1826 matches found
CVE-2016-0863
Cross-site request forgery CSRF vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to hijack the authentication of arbitrary users...
Code injection
Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote authenticated users to change arbitrary passwords via unspecified vectors...
Information disclosure
Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...
CVE-2016-0863
The vulnerability CVE-2016-0863 affects Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS prior to 5.1 and 4.1.0 Build 16. It is a Cross-Site Request Forgery (CSRF) flaw that allows an attacker to perform actions on an authenticated session, effectively hijacking user aut...
CVE-2016-0864
The CVE-2016-0864 entry concerns Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS prior to 5.1 and 4.1.0 Build 16. It describes an information disclosure vulnerability where remote attackers can obtain sensitive reports and usernames. Public sources in connected document...
CVE-2016-0864
Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...
CVE-2016-0865
Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote authenticated users to change arbitrary passwords via unspecified vectors...
CVE-2016-0866
The CVE-2016-0866 entry maps to a Cross-site Scripting (XSS) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS prior to 5.1 and 4.1.0 Build 16. Affected product: LightHouse EMS web server; vulnerability arises from improper input handling, enabling remote...
Maltrail - Malicious Traffic Detection System
Maltrail is a malicious traffic detection system, utilizing publicly available blacklists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name e.g...
Comcast's Xfinity Home Security System Vulnerability
Update Comcast’s Xfinity Home Security System is vulnerable to attacks that interfere with its ability to detect and alert to home intrusions. Researchers at Rapid7 today disclosed the issue after fruitless attempts to contact and report the problem to Comcast dating back to Nov. 2; Rapid7 did...
This Guy Builds A Thor-Like Hammer that Only He Can Pick Up
If you have watched the most recent Avengers movie, then you would be aware of a scene where all the superheroes Iron Man, War Machine, Hawkeye, and Captain America take turns to lift Thor’s hammer but fail. Someone has an explanation, Why? Inspired by Thor's legendary hammer Mjolnir that is not...
Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...
Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878
UPDATED CORRECTION + Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0724.txt Vulnerability Type: =================== CSRF CVE Reference: ============== CVE-2015-2878 Vendor: =================== www.hexiscyber.com...
Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting Information Leakage
Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting Information Leakage Exploit Title: Persistent XSS, Information Leakage IDS / IPS Google Dork: intitle: Persistent XSS, Information Leakage IDS / IPS Date: 2015-07-25 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor...
Hawkeye-G 3.0.1.4912 Cross Site Request Forgery
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0724.txt Vulnerability Type: =================== CSRF CVE Reference: ============== CVE-2015-2878 Vendor: =================== www.hexiscyber.com Product:...
Mind Blowing Radar-based Gesture Recognition Technology for Everything
Since it introduced at the annual Google I/O conference, Project Soli has been trending on the Internet. Project Soli is one of Google's latest cutting-edge experiments that could actually transform the way humans interact with technology. Project Soli is not a wearable watch you might think it i...
CVE-2015-0739
The Lights-Out Management LOM implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller BMC file uploads via unspecified vectors, aka Bug ID CSCus87938...
CVE-2015-0739
Cisco FireSIGHT System Software 5.3.0 (Sourcefire 3D Sensor) LOM vulnerability allows remote authenticated users to perform arbitrary BMC file uploads via unspecified vectors; root cause is insufficient input validation in Lights-Out Management. Exploitation could lead to arbitrary code execution...
Samsung Galaxy S5 Fingerprint Data Leakage Vulnerability
Samsung Galaxy S5 is a Samsung 4G smartphone product. A security vulnerability exists in the implementation of the Samsung Galaxy S5 in which the user's fingerprint information is used for authentication. The vulnerability allows an attacker running a program as root on a mobile device to directl...
UBUNTU-CVE-2014-9689
content/renderer/devicesensors/deviceorientationeventpump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote attackers to obtain speech signals from a device's physical environment via a crafted web site that...