7667 matches found
CVE-2016-9247
Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel TMM to restart...
CVE-2016-9247
CVE-2016-9247 affects F5 BIG-IP TMM when a virtual server uses a FastL4 profile with a TCP analytics profile; a specific packet sequence can cause TMM restart, potentially disrupting traffic or causing failover. The F5 advisory lists vulnerable versions (e.g., BIG-IP LTM 12.1.0–12.1.1 and other a...
CVE-2016-9247
Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel TMM to restart...
Shopify: apps.shopify.com - CSRF token leakage through Google Analytics
Description: When a user tries to send a support a message to an app developer in apps.shopify.com , he will be asked to login and once he is logged in , he will be redirected to apps.shopify.com/appid?authenticitytoken=currentuserauthenticitytoken. Developers can track their app page view in...
Western Digital MyCloud NAS Remote Command Injection Vulnerability
Western Digital MyCloud NAS is a personal cloud storage device. Western Digital MyCloud NAS version 2.11.142 suffers from a remote command injection vulnerability in /web/googleanalytics.php, which allows an attacker to execute arbitrary commands with root privileges via the arg parameter within...
CVE-2016-10108
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/googleanalytics.php URL via a modified arg parameter in the POST data...
SAP HANA Remote Security Bypass Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions, users can directly query and analyze a large amount of real-time business data. A remote security bypass vulnerability exists in SAP HANA. An attacker could exploit this issue to...
F5 Networks BIG-IP : TMM vulnerability (K33500120)
Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel TMM to restart. CVE-2016-9247 Impact An attacker may be able to disrupt traffic or cause the...
WordPress Plugin Google Analytics Counter Tracker PHP Object Injection Vulnerability
WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . WordPress plugin Google Analytics Counter Tracker has a PHP object injection vulnerability, the vulnerability...
WordPress Google Analytics Counter Tracker 3.1.5 PHP Object Injection Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Google Analytics Counter Tracker WordPress Plugin unauthenticed PHP Object injection vulnerability -----------------------------------------------------------------------...
German Industrial Giant Victim of Cyber Espionage
German industrial conglomerate ThyssenKrupp disclosed last week that technical trade secrets were stolen in a cyberattack that dates back to February. Adversaries, ThyssenKrupp said, engaged in “organized, highly professional hacker activities” and launched their attack from the Southeast Asian...
Updated python-tornado package fixes security vulnerability
A difference in cookie parsing between Tornado and web browsers especially when combined with Google Analytics could allow an attacker to set arbitrary cookies and bypass XSRF protection. The cookie parser has been rewritten to fix this attack...
WordPress Google Analytics Counter Tracker Plugin <= 3.4.0 - PHP Object Injection
This plugin is prone to a PHP object injection vulnerability. It allows attackers to execute arbitrary PHP code. Solution Update the plugin...
WordPress Google Analytics Counter Tracker Plugin <= 3.4.0 - PHP Object Injection
This plugin is prone to a PHP object injection vulnerability. It allows attackers to execute arbitrary PHP code. Solution Update the plugin...
WordPress Google Analytics Counter Tracker 3.1.5 PHP Object Injection
------------------------------------------------------------------------ Google Analytics Counter Tracker WordPress Plugin unauthenticed PHP Object injection vulnerability ------------------------------------------------------------------------ Remco Vermeulen, July 2016...
Fedora Update for drupal7-google_analytics FEDORA-2016-9c04d7e5c5
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM Web Content Manager Production Analytics Cross-Site Scripting Vulnerability
IBM Web Content Manager Production Analytics is a product of IBM Corporation, USA. A cross-site scripting vulnerability exists in IBM Web Content Manager Production Analytics, which can be exploited by an attacker to inject arbitrary JavaScript code into the Web UI...
Google Analytics Counter Tracker <= 3.4.0 - Unauthenticated PHP Object Injection
The Google Analytics Counter Tracker WordPress plugin was affected by an Unauthenticated PHP Object Injection security vulnerability...
Fedora 25 : drupal7-google_analytics (2016-9c04d7e5c5)
7.x-2.3 - Google Analytics - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2016-042 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Extending Linux Executable Logging With The Integrity Measurement Architecture
Gaining insight into the files being executed on your system is a great first step towards improved visibility on your endpoints. Taking this a step further, centrally storing logs of file execution data so they can be used for detection and hunting provides an excellent opportunity to find evil ...