CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2020/10/08 5:15 a.m.•15 views

Input validation

5CVSS5.7AI score0.0099EPSS

Cvelist•added 2020/10/08 4:20 a.m.•17 views

CVE-2020-3568 Cisco Email Security Appliance URL Filtering Bypass Vulnerability

5.8CVSS5.7AI score0.0099EPSS

CVE•added 2020/10/08 4:20 a.m.•91 views

CVE-2020-3568

Summary: CVE-2020-3568 affects Cisco Email Security Appliance (ESA) running Cisco AsyncOS. The issue is in the antispam/URL filtering path where insufficient input validation of URLs can allow an unauthenticated, remote attacker to bypass URL reputation filters by crafting a URL in a specific way...

5.8CVSS5.7AI score0.0099EPSS

Cisco•added 2020/10/07 4:0 p.m.•34 views

Cisco Email Security Appliance URL Filtering Bypass Vulnerability

5.8CVSS3.1AI score0.0099EPSS

Malwarebytes•added 2020/09/18 4:57 p.m.•33 views

Is domain name abuse something companies should worry about?

Even though some organizations and companies may not realize it, their domain name is an important asset. Their web presence can even make or break companies. Therefor, "domain name abuse" is something that can ruin your reputation. Losing control There are several ways in which perpetrators can...

6.4AI score

Kitploit•added 2020/09/03 9:30 p.m.•63 views

Geo-Recon - An OSINT CLI Tool Desgined To Fast Track IP Reputation And Geo-locaton Look Up For Security Analysts

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts. Setup This tool is compactible with: Any Linux Operating System Debian, Ubuntu, CentOS Termux Linux Setup git clone https://github.com/radioactivetobi/geo-recon.git cd geo-recon chmod +x...

7.3AI score

ThreatPost•added 2020/08/07 12:48 a.m.•44 views

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem

Social media used as a cudgel for nation-states to sway opinion is a cybersecurity threat CISOs can’t ignore — and need to understand better and mitigate against. That’s the message from Renée DiResta, research manager at the Stanford Internet Observatory, who said she is seeing a steady growth a...

0.2AI score

Exploits0References5

Akamai Blog•added 2020/07/09 4:0 a.m.•36 views

The Importance of Culture and Collaboration

I joined Akamai Japan in June 2020. Of course, having worked in technology for my whole career, I already knew of Akamai and our strong reputation. I knew it was an intelligent company, with impressive technology, and - above all - a great story that really inspired me...

2.7AI score

Hacker One•added 2020/06/23 6:34 p.m.•15 views

Nextcloud: Github wikis are editable by anyone https://github.com/nextcloud/bookmarks/wiki

Github wikis on the following projects https://github.com/nextcloud/bookmarks/wiki can be edited by any logged in user in the system. This poses security and reputation risk for the company. Impact As wikis listed above can be edited by any person on the internet, a malicious actor can accurately...

0.8AI score

OSV•added 2020/06/18 3:15 a.m.•1 views

CVE-2020-3368

5.8CVSS6.2AI score0.01378EPSS

NVD•added 2020/06/18 3:15 a.m.•19 views

CVE-2020-3368

5.8CVSS0.01378EPSS

Prion•added 2020/06/18 3:15 a.m.•16 views

Input validation

5CVSS5.7AI score0.01378EPSS

CVE•added 2020/06/18 2:17 a.m.•73 views

CVE-2020-3368

The CVE affects Cisco AsyncOS on the Cisco Email Security Appliance (ESA), where an input-validation weakness allows an unauthenticated, remote attacker to bypass URL reputation filters by crafting a URL. The root cause is insufficient URL input validation. Impact is bypass of URL filtering, enab...

5.8CVSS5.7AI score0.01378EPSS

Cvelist•added 2020/06/18 2:17 a.m.•17 views

CVE-2020-3368 Cisco Email Security Appliance URL Filtering Bypass Vulnerability

5.8CVSS5.7AI score0.01378EPSS

Hacker One•added 2020/06/11 12:0 p.m.•13 views

Facebook: Facebook - Reputation Sync For #267890541047618

This bug was reported directly to Facebook...

1.8AI score

Imperva Blog•added 2020/06/08 8:13 p.m.•71 views

Pinpoint and Act Upon “Bad Reputation” IPs

There’s no question that today’s cyber attackers use increasingly sophisticated methods in order to disrupt business or steal private data. And faced with so many attacks from various sources, IT professionals are forced to constantly challenge themselves to identify those alerts more critical th...

0.4AI score

The Coalfire Blog•added 2020/05/27 11:37 p.m.•12 views

Planning Ahead to Prevent Vulnerabilities

The cost to remediate vulnerabilities increases as those vulnerabilities make it further into the development process. If they make it into a final release, those vulnerabilities can leave organizations vulnerable to attacks, costing time and resources to address, as well as causing damage to the...

3AI score

CNVD•added 2020/05/26 12:0 a.m.•1 views

Unauthorized Access Vulnerability in Reputation's Backend Operations Management Center

Shenzhen Guo Ren Online Information Technology Co., Ltd. focuses on the traditional small and medium-sized enterprises in China to provide full network marketing, network marketing and promotion, network promotion outsourcing services in Shenzhen network promotion company. Unauthorized access...

6.8AI score

Pen Test Partners Blog•added 2020/05/22 5:11 a.m.•49 views

Ethical dilemmas with responsible disclosure

We do a LOT of disclosures, probably starting one a day on average. Between us, we spend a man day or so per week just managing disclosures. It creates pain for us and consumes time, particularly when the vendor won’t listen. We get the occasional legal threat, which takes time and money to slap...

6.9AI score