1055 matches found
CVE-2017-13088
creationtimestamp| type| source ---|---|--- 2017-10-16 10:16:35+00:00| exploited| https://t.me/bykvaadm/327 2017-10-17 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=233 2017-10-27 23:29:14+00:00| exploited| https://t.me/SHATOOB/2227 2018-12-19 08:18:08+00:00| seen|...
CVE-2017-14941
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...
Design/Logic Flaw
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...
CVE-2017-14941
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...
CVE-2017-14941
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...
UBUNTU-CVE-2017-14941
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...
JasperSoft JasperReports 4.7 Password Disclosure Vulnerability
Exploit for php platform in category web applications + Credits: Joshua Platz aka Binary1985 + CVE ID: CVE-2017-14941 + Website: https://github.com/binary1985 + Source:...
CVE-2017-14941
Removed by vendor...
CVE-2017-14941
CVE-2017-14941 affects JasperReports 4.7. The vulnerability stems from passwords stored in clear text for Data Source Connectors, enabling a remote, authenticated user to view stored Data Source passwords by accessing flow.html during an Edit operation for a Data Source. The attack relies on acce...
CVE-2017-14941
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector...
JasperSoft JasperReports 4.7 Password Disclosure
Credits: Joshua Platz aka Binary1985 + CVE ID: CVE-2017-14941 + Website: https://github.com/binary1985 + Source: https://raw.githubusercontent.com/binary1985/VulnerabilityDisclosure/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941 Vendor: ==========================...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Arbitrary File Read Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14754 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Explo...
5 Red Flags That Tell You Vendors Are Lying About AI
This is the original version of this article: The term Artificial Intelligence has become a buzzword that people use in sales pitches all the time. You will hear about it in the latest ad copy for new gadgets and programs. It also happens to be the most important tool in the cyber security field...
XML External Entity Injection And Information Disclosure
Falcon is vulnerable to XML external entity injection and information disclosure. It is possible to inject an external entity during XML entity parsing, and leak the location of the credential files in log messages during the data source entity parsing...
Director Error "Cannot retrieve data. Data source unresponsive or reported an error".
The following error is seen in the event viewer of the Director server: Log Name: Application Source: Citrix Director Service Date: 1/20/2017 11:05:33 AM Event ID: 5 Task Category: None Level: Error Keywords: Classic User: N/A Computer: CtxDirector.RepLab.Local Description: The description for...
[SECURITY] Fedora 25 Update: mojarra-2.2.13-1.fc25
JvaServerTM Faces technology simplifies building user interfaces for JavaServer applications. Developers of various skill levels can quickly bui ld web applications by: assembling reusable UI components in a page; connecting these components to an application data source; and wiring...
Ubiquiti Inc.: JetBrains .idea project directory
Vulnerability description The .idea directory contains a set of configuration files .xml for your project. These configuration files contain information core to the project itself, such as names and locations of its component modules, compiler settings, etc. If you've defined a data source the fi...
The vulnerability of the Firefox ESR browser, which allows a hacker to read data from uninitialized memory areas
The vulnerability of the YCbCrImageDataDeserializer::ToDataSourceSurface function in Firefox ESR browsers is related to code errors. Exploiting this vulnerability may allow an attacker to read data from uninitialized memory areas remotely...
CVE-2015-0002
creationtimestamp| type| source ---|---|--- 2015-01-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35661 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ntapphelpcachecontrol.rb 2025-02-06 03:13:42+00:00...
DEBIAN-CVE-2014-5026
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...