Lucene search
K

71 matches found

Tenable Nessus
Tenable Nessus
added 2019/12/19 12:0 a.m.103 views

Red Hat JBoss Enterprise Application Platform 7.x < 7.2.5 Multiple Vulnerabilities

The version of Red Hat JBoss Enterprise Application Platform EAP installed on the remote host is 7.x prior to 7.2.5. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:4021 advisory: - undertow: HTTP/2: large amount of data requests leads to denial of service...

8.8CVSS7AI score0.87806EPSS
Exploits1References7
Cvelist
Cvelist
added 2019/08/22 12:40 p.m.21 views

CVE-2018-20981

The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests...

9.4AI score0.01744EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/07/10 4:30 p.m.8 views

Telcos Singled Out for Prioritizing Government Requests for Data Over Privacy

Telecommunications giants don’t seem to have any interest in shaking their legacy of complicity with government requests for user data. The Electronic Frontier Foundation’s latest Who Has Your Back report singles out AT&T, Verizon, T-Mobile and Comcast as its lowest performers, saying that the...

0.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2016/10/13 1:43 p.m.14 views

Google Handles Record Number of Government Requests for Data

Google fielded a record number of government requests for user data during the first half of 2016, according to its updated Transparency Report. It was also able to report that it received at least one National Security Letter during the six months between July and December 2015. “Pursuant to the...

6.9AI score
Exploits0References5
Hacker One
Hacker One
added 2016/09/30 12:38 a.m.2450 views

Snapchat: Bypassing "You've requested your data the maximum number of times today." + "Please Verify an email address with snapchat to continue"

Hello Again , I found an 2 issues in accounts.snapchat.com/accounts/downloadmydata - The first one : Bypassing The maximum number of Data Requests per day and download the Account Data any time the Attacker wants. - The Second : Download The Account Data without any Email verification. Requiremen...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2016/04/14 8:5 a.m.13 views

Microsoft Sues US Govt Over Unconstitutional Secret Data Requests

Microsoft is suing the Department of Justice DoJ to protest the gag order that prevents technology companies from telling their customers when their cloud data is handed over to authorities. In layman's terms, the Electronic Communications Privacy Act ECPA allows the government to issue gag order...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2016/03/22 9:0 a.m.13 views

Requests for Yahoo User Data Spiked After Paris Terror Attacks

Yahoo’s latest transparency report, published today, reflects a spike in government and law enforcement requests for user data following the Paris terrorist attacks of Nov. 13. The attacks resulted in the deaths of 130 people and injuries to more than 350 others; the situation remains fluid with...

6.8AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/12/01 9:46 a.m.12 views

National Security Letter Attachment Details

While the Snowden documents have demystified the intelligence community’s hacking abilities, few specifics are known about National Security Letters, law enforcement’s most powerful tool to compel telecommunications and Internet service providers to turn over a broad scope of user data, and which...

6.5AI score
Exploits0References11
ThreatPost
ThreatPost
added 2015/10/15 3:32 p.m.79 views

Latest Microsoft Transparency Report Details Content Removal Requests

Microsoft launched a new transparency website this week that bundles reports detailing requests for data the company has received, including those from law enforcement, the government, and elsewhere. The page, which Microsoft is calling its Transparency Hub, is somewhat similar to what Apple did...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2015/09/25 2:40 p.m.10 views

Yahoo Transparency Report Shows Requests for Data Up

Yahoo this week published its transparency report for the first six months of the year and the numbers indicate that government requests for data on its users are up slightly after sharp dropoff for the report covering the last six months of 2014. Yahoo said that it received 5,221 government data...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/06/16 9:23 a.m.10 views

Amazon Transparency Report Shows Few Requests For User Data

Amazon has released its first transparency report, and for a company as large as Amazon, there is surprisingly little in the way of detail or explanation in the report. The company reported that it received 813 subpoenas, 25 search warrants, and 0-249 national security requests. Of the 813...

0.5AI score
Exploits0References1
CNVD
CNVD
added 2015/06/08 12:0 a.m.3 views

Linux kernel OZWPAN driver denial of service vulnerability (CNVD-2015-03716)

Linux kernel is an open source operating system.OZWPAN is one of the drivers for receiving, parsing and forwarding network packets. A security vulnerability in the 'ozusbhandleepdata' function in the file drivers/staging/ozwpan/ozusbsvc1.c of the Linux kernel OZWPAN driver allows remote attackers...

7.8CVSS6.5AI score0.05852EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2015/04/06 10:58 a.m.22 views

Snapchat Publishes First Transparency Report

Snapchat has released its first transparency report, covering a four-month period from November through February, and the data shows that the company didn’t receive any National Security Letters and got fewer than 400 total requests for data from the United States government. Snapchat, a Californ...

2.2AI score
Exploits0References1
Snyk
Snyk
added 2015/03/14 10:0 p.m.4 views

JSONP Callback Attack

Overview Affected versions of this package are vulnerable to JSONP Callback Attack. JSONP JSON with padding is a method used to request data from a server residing in a different domain than the client. Any url could perform JSONP requests, allowing full access to the browser and the JavaScript...

6.5CVSS5.6AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/09/26 10:34 a.m.7 views

September 2014 Yahoo Transparency Report

There was less clamor from governments and law enforcement around the world for data collected and stored by Yahoo, but nonetheless, the technology giant still fielded more than 18,000 data requests over the first six months of the year. Yahoo yesterday released its third Transparency Report, and...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/06/05 2:25 p.m.12 views

Microsoft Calls for NSA Surveillance Reforms

On the anniversary of the first news reports on NSA surveillance, Microsoft general counsel Brad Smith seized the opportunity to draw a line in the sand with the U.S. government. Smith challenged the government curtail surveillance because it’s hurting business and impaling privacy and civil...

6.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2014/02/25 1:13 p.m.10 views

After a Turbulent Year, Still Some Optimism in the Security World

SAN FRANCISCO–Despite all of the revelations and accusations and recriminations in the security industry in the last year, Microsoft’s Scott Charney said he is still optimistic about the industry’s ability to defend users. However, that optimism is tempered by concern about the threats those user...

Exploits0
ThreatPost
ThreatPost
added 2014/01/22 12:58 p.m.9 views

Verizon Releases First Transparency Report, Says Government Requests INcreasing

After months of public calls from privacy advocates and security experts, Verizon on Wednesday released its first transparency report, revealing that it received more than 164,000 subpoenas and between 1,000 and 2,000 National Security Letters in 2013. The report, which covers Verizon’s landline,...

0.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/12/23 10:27 a.m.8 views

AT&T, Verizon Announce Transparency Reports in 2014

One by one, the telecommunications giants at the heart of the NSA surveillance scandal are relenting to shareholder pressure and public demands for them to publish reports on government requests for user data. On Friday Verizon and AT&T announced their intent to begin producing transparency repor...

6.8AI score
Exploits0References7
RedHat Linux
RedHat Linux
added 2013/10/31 4:21 p.m.4 views

kernel: ansi_cprng: off by one error in non-block size request

Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the...

5.8CVSS6.7AI score0.03181EPSS
Exploits0References4
Rows per page
Query Builder