Lucene search
K

112 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:8 a.m.16 views

Security Bulletin: Vulnerability in SSLv3 affects IBM Virtualization Engine TS7700 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Virtualization Engine TS7700. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain...

4.3CVSS1.1AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:35 p.m.48 views

Security Bulletin: Vulnerability in OpenSSL affects IBM® DB2® LUW (CVE-2015-1788)

Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit and IBM Tivoli Flash Copy Manager. IBM DB2 LUW uses GSKit & IBM Tivoli Flash Copy Manager and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerab...

4.3CVSS0.3AI score0.23222EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:8 p.m.16 views

Security Bulletin: TLS padding vulnerability affects IBM® DB2® LUW (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM® DB2® LUW. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by the...

4.3CVSS0.1372EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2018/05/24 12:0 a.m.57 views

SUSE SLES12 Security Update : mariadb (SUSE-SU-2018:1382-1)

MariaDB was updated to 10.0.35 bsc1090518 Notable changes : - PCRE updated to 8.42 - XtraDB updated to 5.6.39-83.1 - TokuDB updated to 5.6.39-83.1 - InnoDB updated to 5.6.40 - The embedded server library now supports SSL when connecting to remote servers bsc1088681, CVE-2018-2767 - MDEV-15249 -...

7.7CVSS6.4AI score0.0401EPSS
Exploits0References29
OSV
OSV
added 2018/05/23 8:16 a.m.8 views

SUSE-SU-2018:1382-1 Security update for mariadb

MariaDB was updated to 10.0.35 bsc1090518 Notable changes: PCRE updated to 8.42 XtraDB updated to 5.6.39-83.1 TokuDB updated to 5.6.39-83.1 InnoDB updated to 5.6.40 The embedded server library now supports SSL when connecting to remote servers bsc1088681, CVE-2018-2767 MDEV-15249 - Crash in MVCC...

7.7CVSS5.7AI score0.0401EPSS
Exploits0References15
Fedora
Fedora
added 2018/01/30 5:34 p.m.32 views

[SECURITY] Fedora 26 Update: curl-7.53.1-14.fc26

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

9.8CVSS0.08031EPSS
Exploits0
OSV
OSV
added 2017/12/29 4:35 p.m.7 views

OPENSUSE-SU-2017:3448-1 Security update for phpMyAdmin

This update for phpMyAdmin to version 4.7.7 fixes a security issue and bugs. The following vulnerability was fixed: - By deceiving a user to click on a crafted URL, it was possible to perform harmful database operations bsc1074066, PMASA-2017-09 This update also contains all upstream improvements...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2017/11/12 1:32 p.m.171 views

CredSniper - Phishing Framework which supports SSL and capture credentials with 2FA tokens

Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token. Benefits Fully supporte...

9.2AI score
Exploits0References1
Kitploit
Kitploit
added 2017/10/28 1:30 p.m.166 views

Nikto v2.1.6 - Web Server Scanner

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks...

8.7AI score
Exploits0References1
n0where
n0where
added 2017/05/11 4:7 a.m.54 views

Very Fast Network Logon Cracker: THC-Hydra

Very Fast Network Logon Cracker Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast. This fast, and...

7.5AI score
Exploits0References1
NVD
NVD
added 2016/04/12 2:59 p.m.25 views

CVE-2016-2166

The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...

6.5CVSS6.2AI score0.04267EPSS
Exploits0References7
Prion
Prion
added 2016/04/12 2:59 p.m.12 views

Code injection

The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...

5.8CVSS6.4AI score0.04267EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2016/04/12 2:0 p.m.28 views

CVE-2016-2166

The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...

6.1AI score0.04267EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2016/04/12 2:0 p.m.25 views

CVE-2016-2166

The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...

6.5CVSS6.2AI score0.04267EPSS
Exploits0
Kitploit
Kitploit
added 2016/03/22 9:56 p.m.15 views

Shocker - A tool to find and exploit servers vulnerable to Shellshock

A tool to find and exploit servers vulnerable to Shellshock Help Text usage: shocker.py -h, --help show this help message and exit --Host HOST, -H HOST A target hostname or IP address --file FILE, -f FILE File containing a list of targets --port PORT, -p PORT The target port number default=80...

7.8AI score
Exploits0References2
NVD
NVD
added 2016/01/21 2:59 a.m.23 views

CVE-2016-0439

Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430...

5CVSS5.6AI score0.01831EPSS
Exploits0References2
NVD
NVD
added 2016/01/21 2:59 a.m.23 views

CVE-2016-0430

Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439...

4.3CVSS5.6AI score0.01665EPSS
Exploits0References2
Prion
Prion
added 2016/01/21 2:59 a.m.13 views

Design/Logic Flaw

Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support...

4.3CVSS6.1AI score0.01665EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/01/21 2:59 a.m.16 views

Design/Logic Flaw

Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439...

4.3CVSS5.9AI score0.01831EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/01/21 2:59 a.m.15 views

Design/Logic Flaw

Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430...

5CVSS5.9AI score0.01831EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder