Lucene search
K

177 matches found

Microsoft Secure
Microsoft Secure
added 2020/06/10 5:42 p.m.33 views

The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware

The linchpin of successful cyberattacks, exemplified by nation state-level attacks and human-operated ransomware, is their ability to find the path of least resistance and progressively move across a compromised network. Determining the full scope and impact of these attacks is one the most...

7.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/30 4:37 p.m.11 views

Security Bulletin: IBM Watson Studio - Local allows mounting glusterFS without security check

Summary Watson Studio Local was allowing glusterFS mounting without any authorization. As long as the user had access to the same network, they could mount gluster volumes in any cluster. Internal implementation has been changed to check for permission before glusterFS mounting is allowed...

1.2AI score
Exploits0Affected Software1
CNVD
CNVD
added 2019/11/29 12:0 a.m.3 views

Cloudera Data Science Workbench Privilege Check Bypass Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. A security vulnerability exists in Cloudera CDSW versions 1.4.0 through 1.4.2. The vulnerability stems from the system not properly restricting access to resources from unauthorized roles. An attacker can...

8.3CVSS6.9AI score0.00832EPSS
Exploits0References1
NVD
NVD
added 2019/11/26 4:15 p.m.11 views

CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

8.3CVSS8.3AI score0.00832EPSS
Exploits0References1
OSV
OSV
added 2019/11/26 4:15 p.m.5 views

CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

8.3CVSS5.8AI score0.00832EPSS
Exploits0References1
Prion
Prion
added 2019/11/26 4:15 p.m.16 views

Design/Logic Flaw

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

6.5CVSS8.3AI score0.00832EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/26 3:18 p.m.15 views

CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

8.4AI score0.00832EPSS
Exploits0References1
CVE
CVE
added 2019/11/26 3:18 p.m.41 views

CVE-2018-20090

CVE-2018-20090 affects Cloudera Data Science Workbench (CDSW) versions 1.4.0–1.4.2. The issue is an access-control flaw that allows authenticated users to bypass project permission checks and gain read/write access to any project folder. Root cause: improper enforcement of project-level permissio...

8.3CVSS8.2AI score0.00832EPSS
Exploits0References1Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2019/09/23 3:24 p.m.58 views

Building a New Language for Data Processing

Building a New Language for Data Translation In previous posts, we’ve talked about the plan for and implementation of EQR Event Query Router—a system we created to solve the problem of querying large quantities of disparate data by end-user analysts in real-time. As with any major project, we fac...

7.6AI score
Exploits0
FireEye
FireEye
added 2019/09/07 5:0 p.m.26 views

Open Sourcing StringSifter

Malware analysts routinely use the Strings program during static analysis in order to inspect a binary's printable characters. However, identifying relevant strings by hand is time consuming and prone to human error. Larger binaries produce upwards of thousands of strings that can quickly evoke...

0.4AI score
Exploits0References12
HackRead
HackRead
added 2019/08/27 1:6 p.m.56 views

Why is learning Python important in Data Science?

By Owais Sultan The field of data science is growing at a rapid pace, offering many job opportunities to people. If you want to enter the industry of data science, you must take a Python course. This is a post from HackRead.com Read the original post: Why is learning Python important in Data...

3.5AI score
Exploits0
Kitploit
Kitploit
added 2019/08/04 1:7 p.m.232 views

HELK - The Hunting ELK

The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack. This project was developed...

8AI score
Exploits0References12
CNVD
CNVD
added 2019/07/09 12:0 a.m.3 views

Cloudera Data Science Workbench Code Execution Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. The platform provides organizations with fast, easy and secure self-service data science support. A security vulnerability exists in Cloudera CDSW 1.3.0 and prior versions. An attacker could exploit the...

9.8CVSS7AI score0.02399EPSS
Exploits0References1
OSV
OSV
added 2019/07/03 4:15 p.m.3 views

CVE-2018-11215

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...

9.8CVSS6.1AI score0.02399EPSS
Exploits0References1
NVD
NVD
added 2019/07/03 4:15 p.m.17 views

CVE-2018-11215

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...

9.8CVSS9.7AI score0.02399EPSS
Exploits0References1
Prion
Prion
added 2019/07/03 4:15 p.m.17 views

Remote code execution

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...

7.5CVSS9.6AI score0.02399EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/03 3:46 p.m.63 views

CVE-2018-11215

CVE-2018-11215 concerns Cloudera Data Science Workbench (CDSW) versions 1.3.0 and earlier. The connected records consistently state a remote code execution vulnerability in CDSW, caused by unspecified attack vectors. The sources do not disclose the exact root cause, affected software components b...

9.8CVSS9.6AI score0.02399EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/03 3:46 p.m.15 views

CVE-2018-11215

Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...

9.7AI score0.02399EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/24 12:0 a.m.2 views

Cloudera Data Science Workbench Information Disclosure Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. The platform provides organizations with fast, easy and secure self-service data science support. An information disclosure vulnerability exists in CDSW versions 1.2.x through 1.4.0. The vulnerability stems...

5.3CVSS6.2AI score0.01195EPSS
Exploits0References1
OSV
OSV
added 2019/06/21 3:15 p.m.2 views

CVE-2018-15665

An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...

5.3CVSS5.8AI score0.01195EPSS
Exploits0References2
Rows per page
Query Builder