65 matches found
MISP - Malware Information Sharing Platform and Threat Sharing
The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System NIDS, LIDS but also log analysi...
Starbucks: Bug in GraphQL and API integration leads to limited user address disclosure
A modified GraphQL query to fetch a user's address book entries led to a limited disclosure of user address book entries. The modified query resulted in a backend API request with undefined as a parameter. The response contained address lists of accounts with a username of undefined. We were not...
fd-api-integration (>=0.0.2 <=0.0.9) potentially affected by CVE-2017-16055 via sqlserver (=1.0.2)
sqlserver NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on sqlserver and may be impacted: - fd-api-integration =0.0.2, =0.0.9 Source cves: CVE-2017-16055 Source advisory: OSV:GHSA-3RH7-VM4X-Q2HP...
Munin - Online Hash Checker For Virustotal And Other Services
Munin is a online hash checker utility that retrieves valuable information from various online sources The current version of Munin queries the following services: Virustotal Malshare HybridAnalysis Note: Munin is based on the script "VT-Checker", which has been maintained in the LOKI repository...
Leaked? - A Checking Tool For Hash Codes And Passwords Leaked
Leaked? is A Checking tool for Hash codes and Passwords leaked, use API from @webtobesocial. Leaked? can work in any OS if they have support Python 3 Features Check passwords leaked Check hash code leaked Exit About Author Install and Run in Linux sudo apt update && apt install python3 python3-pi...
Teradek VidiU Pro 3.0.3 CSRF Change Password Exploit
Summary The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web without a PC. Whether you're streaming out of a video switcher or wirelessly from your camera, VidiU allows you to go live when you want, where you want. VidiU offers API level integration...
Teradek VidiU Pro 3.0.3 (snapshot.cgi) Stream Disclosure
Summary The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web without a PC. Whether you're streaming out of a video switcher or wirelessly from your camera, VidiU allows you to go live when you want, where you want. VidiU offers API level integration...
Teradek VidiU Pro 3.0.3 (snapshot.cgi) Stream Disclosure
Teradek VidiU Pro 3.0.3 snapshot.cgi Stream Disclosure Vendor: Teradek, LLC Product web page: https://www.teradek.com Affected version: VidiU, VidiU Mini, VidiU Pro 3.0.3r32136 3.0.2r31225 2.4.10 Summary: The Teradek VidiU gives you the freedom to broadcast live high definition video directly to...
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications input type="hidden" name="pw...
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery
Teradek VidiU Pro 3.0.3 SSRF Vulnerability Vendor: Teradek, LLC Product web page: https://www.teradek.com Affected version: VidiU, VidiU Mini, VidiU Pro 3.0.3r32136 3.0.2r31225 2.4.10 Summary: The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web...
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery input type="hidden" name="pw2" value...
Teradek VidiU Pro 3.0.3 SSRF Vulnerability
Summary The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web without a PC. Whether you're streaming out of a video switcher or wirelessly from your camera, VidiU allows you to go live when you want, where you want. VidiU offers API level integration...
Teradek VidiU Pro 3.0.3 CSRF Change Password Exploit
Summary The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web without a PC. Whether you're streaming out of a video switcher or wirelessly from your camera, VidiU allows you to go live when you want, where you want. VidiU offers API level integration...
Teradek VidiU Pro 3.0.3 (snapshot.cgi) Stream Disclosure
Summary The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web without a PC. Whether you're streaming out of a video switcher or wirelessly from your camera, VidiU allows you to go live when you want, where you want. VidiU offers API level integration...
CredSniper - Phishing Framework which supports SSL and capture credentials with 2FA tokens
Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token. Benefits Fully supporte...
Strengthening Network Access Security with Multi-Factor Authentication
As technology continues to develop, more and more applications become not just convenient, but necessary. It was less than a decade ago that it was inconceivable we would 'need' to carry a consumer device to access the internet in our pockets. Today, it is essential. The same is true with the...
Malware Information Sharing Platform: MISP
Malware Information Sharing Platform MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is...
Twilio - Moderately Critical - Access bypass - SA-CONTRIB-2015-157
This module provides hooks and rules integration to leverage the Twilio API to send/receive phone calls and text messages. The module relies on existing permissions for providing administration which can lead to untrusted users having access to perform actions that may not be intended. This...
[SECURITY] Fedora 21 Update: drupal7-webform-4.7-1.fc21
Webform is the module for making surveys in Drupal. After a submission, users may be sent an e-mail "receipt" as well as sending a notification to administrators. Results can be exported into Excel or other spreadsheet applications. Webform also provides some basic statistical review and has and...
Google Adds Warnings About Deceptive Software to Safe Browsing Service
The Google Safe Browsing service has become an integral part of most of the major browsers, integrating malware alerts, warnings about malicious Web sites and suspicious content. The company has been expanding the capabilities of the service steadily over the last few years, and now Google is...