Lucene search
K

178 matches found

NVD
NVD
added 2019/05/29 8:29 p.m.24 views

CVE-2019-11892

A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller SHC before 9.8.905 that may result in reading or modification of the SHC's configuration or triggering and restoring backups. In order to exploit the vulnerability, the adversary...

8CVSS7.6AI score0.01029EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2019/04/10 4:0 p.m.54 views

4 tried-and-true prevention strategies for enterprise-level security

Why is it that dentists advise people over and over to floss, yet so few do it? It only takes a minute of your time, yet if you’re running late or feeling tired, you may be tempted to skip it. That is until you remember your upcoming teeth cleaning appointment. There is nothing like the memory of...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/01/29 12:2 p.m.102 views

How to Recover Lost or Deleted Files?

Have you ever lost your important files, like memories or official documents, accidentally or maliciously? Adding more... when you even do not have any backup for the same. Unfortunate, right? We've all been there. Just last week I formatted my computer and later found that I didn't have any back...

Exploits0
Prion
Prion
added 2018/10/24 9:29 p.m.19 views

Path traversal

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing t...

7.2CVSS7.1AI score0.00558EPSS
Exploits0References1Affected Software2
Citrix
Citrix
added 2018/09/16 12:0 a.m.10 views

How to Delete Hosting Connection configured in Citrix Studio

Deleting a connection can result in the deletion of large numbers of machines and loss of data. Ensure that user data on affected machines is backed up or no longer required. Before deleting a connection, ensure that: All users are logged off from the machines stored on the connection. No...

6.7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 2:41 p.m.14 views

Security Bulletin: Privilege Escalation Vulnerability in the FlashCopy Manager for VMware GUI (CVE-2013-6714)

Summary In customer environments that utilize VMware restricted users, users of the Tivoli Storage FlashCopy Manager: FlashCopy Manager for VMware GUI can back up and restore VMs that they are not authorized to access. Vulnerability Details CVE ID: CVE-2013-6714 DESCRIPTION: In customer...

4.1CVSS0.3AI score0.00262EPSS
Exploits0Affected Software1
myhack58
myhack58
added 2018/04/17 12:0 a.m.22 views

Linux server discovered bitcoin extortion event, do a good Four Points from a loss-vulnerability warning-the black bar safety net

Following the Windows encountered ransomware virus after the Linux server was bitcoin extortion cases have occurred, you think to pay a ransom just to end? Important warning Recently, Tencent cloud security team monitoring to the cloud on a Linux server began to appear bitcoin extortion event, th...

7.3AI score
Exploits0
CNVD
CNVD
added 2018/02/06 12:0 a.m.3 views

Arbitrary file download vulnerability in phpwechat version 1.1.6

phpWechat is a free and open source microsoft public platform management system. An arbitrary file download vulnerability exists in phpwechat version 1.1.6 at the data backup, which can be exploited by an attacker to download arbitrary files from the server, such as script code, service and syste...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/19 4:0 p.m.36 views

Cybersecurity New Year’s resolutions, you say? Why not.

It's mid-January, and oh, how time flies. It wasn’t long since we bid farewell to 2017 and welcomed the new year with renewed hope and vigor. Of course, with such positivity comes a sense of an equally favorable outlook for the year ahead. However good that may sound, being faced with a tabula ra...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2018/01/15 5:0 p.m.20 views

Microsoft offers several mechanisms to protect against ransomware

The start of a new year is the perfect time to reassess your security strategy and tactics especially when looking back at the new levels of ransomwares reach and damage in 2017. Its no secret that ransomware attacks are increasing. In fact, a business is hit with ransomware every 40 seconds. If...

6.5AI score
Exploits0
CNVD
CNVD
added 2017/12/18 12:0 a.m.5 views

Huawei Changsha 5S Information Disclosure Vulnerability

The Huawei Changshare 5S is a smartphone from the Chinese company Huawei Huawei. An information disclosure vulnerability exists in Huawei 畅享5S. Attackers have successfully exploited the vulnerability to cause information leakage by tricking users into installing a carefully constructed applicatio...

5.5CVSS6.2AI score0.00669EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/03 12:0 a.m.6 views

Multiple Lenovo VIBE phones elevation of privilege vulnerability

Android 6.0 Marshmallow is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA in the U.S. The Lenovo A2010-a and other smartphone products from China's Lenovo use the Android 6.0 Marshmallow operating system. The Lenovo A2010-a is a smartphone from...

6.9CVSS7.2AI score0.00143EPSS
Exploits0References1
OSV
OSV
added 2017/06/29 3:29 p.m.2 views

CVE-2017-3750

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749...

6.4CVSS5.7AI score0.00143EPSS
Exploits0References1
OSV
OSV
added 2017/06/29 3:29 p.m.2 views

CVE-2017-3749

On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750...

6.4CVSS5.7AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2017/06/29 3:29 p.m.18 views

CVE-2017-3750

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749...

6.9CVSS6.5AI score0.00143EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2017/06/19 8:43 a.m.12 views

Web Hosting Company Pays $1 Million to Ransomware Hackers to Get Files Back

South Korean web hosting provider has agreed to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data, hosted on them. According to a blog post published by NAYANA, the web hosting company, this unfortunate event...

6.4AI score
Exploits0
rapid7community
rapid7community
added 2017/06/13 2:5 p.m.39 views

Why you have to move beyond “We have a policy for that”

Ive never been a big fan of - or have believed in the value of - security policies. Sure, theyre necessary for setting expectations and auditors want to see them. They can also serve as a sort of insurance policy to fall back on when an unexpected security "event" occurs. But, at the end of the...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2017/06/08 6:3 a.m.19 views

First Android-Rooting Trojan With Code Injection Ability Found On Google Play Store

A new Android-rooting malware with an ability to disable device’ security settings in an effort to perform malicious tasks in the background has been detected on the official Play Store. What's interesting? The app was smart enough to fool Google security mechanism by first pretending itself to b...

7.5AI score
Exploits0
CISA
CISA
added 2017/06/08 12:0 a.m.15 views

FTC Recommends Steps to Protect Against Mobile Phone Theft

The Federal Trade Commission FTC has released an alert about the theft of mobile phones and the best way to prepare for and recover from this kind of theft. Precautionary steps include regularly backing up the data on the phone, using strong passwords, and using two-factor authentication on any...

7AI score
Exploits0References2
CNVD
CNVD
added 2017/06/06 12:0 a.m.5 views

Fastspot BigTree CMS Unauthorized Operation Vulnerability

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. An unauthorized operation vulnerability exists in Fastspot BigTree CMS version 4.2.18 and earlier, which stems from the program failing to prevent a user from deleting thei...

6.5CVSS6.8AI score0.0063EPSS
Exploits1References1
Rows per page
Query Builder