17 matches found
Intel Connectivity Performance Suite 安全漏洞
Intel Connectivity Performance Suite is a network optimization software solution from Intel, with key features that include automatically optimizing a computer's network connectivity performance and prioritizing critical applications based on user needs. A competitive condition vulnerability exis...
Learning from the Good Ones: Risk Profiling-Based Defenses against Evasion Attacks on DNNs
Safety-critical applications such as healthcare and autonomous vehicles use deep neural networks DNN to make predictions and infer decisions. DNNs are susceptible to evasion attacks, where an adversary crafts a malicious data instance to trick the DNN into making wrong decisions at inference time...
Adaptive Shield Showcases New ITDR Platform for SaaS at Black Hat USA
Amid rising breaches including Snowflake, the platform helps security teams proactively detect and respond to identity-centric threats in business-critical SaaS applications...
7 Key Findings from the 2022 SaaS Security Survey Report
The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today’s enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security b...
CVE-2021-31852
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter. The malicious script is reflected unmodified into the Policy Auditor web-based interface which coul...
Cross site scripting
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters. The malicious script is reflected unmodified into the Policy Auditor web-based interface...
CVE-2021-31851 Cross-Site Scripting vulnerability in Policy Auditor
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters. The malicious script is reflected unmodified into the Policy Auditor web-based interface...
Practical tips on how to use application security testing and testing standards
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Daniel Cuthbert, Global Head of Security...
Practical tips on how to use application security testing and testing standards
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Daniel Cuthbert, Global Head of Security...
Three Keys to Infusing Security into your Corporate Culture
Creating a security-oriented culture is a challenge for many businesses. There's a natural tension between development teams, that are under constant pressure to get new applications and features to market as quickly as possible, and security teams that need to protect critical systems and...
GDPR Is Here: Put File Integrity Monitoring in Your Toolbox
In this latest post of our series on the EU’s General Data Protection Regulation, we’ll explain how file integrity monitoring FIM can be crucial in helping organizations comply with this severe regulation. GDPR, which went into effect in May and applies to organizations worldwide that handle EU...
Important: Red Hat Security Advisory: Red Hat JBoss A-MQ 6.3 security update
Red Hat JBoss A-MQ 6.3, which fixes multiple security issues and includes several bug fixes and enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...
Manage Engine Applications Manager 12 - Multiple Vulnerabilities
Exploit for multiple platform in category web applications Manage Engine Applications Manager 12 Multiple Vulnerabilities Vendor Product Description - ManageEngine Applications Manager is an application performance monitoring solution that proactively monitors business applications and help...
Important: Red Hat Security Advisory: Fuse ESB Enterprise/Fuse MQ Enterprise 7.1.0 update
This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0. Red Hat Product Security has rated this security issue as having Important security impact. A Common Vulnerability Scoring System CVSS base...
New IETF Group to Tackle TLS Implementation in Applications
The NSA surveillance scandal has created ripples all across the Internet, and the latest one is a new effort from the IETF to change the way that encryption is used in a variety of critical application protocols, including HTTP and SMTP. The new TLS application working group was formed to help...
Microsoft Virtual PC Flaw Lets Hackers Bypass Windows Defenses
An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft’s Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigatio...
SAP GUI 7.1 WebViewer2D ActiveX — Insecure Methods
Application: EAI WebViewer2D EnjoySAP, SAP GUI for Windows 6.4 and 7.1 Versions Affected:Tested on 7100.2.7.1038 PL 7 Vendor URL: Bugs: Insecure method, File owervriting Exploits: YES Reported: 02.07.2009 Vendor response: 02.07.2009 Date of Public Advisory: 28.09.2009 Author: Alexandr Polyakov...