Lucene search
K

72 matches found

CISA
CISA
added 2018/03/28 12:0 a.m.15 views

North Korean Malicious Cyber Activity

The Department of Homeland Security DHS and the Federal Bureau of Investigation FBI have identified Trojan malware variants—referred to as SHARPKNOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA...

6.9AI score
Exploits0References1
CISA
CISA
added 2017/12/21 12:0 a.m.10 views

North Korean Malicious Cyber Activity

The Department of Homeland Security DHS and the Federal Bureau of Investigation FBI have identified Trojan malware variants—referred to as BANKSHOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. US-CERT...

6.9AI score
Exploits0References2
Exploit DB
Exploit DB
added 2017/10/17 12:0 a.m.45 views

Squid Analysis Report Generator 2.3.10 - Remote Code Execution

Exploit Title: RCE/Arbitrary file write in Squid Analysis Report Generator SARG Google Dork: inurl:sarg-php Date: 01 September 2017 Exploit Author: Pavel Suprunyuk Vendor Homepage: https://sourceforge.net/projects/sarg/ Software Link: https://sourceforge.net/projects/sarg/ Version: Tested on...

7.4AI score
Exploits0
CISA
CISA
added 2017/02/10 12:0 a.m.36 views

Enhanced Analysis of GRIZZLY STEPPE

The Department of Homeland Security DHS has released an Analysis Report AR related to malicious cyber activity designated as GRIZZLY STEPPE. This AR provides a thorough analysis of the methods threat actors use to infiltrate systems, as well as specific mitigation techniques that may be used to...

6.6AI score
Exploits0References3
Kitploit
Kitploit
added 2015/03/16 1:43 a.m.48 views

AVCaesar - Malware Analysis Engine and Repository

AVCaesar is a malware analysis engine and repository, developed by malware.lu within the FP7 project CockpitCI. Functionalities AVCaesar can be used to: Perform an efficient malware analysis of suspicious files based on the results of a set of antivirus solutions, bundled together to reach the...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Junsoft JSparm 4.0 Logging Output File Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2515/info JSparm is the Junsoft Performance Analysis Report Maker package. This software package provides an enhanced perfmon performance monitoring package and interface, as well as a performance report generation...

7.1AI score
Exploits0
myhack58
myhack58
added 2014/06/07 12:0 a.m.77 views

Fortify SCA analysis code vulnerabilities the whole solution-vulnerability warning-the black bar safety net

The last describes the use of FindBugs-assisted analysis of code vulnerability, this time a tools: Fortify SCA Demo 4.0.0。 Fortify is a security aspect of the quite famous company, there is not much to say. First introduce the protagonist: the Fortify SCA Demo 4.0.0, although do not know now...

0.5AI score
Exploits0
Kitploit
Kitploit
added 2013/12/27 12:34 a.m.31 views

[Anubis] Online Analyzing Unknown Binaries

Anubis is a service for analyzing malware. Submit your Windows executable or Android APK and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL...

7.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2009/12/30 10:30 p.m.25 views

CVE-2008-7249

Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...

9.3CVSS6.1AI score0.03975EPSS
Exploits0References1
OSV
OSV
added 2009/12/30 10:30 p.m.9 views

CVE-2008-7250

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

5.5AI score
Exploits0References3
NVD
NVD
added 2009/12/30 10:30 p.m.19 views

CVE-2008-7250

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

4.3CVSS5.5AI score0.01056EPSS
Exploits0References3
Prion
Prion
added 2009/12/30 10:30 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

4.3CVSS5.8AI score0.01553EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2009/12/30 10:30 p.m.30 views

CVE-2008-7250

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

4.3CVSS6AI score0.01056EPSS
Exploits0References1
Prion
Prion
added 2009/12/30 10:30 p.m.14 views

Buffer overflow

Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...

9.3CVSS7.9AI score0.06681EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/12/30 10:30 p.m.17 views

CVE-2008-7249

Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...

9.3CVSS7.6AI score0.03975EPSS
Exploits0References3
OSV
OSV
added 2009/12/30 10:30 p.m.8 views

CVE-2008-7249

Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...

7.6AI score
Exploits0References4
Debian CVE
Debian CVE
added 2009/12/30 10:0 p.m.44 views

CVE-2008-7249

Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...

9.3CVSS7.4AI score0.03975EPSS
Exploits0
CVE
CVE
added 2009/12/30 10:0 p.m.52 views

CVE-2008-7249

CVE-2008-7249 : A buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1 (and likely later) allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file. This is a standalone vulnerability distinct from CVE-2008-1167. Affec...

9.3CVSS7.5AI score0.03975EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/12/30 10:0 p.m.86 views

CVE-2008-7250

The CVE-2008-7250 entry describes a Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.4. An attacker could inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is mishandled when displaying the Squid proxy log. The ...

4.3CVSS5.4AI score0.01056EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2008/03/13 12:0 a.m.31 views

Squid Analysis Report Generator buffer overflow

Buffer overflow and crossite scripting on oversized User-Agent in squid log...

10CVSS3.3AI score0.06681EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder