Lucene search
K

67 matches found

CNNVD
CNNVD
added 2022/11/16 12:0 a.m.3 views

IBM Sterling Partner Engagement Manager 安全漏洞

An information disclosure vulnerability exists in IBM Sterling Partner Engagement Manager version 2.0, an automated management tool from International Business Machines Corporation IBM. The vulnerability stems from inadequate protection of sensitive information and encrypted storage of locally...

4CVSS5.8AI score0.00191EPSS
Exploits0References4
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/11/03 4:0 p.m.25 views

Identifying cyberthreats quickly with proactive security testing

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Matthew Hickey,...

7AI score
Exploits0
CNNVD
CNNVD
added 2022/09/05 12:0 a.m.2 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS is vulnerable to an information disclosure vulnerability caused by insufficient protection of sensitive information in the interface of th...

7.5CVSS6.1AI score0.00441EPSS
Exploits0References4
Hacker One
Hacker One
added 2022/09/03 6:59 p.m.20 views

U.S. Dept Of Defense: Authentication bypass leads to Information Disclosure at U.S Air Force "https://███"

Hi Hackerone Triage team, I'm new in this program, what i understood that every Web Owned/Operated by DoD is in scope , so i did some google searches , exactly in wikipedia and i've find this PNG that confirms that U.S Air Force is in scope :...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.2 views

PT-2022-4272 · Microsoft · Windows Defender +1

Name of the Vulnerable Software and Affected Versions: Windows Defender affected versions not specified Description: The issue is related to a lack of protection for sensitive data in Windows Defender, which could allow an attacker to obtain unauthorized access to protected information. This coul...

5.5CVSS5.9AI score0.01452EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.2 views

PT-2022-4273 · Microsoft · Windows Defender +1

Name of the Vulnerable Software and Affected Versions: Windows Defender affected versions not specified Description: The issue is related to a lack of protection for sensitive data in Windows Defender, which could allow an attacker to obtain unauthorized access to protected information. This may...

5.5CVSS5.9AI score0.01452EPSS
Exploits0References12
Imperva Blog
Imperva Blog
added 2022/07/07 1:36 p.m.15 views

The Benefits of Including Static Data Masking in Your Security Arsenal

Static data masking SDM is defined as, “The act of permanently replacing sensitive data at rest with a realistic fictional equivalent for the purpose of protecting data from unwanted disclosure.” Industry analysts characterize SDM as a must-have data protection layer capable of protecting large...

0.2AI score
Exploits0
OSV
OSV
added 2022/06/24 8:50 p.m.11 views

MGASA-2022-0239 Updated 389-ds-base packages fix security vulnerability

An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows...

7.5CVSS7.5AI score0.01394EPSS
Exploits0References3
Imperva Blog
Imperva Blog
added 2021/12/14 2:26 p.m.21 views

New research reveals that one third of all log-in attempts on eCommerce sites are malicious

What do humans and bots have in common? A love for visiting online shopping sites: more than half 57% of all attacks on retail websites in 2021 were carried out by bots, compared to 33% for all other industries. It gets worse: a third of all log-in attempts on retail eCommerce websites are accoun...

0.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/09/14 12:0 a.m.4 views

PT-2021-6961 · Microsoft · Accessibility Insights For Android

Name of the Vulnerable Software and Affected Versions: Microsoft Accessibility Insights for Android affected versions not specified Description: The issue is related to a lack of protection for sensitive data. Exploitation of this issue may allow an attacker to gain unauthorized access to protect...

6.3CVSS6.3AI score0.02753EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2017:0899-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.02937EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2021/05/19 8:24 p.m.190 views

Can Nanotech Secure IoT Devices From the Inside-Out?

Another day, another incident of internet-of-things IoT gadgets falling flat on their faces and spilling users’ privacy, if not getting hooked into a botnet, used for cryptomining or opening a network backdoor that allows intruders to move laterally through a network. It’s only Wednesday, but...

7.6AI score
Exploits0References15
BDU FSTEC
BDU FSTEC
added 2021/04/14 12:0 a.m.2 views

The vulnerability of the SeaMonkey web browser software lies in the lack of protection for sensitive data, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the SeaMonkey web browser lies in the lack of protection for sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6.8CVSS5.5AI score
Exploits0References4Affected Software2
OSV
OSV
added 2020/10/17 4:22 a.m.2 views

OPENSUSE-SU-2020:1678-1 Security update for crmsh

This update for crmsh fixes the following issues: - Fixed startdelay with start-delaybsc1176569 - fix onfail should be on-failbsc1176569 - config: Try to handle configparser.MissingSectionHeaderError while reading config file - uiconfigure: Obscure sensitive data by defaultbsc1163581 This update...

7AI score
Exploits0References3
Microsoft Secure
Microsoft Secure
added 2020/08/06 4:0 p.m.39 views

Zero Trust: From security option to business imperative overnight

Not long ago when I spoke with customers about Zero Trust, our conversations focused on discussing the principles, defining scope, or sharing our own IT organization’s journey. Zero Trust was something interesting to learn about, and most organizations were very much in the exploratory phase. As...

7.4AI score
Exploits0
CVE
CVE
added 2020/03/04 9:54 p.m.77 views

CVE-2019-17644

CVE-2019-17644 affects Centreon versions before 2.8-30, 18.10-8, 19.04-5, and 19.10-2. An unauthenticated direct request to include/configuration/configObject/host/refreshMacroAjax.php permits disclosure of sensitive information. Root cause is improper access control on the host macro refresh end...

7.5CVSS7.5AI score0.01298EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2020/02/26 12:34 p.m.2 views

Google Advises Android Developers to Encrypt App Data On Device

Google today published a blog post recommending mobile app developers to encrypt data that their apps generate on the users' devices, especially when they use unprotected external storage that's prone to hijacking. Moreover, considering that there are not many reference frameworks available for t...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/10/17 5:30 p.m.50 views

Why all organizations must better protect sensitive data

About two weeks ago, National Cybersecurity Awareness Month NCSAM kicked off with a new message stressing personal responsibility for users keeping themselves safe online: “Own IT. Secure IT. Protect IT.” NCSAM asked users to consider best practices for both securing their own devices and...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.33 views

SUSE SLES12 Security Update : php7 (SUSE-SU-2017:0899-1)

This update for php7 fixes the following issues: Security issue fixed : - CVE-2015-8994: code permission/sensitive data protection vulnerability bsc1027210. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

7.5CVSS8.1AI score0.02937EPSS
Exploits1References4
exploitpack
exploitpack
added 2018/11/02 12:0 a.m.12 views

Jelastic 5.4 - host SQL Injection

Jelastic 5.4 - host SQL Injection Exploit Title: Jelastic 5.4 - 'host' SQL injection Google Dork: N/A Date: date Exploit Author: Procode701 Vendor Homepage: https://jelastic.com/ Software Link: https://jelastic.com/ Version: 5.4 Tested on: Kali Linux CVE : N/A POC: The application...

8.6AI score
Exploits0
Rows per page
Query Builder