160 matches found
SAP HANA Extended Application Service Information Disclosure Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
IBM i2 Enterprise Insight Analysis Information Disclosure Vulnerability
IBM i2 Enterprise Insight Analysis is a suite of data analytics and integration solutions from IBM USA. The product is characterized by interoperability and scalability. An information disclosure vulnerability exists in IBM i2 Enterprise Insight Analysis version 2.1.7, which originates from the...
8x8: XSS (Cross site scripting) on https://apimgr.8x8.com
The domain apimgr.8x8.com hosted an outdated version of WSO2 Data Analytics Server...
Microsoft and Imperva Collaboration Bolsters Data Compliance and Security Capabilities
This article explains how Imperva SecureSphere V13.2 has leveraged the latest Microsoft EventHub enhancements to help customers maintain compliance and security controls as regulated or sensitive data is migrated to Azure SQL database instances. Database as a Service Benefits Platform as a Servic...
Excerpts from 10 Endpoint Security Problems – And How the Cloud Solves Them
Predicting new threats is the top challenge for security and IT professionals Traditional antivirus is based on what’s already known – it can only stop known malware attacks based on the signatures it has at the moment. But the problem is only 30% of attacks are malware-based; if you rely solely ...
A Star Wars Analogy to Defend Against Non-Malware Attacks and the Dark Side
I like watching movies because I can relate almost anything in my real life to the movies I watched. Last week, I did a presentation at "Security Days Tokyo 2018," and I used Star Wars to describe the targeted attacks, non-malware attacks, AI-based, NGAV, etc. The Star Wars analogies were well...
Chronicle: A Meteor Aimed At Planet Threat Intel?
Alphabet Inc., the parent company of Google, said today it is in the process of rolling out a new service designed to help companies more quickly make sense of and act on the mountains of threat data produced each day by cybersecurity tools. Countless organizations rely on a hodgepodge of securit...
What is the Cb Predictive Security Cloud (PSC)?
In today’s new reality, the device, and the people operating those devices, have taken center stage. Whether in your office or at a Starbucks, your endpoints now have access to some of your organization’s most sensitive data via cloud services, such as Salesforce.com, Office 365, and the Google...
Getting Back on the Field
Growing up as a foreign service brat, I was obsessed with security. Living in Guatemala in the 80s you had to adapt and become resilient as child. As there was no TV in our household, 10-year-old Tom began to tinker with my father’s computer and soon it became my oasis from the stress of living i...
Can a License Solve Your Cloud Migration Problem?
No, but it can certainly reduce friction. Cloud adoption is no longer an if, but a when. Even Gartner says there’s no such thing as a ‘no cloud policy.’ The winds of technology change are blowing, but no enterprise is talking about 100% cloud adoption in the near term. Hybrid IT environments are...
Gartner: The Pursuit of Perfection Weakens InfoSec Effectiveness
While malicious hackers are the obvious enemies of InfoSec pros, there’s something else that puts IT environments in danger: Perfectionism. When applied to security, perfectionism becomes detrimental, creating a false certainty that all bases are covered and yielding a fundamentally flawed approa...
Carbon Black’s Vision for the Predictive Security Cloud
Earlier today, during a keynote address at Cb Connect, I unveiled our vision for the Cb Predictive Security Cloud™️. The first of its kind, the Cb Predictive Security Cloud is an extensible, cloud-based cyber security platform that helps anticipate and prevent future and unknown cyberattacks. The...
Cross site scripting
The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is...
CVE-2017-14995
CVE-2017-14995: A stored XSS vulnerability in the Management Console affects multiple WSO2 products (WSO2 Application Server 5.3.0; WSO2 Business Process Server 3.6.0; WSO2 Business Rules Server 2.2.0; WSO2 Complex Event Processor 4.2.0; WSO2 Dashboard Server 2.0.0; WSO2 Data Analytics Server 3.1...
WSO2 Data Analytics Server Cross-Site Scripting Vulnerability
WSO2 Data Analytics Server is a data analytics server from WSO2, Inc. that provides real-time analysis of data streams, complex event processing, and machine learning. A cross-site scripting vulnerability exists in the carbon/resources/addcollectionajaxprocessor.jsp file in WSO2 Data Analytics...
WSO2 Data Analytics Server Multiple XSS Vulnerabilities
WSO2 Data Analytics Server is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
CVE-2017-14651
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
CVE-2017-14651
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
CVE-2017-14651
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...