Github Mitigates DDoS Attack

Code repository Github mitigated a distributed denial-of-service attack, restoring services this morning around 9 a.m. Eastern time. According to a Github status log, connectivity problems began today around 5:30 a.m. with Github declaring it was under a DDoS attack an hour later. A request for...

CVE-2015-5058

CVE-2015-5058 is an ICMP packet processing memory-leak vulnerability in F5 BIG-IP components (LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, PEM) and BIG-IQ (Cloud, Device, Security 4.4.0–4.5.0; ADC 4.5.0). The root cause is a memory leak triggered by a large number of crafted ICMP pac...

[SECURITY] Fedora 22 Update: elasticsearch-1.6.1-0.fc22

Elasticsearch is a search server based on Lucene. It provides a distributed, multitenant-capable full-text search engine with a RESTful web interface and schema-free JSON documents. Elasticsearch is developed in Java and is relea sed as open source under the terms of the Apache License. It is a...

WordPress Google Analytics Plugin <= 5.4.4 - Stored XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Upgrade this plugin...

Google Analytics By Yoast Premium 5.4.4 Cross Site Scripting

Details ================ Software: Google Analytics by Yoast Premium Version: 5.4.4 Homepage: https://yoast.com/wordpress/plugins/google-analytics/ Advisory report: https://security.dxw.com/advisories/xss-in-google-analytics-by-yoast-premium-by-privileged-users/ CVE: Awaiting assignment CVSS: 5.5...

Google Analytics by Yoast <= 5.4.4 - Authenticated Stored Cross-Site Scripting (XSS)

The Google Analytics Dashboard Plugin for WordPress by MonsterInsights WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting XSS security vulnerability...

GE Healthcare Centricity Analytics Server Built-in Account Vulnerability

GE Healthcare Centricity Analytics Server is a suite of imaging analytics solutions for the healthcare industry. GE Healthcare Centricity Analytics Server has built-in accounts, sa users use the 'V0yag3r' password, analyst uses the G3car3s password, ccg uses the G3car3s password, viewer uses the...

Best Self Hosted Alternatives

Best Self Hosted Alternatives Analytics AWStats Generates web, streaming, ftp or mail server statistics graphically. Source Code GPLv3 Perl Countly Real time mobile & web analytics, crash reporting and push notifications platform. Source Code AGPLv3 Javascript Druid A distributed, column-oriented...

CVE-2011-5322

GE Healthcare Centricity Analytics Server 1.1 has a default password of 1 V0yag3r for the SQL Server sa user, 2 G3car3s for the analyst user, 3 G3car3s for the ccg user, 4 V0yag3r for the viewer user, and 5 geservice for the geservice user in the Webmin interface, which has unspecified impact and...

Default credentials

GE Healthcare Centricity Analytics Server 1.1 has a default password of 1 V0yag3r for the SQL Server sa user, 2 G3car3s for the analyst user, 3 G3car3s for the ccg user, 4 V0yag3r for the viewer user, and 5 geservice for the geservice user in the Webmin interface, which has unspecified impact and...

CVE-2011-5322

GE Healthcare Centricity Analytics Server 1.1 has a default password of 1 V0yag3r for the SQL Server sa user, 2 G3car3s for the analyst user, 3 G3car3s for the ccg user, 4 V0yag3r for the viewer user, and 5 geservice for the geservice user in the Webmin interface, which has unspecified impact and...

CVE-2011-5322

GE Healthcare Centricity PACS-IW (Centricity PACS-IW) is vulnerable via default/hard-coded credentials documented for CVE-2011-5322 in Centricity Analytics Server 1.1, notably in the Webmin interface where several accounts use known passwords (e.g., V0yag3r, G3car3s, geservice). Exploitation coul...

Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure &amp; XSS Vulnerabilities

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor: ================================ www.openwebanalytics.com Product: ================================ Open-Web-Analytics-1.5.7 Advisory...

WP Slimstat <= 4.1.5.2 - Referer Header Cross-Site Scripting (XSS)

The Slimstat Analytics WordPress plugin was affected by a Referer Header Cross-Site Scripting XSS security vulnerability...

Open Web Analytics 1.5.7 Multiple Vulnerabilities

Open Web Analytics version 1.5.7 suffers from password disclosure, weak cryptographic control, and cross site scripting vulnerabilities. + Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor:...

Open Web Analytics 1.5.7 XSS / Password Disclosure / Crypto Weakness

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor: ================================ www.openwebanalytics.com Product: ================================ Open-Web-Analytics-1.5.7 Advisory...

Oracle Java SE CVE-2015-2590 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 6u95, Java SE 7u80, Java SE 8u45, Java SE...

WordPress S3Bubble Amazon S3 Video And Audio Streaming With Analytics Plugin Arbitrary File Download Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.S3Bubble Amazon S3 Video And Audio Streaming With Analytics is a plugin for getting secure streaming from Amazon S3 to the Wordpress website in a plugin...

S3Bubble Cloud Video With Adverts & Analytics <= 0.7 - Arbitrary File Download

Description The 3bubble-amazon-s3-html-5-video-with-adverts WordPress plugin was affected by an Arbitrary File Download security vulnerability...

Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download Vulnerabil

Exploit for php platform in category web applications Exploit Title: Wordpress S3Bubble Cloud Video With Adverts & Analytics - Arbitrary File Download Google Dork: inurl:/plugins/s3bubble-amazon-s3-html-5-video-with-adverts/ Date: 04/07/2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage:...