Lucene search
K

471 matches found

Prion
Prion
added 2015/11/25 8:59 p.m.26 views

Xxe

XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...

5CVSS7AI score0.02291EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2015/11/05 12:0 a.m.7 views

Cisco Adaptive Security Appliance CX Context-Aware Security Information Disclosure Vulnerability

The Cisco Adaptive Security Appliance ASA CX Context-Aware Security Software is an add-on service module for extending the ASA platform from Cisco USA. An information disclosure vulnerability exists in Cisco Adaptive Security Appliance CX Context-Aware Security 9.3. It allows an authenticated...

4CVSS6.3AI score0.01368EPSS
Exploits0References1
NVD
NVD
added 2015/10/30 10:59 a.m.21 views

CVE-2015-6344

The web-based GUI in Cisco Adaptive Security Appliance ASA CX Context-Aware Security 9.34.1.11 allows remote authenticated users to bypass intended access restrictions and obtain sensitive user information via an unspecified HTTP request, aka Bug ID CSCuv74105...

4CVSS6AI score0.01368EPSS
Exploits0References2
Prion
Prion
added 2015/04/11 1:59 a.m.16 views

Design/Logic Flaw

The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware CX Software before 9.3.2.1-9 allows remote attackers to cause a denial of service device reload by rapidly sending crafted packets to the management interface, aka Bug IDs...

7.8CVSS7.1AI score0.02318EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2015/04/11 1:0 a.m.22 views

CVE-2015-0678

The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware CX Software before 9.3.2.1-9 allows remote attackers to cause a denial of service device reload by rapidly sending crafted packets to the management interface, aka Bug IDs...

6.6AI score0.02318EPSS
Exploits0References2
Veeam
Veeam
added 2015/03/26 12:0 a.m.42 views

How to Perform a Manual Failback (Reverse Replication)

Challenge This article explains the steps to perform a manual failback using reverse replication when a normal failback fails or is not possible because the replica was powered on outside of the Veeam console. This process turns replication on its head and uses it as a tool to synchronize the...

6.6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2015/02/24 11:59 p.m.3 views

CVE-2015-2078

The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker alpha 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, does not properly verify X.509 certificates from SSL servers, which allows...

5CVSS5.5AI score0.02775EPSS
Exploits2References9
Cvelist
Cvelist
added 2015/02/24 11:0 p.m.34 views

CVE-2015-2077

The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker alpha 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, uses the same X.509 certificate private key for a root CA certificate across...

6.2AI score0.02775EPSS
Exploits1References13
Kaspersky
Kaspersky
added 2015/02/24 12:0 a.m.53 views

KLA10461 Security bypass vulnerability in multiple products

Using of the same certificate was found in multiple products. By exploiting this vulnerability malicious users bypass security restrictions. This vulnerability can be exploited remotely via a man-in-the-middle attack. Original advisories - Related products VisualDiscovery CVE list CVE-2015-2077...

5CVSS6.2AI score0.02775EPSS
Exploits1References2
Kitploit
Kitploit
added 2015/02/19 10:30 p.m.37 views

SubBrute - Subdomain Bruteforcer

SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting https://www.us-cert.gov/ncas/alerts/TA13-088A. This desig...

7.2AI score
Exploits0References1
Fedora
Fedora
added 2015/01/19 1:33 a.m.11 views

[SECURITY] Fedora 21 Update: libhtp-0.5.16-1.fc21

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...

2.2AI score
Exploits0
The Hacker News
The Hacker News
added 2014/12/16 12:31 a.m.10 views

Log and Event Manager now with File Integrity Monitoring

Security pros everywhere rely on SolarWinds Log & Event Manager for powerful, affordable, and efficient Security Information and Event Management SIEM. Our All-In-One SIEM combines log management, event correlation, visualization, reporting, File Integrity Monitoring, USB defense, SQL database...

6.9AI score
Exploits0
Veeam
Veeam
added 2014/10/30 12:0 a.m.16 views

Application-Aware Image Processing failure with SQL 2012 SP2 case-sensitive collation database

Job using Application-Aware Image Processing fails during VSS processing with: Unfreeze error: Backup job failed. Cannot create a shadow copy of the volumes containing writer's data. A VSS crit...

1.8AI score
Exploits0
Fedora
Fedora
added 2014/08/27 1:28 a.m.81 views

[SECURITY] Fedora 19 Update: jakarta-commons-httpclient-3.1-15.fc19

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

5.8CVSS1AI score0.09254EPSS
Exploits1
Kitploit
Kitploit
added 2014/08/20 1:5 a.m.13 views

Passera - Tool to generate strong unique passwords for each website

A simple tool that allows users to have strong unique passwords for each website, without the need to store them either locally or with an online service. It is available as a command-line tool for Linux/Mac/Windows and an Android app. Passera turns any entered text into a strong password up to 6...

7AI score
Exploits0References1
Oracle linux
Oracle linux
added 2014/07/25 12:0 a.m.64 views

kernel security and bug fix update

kernel 2.6.18-371.11.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...

4.7CVSS7.3AI score0.00684EPSS
Exploits1
Veeam
Veeam
added 2014/07/09 12:0 a.m.12 views

Veeam Backup & Replication - SQL Backup Guide: Using Microsoft SQL Server Agent With Application - Aware Image Processing

This guide was created to assist you with successfully backing up, and restoring, Microsoft SQL databases...

2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Cisco Secure Desktop 3.x 'translation' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37960/info Cisco Secure Desktop is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

7.1AI score
Exploits0
Veeam
Veeam
added 2014/06/16 4:14 p.m.18 views

VM Uptime in Hyper-V Manager Might Reset During Backup

Article Applicability This article is relevant only to Hyper-V on Server 2012 and Server 2012 R2. Note: Server 2012 R2 reached end-of-life on October 10, 2023. Offline backup or saved state backup is a native Microsoft Hyper-V approach to quiesce VMs before taking a volume snapshot. Offline backu...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2014/05/14 12:35 p.m.12 views

NSF Awards $15m for New Secure Internet Architecture

The National Science Foundation NSF is awarding $15 million in grants for the development, deployment and testing of future Internet architectures that are designed to enhance security, respond to emerging service challenges, and increase scalability. In 2010, the NSF Directorate for Computer and...

1.2AI score
Exploits0
Rows per page
Query Builder