The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gdm-2.6.0.5 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely by a malicious individual who has completed the authentication process...

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the rsyslog7-pgsql-7.4.10 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

Linux Australia Breached by Hackers

Linux Australia, a consortium in charge of organizing Linux conferences Down Under, acknowledged over the weekend it was breached by attackers who were able to secure access to one of its servers, and with it, potential user information. In a detailed email to users on Saturday, the group’s...

Unspecified Vulnerability in Websense TRITON AP-EMAIL

Websense TRITON is the Unified Content Architecture for data security. An unspecified security vulnerability exists in Websense TRITON AP-EMAIL port 17703, no detailed vulnerability details are available at this time...

Hackers Selling Uber Credentials on Underground Market

The alternative taxi service Uber denies insinuations that its systems were breached following reports claiming that underground forums are offering Uber user-credentials for as little as $1. First reported by Vice Magazine’s Motherboard spinoff, the information for sale also includes names, the...

Multiple Websense Product Data Security Module Page Cross-Site Scripting Vulnerabilities

Websense, Inc. NASDAQ: WBSN is the world's leading provider of integrated Web, information and data security protection solutions. Multiple Websense product data security module page cross-site scripting vulnerabilities due to the program failing to properly filter user-supplied input. The...

CVE-2015-2703

Multiple cross-site scripting XSS vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the 1 ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or 2...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the 1 ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or 2...

CVE-2015-2703

Multiple cross-site scripting XSS vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the 1 ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or 2...

CVE-2015-2703

Websense/TRITON AP-WEB and V-Series (AP-WEB before 8.0.0; V-Series 7.7) are affected by CVE-2015-2703: a cross-site scripting vulnerability in the Data Security block page via ws-encdata (ws-userip) and in the Content Gateway via admin_msg (client-cert-import_wsoem.html). The issue is triggered b...

Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014...

Cross-Site Scripting vulnerability in Websense Data Security block page

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Data Security block page ------------------------------------------------------------------------ Han Sahin, September 2014...

Websense Data Security Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Data Security block page ------------------------------------------------------------------------ Han Sahin, September 2014...

Websense Appliance Manager - Command Injection

Websense Appliance Manager - Command Injection Abstract A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remo...

Websense Appliance Manager - Command Injection

Abstract A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remote unauthenticated attacks to compromise the...

CVE-2 0 1 5-0 2 0 4 OpenSSL FREAK Attack vulnerability detection methods and repair recommendations-vulnerability warning-the black bar safety net

0×0 1 Introduction Near the Lantern Festival on the occasion, OpenSSL and because of the FREAK attack（also known as the Factoring Attack on RSA-EXPORT Keys vulnerability or CVE-2 0 1 5-0 2 0 4. the vulnerability fights uproar. Apple and Google are in on Tuesday indicated that they are fixing the...

xen-kernel -- Information leak via internal x86 system device emulation

The Xen Project reports: Emulation routines in the hypervisor dealing with certain system devices check whether the access size by the guest is a supported one. When the access size is unsupported these routines failed to set the data to be returned to the guest for read accesses, so that...

HackerOne: Improperly validated fields allows injection of arbitrary HTML via spoofed React objects

Note: I haven't yet investigated the implications of this fully, so this may be more severe than I'm currently aware of. Right now the only exploits I'm aware of allow a team member to attack other team members. I've found a couple fields that I'd expect to be limited to string values, but which...

AppUse - Android Pentest Platform Unified Standalone Environment

AppUse Virtual Machine, developed by AppSec Labs, is a unique and free system, a platform for mobile application security testing in the android environment, and it includes unique custom-made tools. Faster & More Powerful The system is a blessing to security teams, who from now on can easily...

File Hosting Service RapidShare Shutting Down

Remember RapidShare? Once one of the world's most popular and first ever one-click online file hosting and cloud storage website on the Internet. The company has announced that it will shut down its business at the end of next month. RapidShare file hosting service announced its shut down Tuesday...