CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ThreatPost•added 2012/02/08 12:48 p.m.•11 views

Attackers Using Fake Google Analytics Code to Redirect Users to Black Hole Exploit Kit

Injecting malicious code into the HTML used on legitimate Web sites is a key part of the infection lifecycle for many attack crews, and they often disguise and obfuscate their code to make it more difficult to analyze or so it appears to be legitimate code. The latest instance of this technique h...

7.2AI score

Exploits0References5

ThreatPost•added 2012/01/04 10:13 p.m.•9 views

In UK Analytics Software Provides Enhanced (Online) Interrogation For Fraud Suspects

A recent report by the UK’s Serious Organized Crime Agency SOCA shows that the Agency is full speed ahead with plans to use powerful data analytics tools to help find and prosecute everything from money laundering to illegal gambling to 419 scams. The 2011 Annual Report on Suspicious Activity...

0.7AI score

The Hacker News•added 2011/12/22 4:45 p.m.•11 views

Corporate fraud vs Anonymous Analytics Group

Corporate fraud vs Anonymous Analytics Group A new financial research group, Anonymous Analytics has released a report accusing Chinese firm Chaoda Modern Agriculture of "11 years of deceit and corporate fraud". The company is one of China's largest fruit and vegetable suppliers. A faction within...

7.3AI score

The Hacker News•added 2011/10/18 6:59 p.m.•1 views

Google Enable SSL-based searches, Will impact Google Analytic !

Google Enable SSL-based searches, Will impact Google Analytic ! According to a blog post by Google, the company is taking steps towards making search more secure for its users. Users will be redirected to https:// instead of https:// when going to do a Google search. By forcing SSL on...

7.1AI score

The Hacker News•added 2011/10/18 6:59 p.m.•8 views

Google Enable SSL-based searches, Will impact Google Analytic !

6.6AI score

The Hacker News•added 2011/09/19 5:33 p.m.•2 views

NetworkMiner 1.1 - Network Forensic Analysis Tool (NFAT) Released

NetworkMiner 1.1 - Network Forensic Analysis Tool NFAT Released NetworkMiner is a Network Forensic Analysis Tool NFAT for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting...

7.1AI score

The Hacker News•added 2011/09/19 5:33 p.m.•14 views

NetworkMiner 1.1 - Network Forensic Analysis Tool (NFAT) Released

6.9AI score

NVD•added 2011/09/02 4:55 p.m.•12 views

CVE-2011-3133

Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors...

4.3CVSS6.7AI score0.01702EPSS

NVD•added 2011/09/02 4:55 p.m.•12 views

CVE-2011-3134

Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL...

7.5CVSS6.2AI score0.02201EPSS

NVD•added 2011/09/02 4:55 p.m.•20 views

CVE-2011-3132

Cross-site scripting XSS vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01674EPSS

Prion•added 2011/09/02 4:55 p.m.•15 views

Cross site scripting

4.3CVSS6.1AI score0.01674EPSS

Prion•added 2011/09/02 4:55 p.m.•13 views

Session fixation

4.3CVSS7.2AI score0.01702EPSS

Prion•added 2011/09/02 4:55 p.m.•11 views

Code injection

7.5CVSS6.7AI score0.02201EPSS

Cvelist•added 2011/09/02 4:0 p.m.•23 views

CVE-2011-3132

5.7AI score0.01674EPSS

Cvelist•added 2011/09/02 4:0 p.m.•25 views

CVE-2011-3134

6.2AI score0.02201EPSS

CVE•added 2011/09/02 4:0 p.m.•44 views

CVE-2011-3134

CVE-2011-3134 affects TIBCO Spotfire Server 3.0.x (before 3.0.2), 3.1.x (before 3.1.2), 3.2.x (before 3.2.1), 3.3.x (before 3.3.1) and Spotfire Analytics Server before 10.1.1. The reported issue is a SQL injection vulnerability exploitable via a crafted URL that allows remote attackers to modify ...

7.5CVSS6.4AI score0.02201EPSS

CVE•added 2011/09/02 4:0 p.m.•48 views

CVE-2011-3132

Summary: CVE-2011-3132 affects TIBCO Spotfire platforms. The vulnerability is an XSS flaw in Spotfire Server (versions 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, 3.3.x before 3.3.1) and Spotfire Analytics Server before 10.1.1, enabling remote attackers to inject arbitrary web scr...

4.3CVSS5.8AI score0.01674EPSS

Cvelist•added 2011/09/02 4:0 p.m.•24 views

CVE-2011-3133

6.7AI score0.01702EPSS

CVE•added 2011/09/02 4:0 p.m.•44 views

CVE-2011-3133

The CVE affects TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1. It is a session-fixation vulnerability that allows remote attackers to hijack web sessions via unspecified vectors. Remediation pe...

4.3CVSS6.9AI score0.01702EPSS