Lucene search
K

647 matches found

Prion
Prion
added 2018/03/08 2:29 p.m.17 views

Design/Logic Flaw

A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password...

2.1CVSS6.5AI score0.0032EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/03/08 2:29 p.m.18 views

CVE-2017-6152

A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password...

6.7CVSS6.5AI score0.0032EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/02/21 2:26 p.m.5 views

Moderate: Red Hat Bug Fix Advisory: Red Hat Satellite 6.3 Base Libraries

Red Hat Satellite 6.3 Base Libraries Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. It performs provisioning and configuration management of...

7.5CVSS6.8AI score0.07778EPSS
Exploits1References2
Kitploit
Kitploit
added 2018/02/05 8:39 p.m.22 views

CFC - Linux Centralized Firewall Control

Centralized firewall control provides a centralized way to manage the firewall on multiple servers or loadbalancers running iptables. This way you can quickly allow/block/del/search abuse ranges etc. with one command on several servers. It accesses those servers through ssh. It supports both IPv4...

7AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/01/24 12:0 a.m.9 views

The vulnerability of the centralized version control system CVS lies in its improper handling of data when interacting with a remote repository via SSH protocol. This allows a malicious actor to execute arbitrary code.

The vulnerability of the centralized version control system CVS is related to improper data processing when interacting with a remote repository via SSH protocol. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted hostname in the repository’...

7.5CVSS7.2AI score0.05968EPSS
Exploits1References8Affected Software2
n0where
n0where
added 2018/01/02 4:51 a.m.15 views

The Automated Collection and Enrichment Platform: ACE

The Automated Collection and Enrichment ACE platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports...

1.7AI score
Exploits0References2
Imperva Blog
Imperva Blog
added 2017/12/21 9:0 a.m.44 views

Top Five Trends IT Security Pros Need to Think About Going into 2018

It’s that time of the year when we look back at the tech trends of 2017 to provide us with a hint of things to come. Accordingly, let’s engage in our favorite end-of-year pastime: predictions about the coming year. Equipped with Imperva’s own research, interactions with our customers, and a wealt...

6.9AI score
Exploits0
Amazon
Amazon
added 2017/12/20 12:0 a.m.36 views

Medium: sssd

Issue Overview: Unsanitized input when searching in local cache database It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for...

8.8CVSS6.9AI score0.01499EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/12/18 12:0 a.m.41 views

EulerOS 2.0 SP1 : sssd (EulerOS-SA-2017-1324)

According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/18 12:0 a.m.27 views

EulerOS 2.0 SP2 : sssd (EulerOS-SA-2017-1325)

According to the version of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In...

8.8CVSS6.5AI score0.01499EPSS
Exploits0References2
Citrix
Citrix
added 2017/12/12 12:0 a.m.11 views

Password Management for SDX's and VPX's utilizing NMAS

To manage passwords and accounts from one centralized location...

7.2AI score
Exploits0
CNVD
CNVD
added 2017/09/28 12:0 a.m.4 views

Arbitrary User Password Reset Vulnerability in Bunker Busters

Bunker Fortress is the industry's first software form of the Fortress, providing a centralized authentication, centralized access authorization, centralized access management, centralized operation audit and a single point of simplified operation and management required for remote operations and...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/08/31 3:30 p.m.29 views

Managing Security in a DevOps Environment

DevOps is a software development practice in which development and operations engineers collaborate during the entire product lifecycle. With the adoption of DevOps at mainstream levels, we now see security starting to take a bigger role in DevOps’ day-to-day responsibilities. From a security...

7AI score
Exploits0
F5 Networks
F5 Networks
added 2017/08/08 12:3 a.m.199 views

PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890

F5 Product Development has evaluated the currently supported releases for potential vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the...

9.8CVSS1.2AI score0.07511EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/08/04 12:0 a.m.29 views

RedHat Update for freeradius RHSA-2017:2389-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.18318EPSS
Exploits0References2
Fedora
Fedora
added 2017/07/27 4:54 p.m.34 views

[SECURITY] Fedora 26 Update: freeradius-3.0.15-1.fc26

The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...

7.8CVSS2.5AI score0.03001EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2017/07/27 12:0 a.m.7 views

Moderate: Red Hat Enhancement Advisory: Red Hat Virtualization Manager (ovirt-engine) 4.1.4

An update is now available for Red Hat Virtualization Manager. The Red Hat Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities,...

8.8CVSS6.6AI score0.01036EPSS
Exploits0References7
Core Security
Core Security
added 2017/07/12 12:0 a.m.532 views

Trend Micro Deep Discovery Director Multiple Vulnerabilities

1. Advisory Information Title: Trend Micro Deep Discovery Director Multiple Vulnerabilities Advisory ID: CORE-2017-0005 Advisory URL:https://www.coresecurity.com/core-labs/advisories/trend-micro-deep-discovery-director-multiple-vulnerabilities Date published: 2017-07-12 Date of last update:...

9.8CVSS9.7AI score0.03097EPSS
Exploits0
Fedora
Fedora
added 2017/06/09 8:18 p.m.35 views

[SECURITY] Fedora 26 Update: freeradius-3.0.14-1.fc26

The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...

9.8CVSS2.5AI score0.03914EPSS
Exploits0
Fedora
Fedora
added 2017/06/09 8:7 p.m.26 views

[SECURITY] Fedora 26 Update: puppet-4.6.2-4.fc26

Puppet lets you centrally manage every important aspect of your system usin g a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, an...

8.2CVSS2.1AI score0.02375EPSS
Exploits0
Rows per page
Query Builder