Lucene search
K

336 matches found

CNVD
CNVD
added 2022/09/05 12:0 a.m.8 views

Beijing PaiNet Software Co., Ltd Panalog has SQL injection vulnerability

Ltd. was founded in 2004, the company's products cover network access, traffic management, security audit, data analysis and other application scenarios, business coverage of enterprises, education, operators, government, medical, financial, energy, military, public security, hotels and other...

2.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/08/31 1:0 p.m.32 views

Stop Ransomware with Microsoft Security digital event presents threat intelligence in action

One of the biggest challenges in security today is visibility. And by visibility, I don’t just mean keeping an eye on ever-evolving cyberthreats, but also seeing your own security environment clearly—especially where you’re vulnerable. For defenders who are working hard to manage threats across...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/08/12 1:30 p.m.18 views

3 Mistakes Companies Make in Their Detection and Response Programs

The goal of a detection and response D&R program is to act as quickly as possible to identify and remove threats while minimizing any fallout. Many organizations have identified the need for D&R as a critical piece of their security program, but it's often the hardest — and most costly — piece to...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/08/10 5:0 p.m.25 views

OCSF: Working Together to Standardize Data

Teams spend a lot of time normalizing data before any analysis, investigation, or response can begin. It’s an unacceptable burden for you. And its days are finally numbered. Rapid7 and other security vendors are collaborating on an Open Cybersecurity Schema Framework OCSF, an open standard for bo...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/08/01 1:23 p.m.18 views

What is Dark Data, and how can we find it?

What is “dark data”? The term “dark data” refers to “any information assets that organizations collect, process, and store during regular business activities but generally fail to use for other purposes” Gartner. Often retained for compliance reasons, this data can also include past employee...

0.3AI score
Exploits0
CNNVD
CNNVD
added 2022/07/22 12:0 a.m.4 views

DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool. Used to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase v1.11.1 There is a security vulnerability , the vulnerability stems from the plug-in...

6.5CVSS6.5AI score0.00524EPSS
Exploits1References2
Rapid7 Blog
Rapid7 Blog
added 2022/07/19 2:0 p.m.9 views

Gimme! Gimme! Gimme! (More Data): What Security Pros Are Saying

Eight in 10 organizations collect, process, and analyze security operations data from more than 10 sources, ESG identified in a new ebook SOC Modernization and the Role of XDR, sponsored by Rapid7. Security professionals believe that the most important sources are endpoint security data 24%, thre...

Exploits0
CNVD
CNVD
added 2022/07/19 12:0 a.m.37 views

Apache Hive Authorization Issues Vulnerability

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...

7.5CVSS7.3AI score0.01393EPSS
Exploits0References1
Kitploit
Kitploit
added 2022/07/10 9:30 p.m.37 views

Secretflow - A Unified Framework For Privacy-Preserving Data Analysis And Machine Learning

SecretFlow is a unified framework for privacy-preserving data intelligence and machine learning. To achieve this goal, it provides: An abstract device layer consists of plain devices and secret devices which encapsulate various cryptographic protocols. A device flow layer modeling higher algorith...

7.6AI score
Exploits0References3
Imperva Blog
Imperva Blog
added 2022/07/01 2:44 p.m.19 views

How to Monitor Athena Usage to Understand Your Operations, and Control Security and Costs

Introduction to our data lakes experience Data lakes are great. They are flexible as they allow many object formats and multiple query engines. They are also cost effective - there is no need to manage or pay for resources like disks, cpu and memory. Data is simply stored in an object store and i...

7.5AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/06/27 12:0 a.m.14 views

Conti vs. LockBit: A Comparative Analysis of Ransomware Groups

We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022...

3.5AI score
Exploits0
CNVD
CNVD
added 2022/06/24 12:0 a.m.18 views

Splunk Resource Permission Assignment Error Vulnerability

Splunk is a suite of data collection and analysis software from Splunk, Inc. The software is primarily used to collect, index, and analyze the data it generates, including data generated by all IT systems and infrastructure physical, virtual machines, and cloud.A resource privilege assignment err...

5CVSS3.9AI score0.01799EPSS
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/06/06 12:0 a.m.8 views

The vulnerability of clients for conducting real-time audio and video conferences via Zoom Client for Meetings on Android, iOS, Linux, macOS, and Windows allows a hacker to perform spoofing attacks due to improper data analysis of XML messages in XMPP messages.

The vulnerability of clients for conducting real-time audio and video conferences using Zoom Client for Meetings on Android, iOS, Linux, macOS, and Windows is related to improper analysis of XML data in XMPP messages. Exploiting this vulnerability allows a malicious actor to perform a spoofing...

8.5CVSS7.7AI score0.04033EPSS
Exploits0References4Affected Software1
Microsoft Secure
Microsoft Secure
added 2022/06/01 6:0 p.m.20 views

Using Python to unearth a goldmine of threat intelligence from leaked chat logs

Dealing with a great amount of data can be time consuming, thus using Python can be very powerful to help analysts sort information and extract the most relevant data for their investigation. The open-source tools library, MSTICPy, for example, is a Python tool dedicated to threat intelligence. I...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/06/01 6:0 p.m.19 views

Using Python to unearth a goldmine of threat intelligence from leaked chat logs

Dealing with a great amount of data can be time consuming, thus using Python can be very powerful to help analysts sort information and extract the most relevant data for their investigation. The open-source tools library, MSTICPy, for example, is a Python tool dedicated to threat intelligence. I...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/04/04 12:0 a.m.5 views

The vulnerability of the data analysis module of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security allows a perpetrator to execute arbitrary code.

The vulnerability of the data analysis module of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security lies in the unlimited distribution of resources. Exploiting this vulnerability...

10CVSS8.2AI score0.03016EPSS
Exploits0References2
CNVD
CNVD
added 2022/03/22 12:0 a.m.20 views

IBM Security Guardium Insights Information Disclosure Vulnerability (CNVD-2022-60422)

IBM Security Guardium Insights is a set of data security solutions from IBM Corporation in the United States. The product supports data analysis, threat alerts, data security auditing and local data monitoring. IBM Security Guardium Insights has an information leakage vulnerability that could be...

4CVSS1.6AI score0.00603EPSS
Exploits0References1
Circl
Circl
added 2022/02/28 6:48 p.m.33 views

CVE-2021-24946

creationtimestamp| type| source ---|---|--- 2022-02-28 18:48:53+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wpmoderneventscalendarsqli.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:35+00:00...

9.8CVSS7.8AI score0.728EPSS
Exploits7References1
CNNVD
CNNVD
added 2022/02/17 12:0 a.m.7 views

Zepl Notebook 安全漏洞

Zepl Notebook is the United States Zepl company provides interactive data analysis and Web-based notebook. Zepl Notebook is a web-based notebook that provides interactive data analysis and is used to make beautiful documents that are data-driven, interactive and collaborative. Zepl Notebook has a...

9.9CVSS8.3AI score0.0165EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/02/17 12:0 a.m.6 views

Zepl Notebook 安全漏洞

Zepl Notebook is the United States Zepl company provides interactive data analysis and Web-based notebook. Zepl Notebook is a web-based notebook that provides interactive data analysis and is used to make beautiful documents that are data-driven, interactive and collaborative. A security...

8.8CVSS8.1AI score0.0165EPSS
Exploits2References5
Rows per page
Query Builder