CVE-2017-9368

CVE-2017-9368 affects BlackBerry Workspaces Server. An information disclosure vulnerability allows an attacker to gain access to source code for server‑side applications by crafting requests for specific files. Exploitation is shown as network‑accessible with low attack complexity and no authenti...

CVE-2017-9367

A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request...

CVE-2017-9368

An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files...

CVE-2017-9367

BlackBerry Workspaces Server contains a directory traversal vulnerability that can be exploited via a manipulated POST URL to execute or upload arbitrary files and disclose arbitrary content on the web server. Affected: BlackBerry Workspaces Server (path traversal in POST handling). Root cause: i...

BlackBerry Workspaces Server Information Disclosure Vulnerability

BlackBerry Workspaces Server is a suite of file synchronization and sharing software from BlackBerry Canada. An information disclosure/privilege vulnerability exists in BlackBerry Workspaces Server. An attacker can exploit this vulnerability by submitting multiple login requests to the server to...

CVE-2017-9370

An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server...

Privilege escalation

An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server...

CVE-2017-9370

The connected records indicate a vulnerability in BlackBerry Workspaces Server described as information disclosure/elevation of privilege where an attacker with legitimate access can gain access to another user’s workspace by submitting multiple login requests to the server. Affected product/comp...

CVE-2017-9370

An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server...

Twitter OSINT framework: Birdwatcher

Birdwatcher is a data analysis and OSINT framework for Twitter. Birdwatcher supports creating multiple workspaces where arbitrary Twitter users can be added and their Tweets harvested through the Twitter API for offline storage and analysis. Birdwatcher comes with several modules which can be...

Faraday v2.1 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...

CVE-2016-5462

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via vectors related to Workspaces...

CVE-2016-5462

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via vectors related to Workspaces...

Design/Logic Flaw

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via vectors related to Workspaces...

CVE-2016-5462

CVE-2016-5462 is an unspecified vulnerability in the Siebel Core - Server Framework of Oracle Siebel CRM (versions 8.1.1, 8.2.2, IP2014/IP2015/IP2016) that allows remote administrators to affect confidentiality via Workspaces. The connected Nessus entry corroborates affected components (Siebel Co...

CVE-2016-5462

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via vectors related to Workspaces...

CVE-2015-7536

Cross-site scripting XSS vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts...

Cross site scripting

Cross-site scripting XSS vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts...

CVE-2015-7536

Cross-site scripting XSS vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts...

Cyber Attack Management Tool: Armitage

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every...