Lucene search
K

138 matches found

BDU FSTEC
BDU FSTEC
added 2019/03/12 12:0 a.m.5 views

The vulnerability of the EMC Avamar Client Manager component of the Dell EMC Avamar Server backup system allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the EMC Avamar Client Manager component of the Dell EMC Avamar Server backup system is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information through a special...

6.1CVSS6.6AI score0.01811EPSS
Exploits0References4Affected Software3
Krebs on Security
Krebs on Security
added 2019/02/12 1:33 p.m.49 views

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Email provider VFEmail has suffered what the company is calling "catastrophic destruction" at the hands of an as-yet unknown intruder who trashed all of the company's primary and backup data in the United States. The firm's founder says he now fears some 18 years' worth of customer email may be...

6.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/12/06 5:0 p.m.83 views

CISO series: Strengthen your organizational immune system with cybersecurity hygiene

One of the things I love about my job is the time I get to spend with security professionals, learning firsthand about the challenges of managing security strategy and implementation day to day. There are certain themes that come up over and over in these conversations. My colleague Ken Malcolmso...

0.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:17 p.m.20 views

Security Bulletin: IBM Tivoli Storage Manager ASNODENAME Vulnerability (CVE-2015-7408)

Summary Unauthorized Tivoli Storage Manager client sessions using the ASNODENAME option may run as authorized sessions allowing the user to generate or retrieve backup data for which they are not authorized. Vulnerability Details CVEID: CVE-2015-7408 DESCRIPTION: Tivoli Storage Manager clients ca...

3.7CVSS0.3AI score0.00903EPSS
Exploits0Affected Software2
Prion
Prion
added 2018/03/06 8:29 p.m.21 views

Design/Logic Flaw

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...

6.4CVSS7.1AI score0.012EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/03/06 8:29 p.m.6 views

CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...

7.2CVSS5.8AI score0.012EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/03/06 8:0 p.m.21 views

CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...

7.2AI score0.012EPSS
Exploits0References1
CVE
CVE
added 2018/03/06 8:0 p.m.50 views

CVE-2017-15519

NetApp SnapCenter Server (versions 2.0–3.0.1) is affected by a vulnerability via the NAS File Services plug-in that allows unauthenticated remote attackers to view and modify backup-related data. The root cause is exposure through the Plug-in for NAS File Services, enabling data exposure and back...

7.2CVSS7.1AI score0.012EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.6 views

The vulnerability of the rl2_read_header function in the multimedia library Ffmpeg (libavformat/rl2.c) allows a attacker to trigger memory consumption and service failure.

The vulnerability of the rl2readheader function in the FFmpeg multimedia library, within the rl2.c component libavformat/rl2.c, is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to induce memory consumption and service failures by using a speciall...

7.1CVSS7AI score0.01822EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2017/04/18 7:18 a.m.14 views

Russian Hacker Selling Cheap Ransomware-as-a-Service On Dark Web

Ransomware has been around for a few years, but it has become an albatross around everyone's neck, targeting businesses, hospitals, financial institutions and individuals worldwide and extorting millions of dollars. Forget about developing sophisticated banking trojans and malware to steal money...

6.7AI score
Exploits0
OSV
OSV
added 2017/01/31 10:59 p.m.3 views

CVE-2016-9418

MyBB aka MyBulletinBoard before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name...

7.5CVSS5.8AI score0.02283EPSS
Exploits0References4
CNVD
CNVD
added 2016/09/22 12:0 a.m.4 views

EMC Avamar Data Store and Avamar Virtual Edition Backup Data Read Vulnerability

EMC Avamar is a backup and recovery solution. EMC Avamar Server's ADS and AVE rely on client-side authentication, allowing remote attackers to read backup information using a vulnerable modified client agent...

9.1CVSS6.7AI score0.03449EPSS
Exploits0References1
Prion
Prion
added 2016/09/21 2:59 a.m.15 views

Authentication flaw

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent...

6.4CVSS7AI score0.03449EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/09/21 1:0 a.m.54 views

CVE-2016-0903

EMC Avamar Server (ADS/AVE) before 7.3.0-233 uses client-side authentication, allowing remote attackers to spoof clients and read backup data via a modified agent. Affected: Avamar Data Store and Avamar Virtual Edition. Impact: read-backup data. Remediation: upgrade to 7.3.0-233 or later as docum...

9.1CVSS8.8AI score0.03449EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/09/21 1:0 a.m.25 views

CVE-2016-0903

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 rely on client-side authentication, which allows remote attackers to spoof clients and read backup data via a modified client agent...

9AI score0.03449EPSS
Exploits0References3
NVD
NVD
added 2016/07/11 1:59 a.m.19 views

CVE-2016-3759

The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...

5CVSS3.7AI score0.00313EPSS
Exploits0References2
Prion
Prion
added 2016/07/11 1:59 a.m.15 views

Information disclosure

The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...

5CVSS6.8AI score0.00313EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/07/11 1:59 a.m.4 views

UBUNTU-CVE-2016-3759

The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...

3.3CVSS6.1AI score0.00313EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2016/07/11 1:59 a.m.28 views

CVE-2016-3759

The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...

5CVSS6.3AI score0.00313EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/07/11 1:0 a.m.28 views

CVE-2016-3759

The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080...

4AI score0.00313EPSS
Exploits0References2
Rows per page
Query Builder