CVE-2014-3042

The CVE-2014-3042 entry affects IBM CICS Transaction Server running on z/OS (versions 3.1–5.1). The vulnerability arises from improper handling of CEMT transactions, where remote authenticated users can trigger a denial of service (storage overlay) by sending an invalid 3270 data stream via a 327...

CVE-2014-4010

SAP Transaction Data Pool has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

Hardcoded credentials

SAP Transaction Data Pool has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4010

The vulnerability CVE-2014-4010 affects SAP Transaction Data Pool, which contains hardcoded credentials. The root cause is hardcoded credentials enabling remote attackers to obtain access via unspecified vectors. The NVD entry assigns a CVSS v2 base score of 5.0 (Medium) with Network attack vecto...

CVE-2014-4010

SAP Transaction Data Pool has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

Release Information for Veeam Backup & Replication 7 Patch 4

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Veeam Backup & Replication Patch 4 Release Notes Cause Please confirm you are running version 7.0.0.690, 7.0.0.715, 7.0.0.764, 7.0.0.771, 7.0.0.833, 7.0.0.83...

RedoWalker - Tool to explore Oracle database transaction logs

RedoWalker is a tool to explore Oracle database transaction logs, otherwise known as redo logs. Any time changes are made to the database server, for example after an INSERT, DELETE or UPDATE, they are recorded in the redo log. These redo logs are stored in a proprietary and undocumented format...

Threat Outbreak Alert: Fake Financial Transaction Notification Email Messages on May 20, 2014

Medium Alert ID: 34308 First Published: 2014 May 20 18:35 GMT Version: 1 Summary Cisco Security has detected significant activity related to Portuguese-language spam email messages that claim to contain an electronic payment invoice for the recipient. The text in the email message attempts to...

SA-CONTRIB-2014-050 - Commerce Postfinance ePayment - Access Bypass

The Commerce Postfinance ePayment module provides commerce payment methods for the Postfinance e-Payment service provider. The module doesn't sufficiently validate incoming payment notification IPN messages. Sending a specifically crafted IPN message to an affected site allows an attacker to crea...

Threat Outbreak Alert: Fake Account Money Transaction Notification Email Messages on May 7, 2014

Medium Alert ID: 34152 First Published: 2014 May 8 15:59 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment confirmation towards an invoice for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Financial Transaction Notification Email Messages on September 7, 2014

Medium Alert ID: 33856 First Published: 2014 April 18 20:03 GMT Last Updated: 2014 September 9 13:22 GMT Version: 10 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a financial transaction notification for the recipient. The text in th...

Threat Outbreak Alert: Fake ACH Transaction Error Report Email Messages on April 2, 2014

Medium Alert ID: 33631 First Published: 2014 April 3 15:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an ACH transaction error report for the recipient. The text in the email message attempts to convince the recipie...

Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)

There exists a vulnerability in Squid Web Proxy Cache in the processing of DNS lookups. The flaw is caused by predictable transaction identifiers in DNS requests generated by Squid. A remote attacker may leverage this vulnerability to use spoofed DNS responses to poison the DNS cache on the targe...

Bitcoin Transaction Malleability Flaw Resolved

The so-called transaction malleability software issue blamed for the dissolution of Bitcoin exchange Mt. Gox has been patched. Also, the Bitcoin-QT reference client was also rebranded to Bitcoin Core, in order to clear confusion users might have had between the Bitcoin network and software. Bitco...

Threat Outbreak Alert: Fake Payment Transaction Notification Email Messages on March 18, 2014

Medium Alert ID: 33384 First Published: 2014 March 18 18:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment transaction notification for the recipient. The text in the email message attempts to convince the...

Microsoft Disclosed User Content in 10% of U.S. Law Enforcement Requests

Microsoft supplied user content in response to 10.8 percent of the law enforcement requests it received from United States agencies in the second half of 2013. The company got more than 5,600 requests from U.S. agencies in the last six months of the year, and in the vast majority of those–68...

Threat Outbreak Alert: Fake Bank Account Fraud Notification Email Messages on March 3, 2014

Medium Alert ID: 33156 First Published: 2014 March 3 15:28 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank account fraudulent transaction notice for the recipient. The text in the email message attempts to convinc...

SAP Internet Transaction Server Directory Traversal - Ver2 (CVE-2003-0748)

A directory traversal vulnerability has been reported in wgate.dll for SAP Internet Transaction Server ITS. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...

SAP Internet Transaction Server wgate.dll service Parameter XSS - Ver2 (CVE-2003-0749)

A cross-site scripting vulnerability has been reported in SAP Internet Transaction Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

php cloud talent system UC API not initialized injection vulnerability-vulnerability warning-the black bar safety net

Detailed description: api/alipaydual/notifyurl.php requireonce"alipay.config.php"; requireonce"lib/alipaynotify.class.php"; requireoncedirnamedirnamedirnameFILE."/ data/db.config.php"; requireoncedirnamedirnamedirnameFILE."/ include/mysql.class.php"; $db = new mysql$dbconfig'dbhost',...