Lucene search
K

299 matches found

NVD
NVD
added 2017/11/07 4:29 p.m.23 views

CVE-2017-12085

An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability...

9.8CVSS9AI score0.01671EPSS
Exploits2References1
Prion
Prion
added 2017/11/07 4:29 p.m.17 views

Privilege escalation

An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability...

7.5CVSS9.3AI score0.01671EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2017/11/07 4:0 p.m.57 views

CVE-2017-12085

CVE-2017-12085 is the Circle with Disney cloud routing vulnerability disclosed in TALOS-2017-0437. The issue enables an attacker with Internet connectivity to cause the Circle cloud to route a packet to an arbitrary Circle device via the cloud API and token-based routing mechanism. The attack cha...

9.8CVSS9.3AI score0.01671EPSS
Exploits2References1Affected Software1
CNVD
CNVD
added 2017/11/02 12:0 a.m.7 views

Circle with Disney Routing Vulnerability

Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. A routing vulnerability exists in the cloud infrastructure in Circle with Disney version 2.0.1. An attacker can exploit this vulnerabili...

9.8CVSS9.1AI score0.01671EPSS
Exploits2References1
Talos
Talos
added 2017/10/31 12:0 a.m.104 views

Circle with Disney Token Routing Vulnerability

Summary An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability. Tested...

9.8CVSS8.8AI score0.01671EPSS
Exploits2
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/08/21 12:0 p.m.59 views

Visit Trend Micro at VMworld 2017

Trend Micro will be at VMworld 2017 in Las Vegas on August 27th – 31st, showing why experience matters when it comes to automated security for your data center and cloud environments. Stop by our booth, 610, to chat with our security experts, and enter our daily draws to win a Phantom 3 Drone! Se...

6.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/03/28 1:43 p.m.21 views

Remote Access no longer needs to be Complex and Cumbersome

From an IT management perspective, remote access management can be complex. Deployment, administration, testing and compliance is often multifaceted and time consuming, and security is an on-going concern. Granted, I have talked with IT professionals who tell me VPNs - being the primary remote...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/02/23 1:17 p.m.16 views

First Practical SHA-1 Collision Attack Arrives

Researchers unveiled on Thursday the first practical collision attack for the 22-year old cryptographic hash function SHA-1. While long expected, news of the attack, dubbed ‘SHAttered,’ should further accelerate the urgency of sunsetting of the maligned algorithm. Researchers from Google, Elie...

7.3AI score
Exploits0References14
CNVD
CNVD
added 2016/10/11 12:0 a.m.5 views

SQL Injection Vulnerability in ChannelList.aspx Page of Shandong Wave Government Approval Platform

Wave Government Approval Platform is a cloud computing infrastructure platform of Shandong Wave Qilu Software Co. A SQL injection vulnerability exists in the ChannelList.aspx page of the Shandong Wave Government Approval Platform, which can be exploited by attackers to obtain sensitive database...

7.8AI score
Exploits0References1
ThreatPost
ThreatPost
added 2016/05/19 2:20 p.m.71 views

Protecting Cloud APIs Critical to Mitigating Total Compromise

When it comes to cloud computing, APIs more or less drive everything, but in the eyes of some researchers, existing security controls around them haven’t kept pace. While individual components of a system can be secure, when that system gets deployed in the cloud it can often become insecure – an...

0.99993EPSS
Exploits41References4
ThreatPost
ThreatPost
added 2014/12/08 10:41 a.m.10 views

Several Vulnerabilities Found in Google App Engine

A group of security researchers in Poland say they have discovered a long list of vulnerabilities in the Google App Engine, some of which enable an attacker to escape the Java sandbox. The researchers at Security Explorations say that they have found more than 30 vulnerabilities in the App Engine...

0.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2013/05/16 11:57 p.m.57 views

USN-1831-1: OpenStack Nova vulnerability

Loganathan Parthipan discovered that Nova did not verify the size of QCOW2 instance storage. An authenticated attacker could exploit this to cause a denial of service by creating an image with a large virtual size with little data, then filling the virtual disk...

2.1CVSS5.3AI score0.00383EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.82 views

[USN-1734-1] OpenStack Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1734-1 February 21, 2013 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS1AI score0.04863EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/04 12:0 a.m.94 views

[USN-1709-1] OpenStack Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1709-1 January 29, 2013 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

6.5CVSS0.5AI score0.02505EPSS
Exploits0
Ubuntu
Ubuntu
added 2013/01/29 11:0 p.m.48 views

USN-1709-1: OpenStack Nova vulnerability

Phil Day discovered that nova-volume did not validate access to volumes. An authenticated attacker could exploit this to bypass intended access controls and boot from arbitrary volumes...

6.5CVSS5.5AI score0.02505EPSS
Exploits0
The Hacker News
The Hacker News
added 2012/10/09 8:44 p.m.29 views

CVE-2012-4501 : Critical vulnerability warned in Cloudstack

Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could...

10CVSS7.5AI score0.07771EPSS
Exploits0
securityvulns
securityvulns
added 2011/11/01 12:0 a.m.60 views

[USN-1247-1] Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1247-1 October 25, 2011 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/01/05 1:45 a.m.7 views

Cyber criminals to be more aggressive in 2011 !

New Delhi: With the growing diversity of operating systems among companies, and the increasing use of mobile devices, cyber criminals will put a new spin on social engineering by 'malware campaign' under which they will bombard recipients with email that drop virus downloaders. According to an...

6.6AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.23 views

Azure Stack HCI

Azure Stack HCI and above...

0.7AI score
Exploits0
Rows per page
Query Builder