suite of software and services for capturing interactions and managing employee performance across an enterprise or target area. A security vulnerability exists in Verint Workforce Optimization WFO version 15.2. An attacker could exploit the vulnerabilit...

5.4CVSS6.6AI score0.00979EPSS
Exploits1References1
OSV
OSV
added 2020/06/22 6:15 p.m.3 views

CVE-2020-13480

Verint Workforce Optimization WFO 15.2 allows HTML injection via the "send email" feature...

5.4CVSS6.1AI score0.00979EPSS
Exploits1References3
NVD
NVD
added 2020/06/22 6:15 p.m.20 views

CVE-2020-13480

Verint Workforce Optimization WFO 15.2 allows HTML injection via the "send email" feature...

5.4CVSS0.00979EPSS
Exploits1References3
Cvelist
Cvelist
added 2020/06/22 5:31 p.m.26 views

CVE-2020-13480

Verint Workforce Optimization WFO 15.2 allows HTML injection via the "send email" feature...

5.7AI score0.00979EPSS
Exploits1References3
Kitploit
Kitploit
added 2020/06/20 12:30 p.m.173 views

Iox - Tool For Port Forward &Amp; Intranet Proxy

Tool for port forward & intranet proxy, just like lcx/ew, but better Why write? lcx and ew are awesome, but can be improved. when I first used them, I can't remember these complicated parameters for a long time, such as tran, slave, rcsocks, sssocks.... The work mode is clear, why do they design...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/06/19 12:30 p.m.46 views

Vhosts-Sieve - Searching For Virtual Hosts Among Non-Resolvable Domains

Searching for virtual hosts among non-resolvable domains. Installation git clone https://github.com/dariusztytko/vhosts-sieve.git pip3 install -r vhosts-sieve/requirements.txt Usage Get a list of subdomains e.g. using Amass $ amass enum -v -passive -o domains.txt -d example.com -d...

7.5AI score
Exploits0References3
Talos Blog
Talos Blog
added 2020/06/15 11:49 a.m.12 views

Updates to Snort setup guides

Our documentation on Snort 3 running on CentOS and the Snort Rules Writing guide to Snort 3. Thanks to community member Yaser for providing the updates. The Snort 3 guide now has expanded information on logging options — such as syslog and JSON. There is also a new performance optimization sectio...

1.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/06/11 4:0 p.m.37 views

What’s new in Microsoft 365 Compliance and Risk Management

The world has dramatically changed over the past three months. As Satya shared in our recent quarterly earnings, we have seen two years’ worth of digital transformation in two months. With that significant amount of rapid change, it’s more important than ever to make sure your business-critical...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/03 5:0 p.m.26 views

Teaching from home might become part of every teachers’ job description

“Hey Joe, I wanted to remind you that starting next Monday you will be expected to teach from home. The lesson material is in your inbox along with the list of pupils that are expected to follow them. We are sure it will take some adjustments, but we trust that by working together we can make the...

6.6AI score
Exploits0
Rows per page
Query Builder