Lucene search
+L

78 matches found

Tenable Nessus
Tenable Nessus
added 2016/05/04 12:0 a.m.26 views

SUSE SLED12 Security Update : python-tornado (SUSE-SU-2016:1195-1)

The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed : - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...

6.5CVSS6.4AI score0.02489EPSS
Exploits0References10
hackapp
hackapp
added 2016/04/03 7:34 a.m.12 views

Pinball Pro - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Pinball Pro published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:6 a.m.10 views

Angry Shark 2016 - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Angry Shark 2016 published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:26 a.m.14 views

TS Nearby - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application TS Nearby published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 8:54 a.m.11 views

- Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2016/03/31 10:16 p.m.20 views

Firmwalker - Script for searching the extracted firmware file system for goodies!

A simple bash script for searching the extracted or mounted firmware file system. It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and etc/passwd list out the etc/ssl directory search for SSL related files such as .pem, .crt, etc...

7.5AI score
Exploits0References1
Hacker One
Hacker One
added 2016/02/16 9:1 p.m.13 views

Legal Robot: SSL Issue on legalrobot.com

Security researcher discovered an SSL configuration issue on some mobile devices...

2.1AI score
Exploits0
OSV
OSV
added 2015/09/25 1:22 p.m.11 views

SUSE-SU-2015:1776-1 Security update for haproxy

haxproy was updated to backport various security fixes and related patches bsc937202 bsc937042 CVE-2015-3281 + BUG/MAJOR: buffers: make the bufferslowrealign function respect output data + BUG/MINOR: ssl: fix smpfetchsslfcsessionid + MEDIUM: ssl: replace standards DH groups with custom ones +...

5CVSS4AI score0.04274EPSS
Exploits0References5
Hacker One
Hacker One
added 2015/08/22 5:25 p.m.14 views

ownCloud: *.owncloud.com / *.owncloud.org: Using not strong enough SSL ciphers

We have received multiple reports that some of our domains on .owncloud.com and .owncloud.org are not using a recommended configuration for HTTPS purposes. To avoid having multiple issues to track SSL / TLS related problems on .owncloud.com and .owncloud.org we have merged multiple issues togethe...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2015/07/20 9:19 p.m.28 views

KeyBox - A web-based SSH console that centrally manages administrative access to systems

KeyBox is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. Administrators can login...

7.7AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.56 views

SUSE SLES10 Security Update : apache2 (SUSE-SU-2013:0469-1)

This Apache2 LTSS roll-up update for SUSE Linux Enterprise 10 SP3 LTSS fixes the following security issues and bugs : - CVE-2012-4557: Denial of Service via special requests in modproxyajp - CVE-2012-0883: improper LDLIBRARYPATH handling - CVE-2012-2687: filename escaping problem - CVE-2012-0031:...

6.9CVSS8.1AI score0.90734EPSS
Exploits30References30
Kitploit
Kitploit
added 2014/04/15 9:18 p.m.24 views

Burp Suite Professional v1.6 - The leading toolkit for web application security testing

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2013/03/06 11:0 a.m.20 views

CVE-2012-5770

The SSL configuration in IBM Tivoli Application Dependency Discovery Manager TADDM 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack...

6.1AI score0.00937EPSS
Exploits0References3
Atlassian
Atlassian
added 2009/12/24 12:36 a.m.27 views

Unable to use HTTPS for login only

If you setup the urlrewrite.xml like so: noformat ^/s/.//download/images/^?. /images/$2 ^/s/.//^?. /$2 ^/login.action https https://localhost:8443/login.action ^/dologin.action https https://localhost:8443/dologin.action ^/. https /login.action. /dologin.action. /s/. http://localhost:8080/$...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/02/12 12:0 a.m.15 views

IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Vulnerabilities

Binary data 4929.prm...

10CVSS7.3AI score0.03302EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2009/02/12 12:0 a.m.24 views

IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws

IBM WebSphere Application Server 6.1 before Fix Pack 21 appears to be running on the remote host. As such, it is reportedly affected by multiple flaws : - Provided Performance Monitoring Infrastructure PMI is enabled, it may be possible for a local attacker to obtain sensitive information through...

1.9CVSS5.5AI score0.00321EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2008/08/27 8:38 p.m.35 views

Moderate: Red Hat Security Advisory: redhat-ds-base and redhat-ds-admin security and bug fix update

Updated redhat-ds-base and redhat-ds-admin packages are now available that fix security issues and various bugs. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Red Hat Directory Server is an LDAPv3-compliant directory server. Multiple memory...

7.8CVSS5.9AI score0.06555EPSS
Exploits2References19
RedHat Linux
RedHat Linux
added 2007/11/26 1:56 p.m.9 views

tomcat anonymous cipher issue

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts...

2.6CVSS5.9AI score0.18254EPSS
Exploits0References4
Rows per page
Query Builder