28 matches found
LanG -- a Governance-Aware Agentic AI Platform for Unified Security Operations
Modern Security Operations Centers struggle with alert fatigue, fragmented tooling, and limited cross-source event correlation. Challenges that current Security Information Event Management and Extended Detection and Response systems only partially address through fragmented tools. This paper...
Unicornscan 0.4.52
Unicornscan is an information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL...
Unicornscan 0.4.51
Unicornscan is an information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL...
EUVD-2016-10072
Malware in sbrugna...
Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect
Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect By Maulik Maheta and Adithya Chandra · July 17, 2025 Executive summary This blog marks the third installment in our series on detecting and visualizing lateral movement attacks with Trellix Helix Connect. A lateral...
Building a Custom Risk Prioritization and Risk Scoring Methodology with Surface Command
Over the 15 years I spent as a practitioner and consultant prior to joining Rapid7, a metric that I found to be ever elusive was a true custom prioritization score. You could get close- with enough time, energy, spreadsheets, and logs. But even then it wasn’t without fault. There were still...
Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)
The version of Tenable Log Correlation Engine LCE installed on the remote host is prior to 6.0.9. It is, therefore, affected by multiple vulnerabilities: - Multiple denial of service vulnerabilities in the included OpenSSL component. CVE-2019-1551, CVE-2020-1967, CVE-2020-1971, CVE-2021-3449,...
[R1] LCE 6.0.9 Fixes Multiple Third-party Vulnerabilities
Tenable Log Correlation Engine leverages third-party software to help provide underlying functionality. Two separate third-party components OpenSSL, jQuery were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good...
Tenable Log Correlation Engine (LCE) < 5.1.1 (TNS-2018-13)
The version of Tenable Log Correlation Engine LCE installed on the remote host is a version prior to 5.1.1. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the bundled third-party component OpenSSL library's key handling during a TLS handshake that causes a denial of...
[R1] LCE 5.1.1 Fixes Multiple Third-party Vulnerabilities
Log Correlation Engine leverages third-party software to help provide underlying functionality. One third-party component OpenSSL was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
[R1] LCE 5.1.1 Fixes Multiple Third-party Vulnerabilities
Log Correlation Engine leverages third-party software to help provide underlying functionality. One third-party component OpenSSL was found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to...
[R1] LCE 5.0.1 Fixes Two Third-party Library Vulnerabilities
Log Correlation Engine LCE 5.0.0 is impacted by multiple vulnerabilities reported in a third-party library and an encryption algorithm. LCE was errantly using 3DES on TCP port 1243. The following vulnerabilities have been resolved with the updated libraries...
Tenable Log Correlation Engine (LCE) < 4.8.1 Multiple Vulnerabilities
The version of Tenable Log Correlation Engine LCE installed on the remote host is prior to 4.8.1. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist in the Handlebars library in the lib/handlebars/utils.js script due to a failur...
Tenable Log Correlation Engine Cross-Site Scripting Vulnerability
Tenable Log Correlation Engine a.k.a. LCE is a log correlation engine that provides log analysis and event monitoring from Tenable Network Security. A cross-site scripting vulnerability exists in versions of Tenable LCE prior to 4.8.1. A remote attacker can exploit this vulnerability to execute...
CVE-2016-9261
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-9261
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-9261
Tenable Log Correlation Engine (LCE) is affected in versions prior to 4.8.1 by cross-site scripting (XSS) vulnerabilities. The Nessus plugin aggregates multiple CVEs affecting LCE, including CVE-2016-9261, describing a vulnerability where an authenticated, remote attacker can inject arbitrary web...
CVE-2016-9261
Cross-site scripting XSS vulnerability in Tenable Log Correlation Engine aka LCE before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Tenable Log Correlation Engine (LCE) < 4.8.0 Libxml2 DoS
The version of Tenable Log Correlation Engine LCE installed on the remote host is a version prior to 4.8.0. It is, therefore, affected by a denial of service vulnerability in the bundled version of Libxml2 due to an infinite loop condition in the xzdecomp function. An unauthenticated, remote...