7658 matches found
Default configuration
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5....
CVE-2016-2084
CVE-2016-2084 affects F5 BIG-IP and BIG-IQ cloud deployments (AWS, Azure, Verizon) where certificates and keys are not regenerated during deployment, allowing potential disclosure of sensitive data or disruption. The root cause is improper regeneration of certificates/keys when deploying cloud im...
CVE-2015-8021
The CVE-2015-8021 entry maps to an actual vulnerability in the BIG-IP Configuration utility where file uploads via uploadImage.php are not properly validated. Affected BIG-IP products (LTM, Analytics, APM, ASM, GTM, Link Controller, PSM, and related modules) running vulnerable 11.x releases are e...
Onion Services Security Scan: OnionScan
OnionScan is a free and open source tool for investigating the Dark Web. For all the amazing technological innovations in the anonymity and privacy space, there is always a constant threat that has no effective technological patch – human error. Whether it is operational security leaks or softwar...
CVE-2015-8240
The Traffic Management Microkernel TMM in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers...
Google Analytics - Certificates or keys found, Dynamic Code Loading, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Google Analytics published at the 'play' market has multiple vulnerabilities...
SA119 : Multiple NSS Vulnerabilities
SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to trigger arbitrary code execution. The attacker can also cause denial of service through application crashes and memory corruption...
Flurry Analytics - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Flurry Analytics published at the 'play' market has multiple vulnerabilities...
Google Analytics Counter - Moderately Critical - CSRF - SA-CONTRIB-2016-011
The Google Analytics Counter module provides total pageview counts for each page on a website. In that it is similar to the core Statistics module counter, but it is much lighter and ultimately faster because it draws on data from Google Analytics. This is why it is also able to effortlessly coun...
Open Source Big Data Analytics and Visualization: Lumify
Open Source Big Data Integration, Analytics, and Visualization Lumify is an open source project big data fusion, analysis, and visualization platform designed for anyone. Its intuitive web-based interface helps users discover connections and explore relationships in their data via a suite of...
IBM Capacity Management Analytics Local Information Disclosure Vulnerability (CNVD-2016-01392)
IBM Capacity Management Analytics is a suite of capacity management analytics solutions for managing and predicting the utilization of IBM zEnterprise infrastructure resources. A local security vulnerability exists in IBM Capacity Management Analytics that allows a local attacker to exploit the...
Open Web Analytics 1.5.7 Cross Site Scripting
Exploit Title: Open Web Analytics v1.5.7 Cross-Site Scripting Author: 1N3 @CrowdShield https://crowdshield.com Vendor: http://www.openwebanalytics.com/ Date: 02/24/2016 Description: Open Web Analytics suffers from a Cross-Site Scripting vulnerability in the owasiteid parameter because it fails to...
IBM Capacity Management Analytics Local Information Disclosure Vulnerability (CNVD-2016-01329)
IBM Capacity Management Analytics is a suite of capacity management analytics solutions from IBM USA for managing and predicting the usage of IBM zEnterprise infrastructure mainframe computer resources. A local information disclosure vulnerability exists in IBM Capacity Management Analytics. A...
IBM Capacity Management Analytics Local Information Disclosure Vulnerability
IBM Capacity Management Analytics is a suite of capacity management analytics solutions from IBM USA for managing and predicting the usage of IBM zEnterprise infrastructure mainframe computer resources. A local information disclosure vulnerability exists in IBM Capacity Management Analytics. A...
SA114 : GNU C Library (glibc) Remote Code Execution February 2016
SUMMARY Blue Coat products using an affected version of the GNU C Library glibc are susceptible to a remote execution attack. A remote attacker can send a crafted DNS response to the glibc DNS resolver and cause the resolver to crash or execute arbitrary code. AFFECTED PRODUCTS The following...
ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities
ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities ================================================================ ManageEngine Firewall Analyzer 8.5– Privilege Escalation Vulnerability ================================================================ Description : Vulnerability Type :...
WordPress Universal Analytics Plugin <= 1.3.0 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...
Universal Analytics <= 1.3.0 - Authenticated Cross-Site Scripting (XSS)
"A subscriber could update the plugins settings via the URL or AJAX. The settings were not sanitized before saving to the database and not escaped before outputted on the front end."...
Code injection
dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge...
Design/Logic Flaw
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service Traffic Management Microkernel TMM restart via crafted ICMP...