Lucene search
K

995 matches found

Veeam
Veeam
added 2017/06/30 12:0 a.m.15 views

Data Warehouse Permission issues

Cause MP Version 8 uses dataset rules to collect host security profiles and snapshots. When a collector is installed on an agent, there is no issue. The data is forwarded to Management Server and written to DW under the DW account. When a collector runs on a Management Server which is our use cas...

7.1AI score
Exploits0Affected Software1
n0where
n0where
added 2017/06/23 2:3 a.m.16 views

Security and Privacy Assurance Research: SPARTA Framework

Security and Privacy Assurance Research Developed as a part of MIT Lincoln Laboratory’s test and evaluation role in the SPAR Security and Privacy Assurance Research program , SPARTA SPAR Testing and Assessment framework is a set of software applications used to evaluate the functionality and...

1.2AI score
Exploits0References5
Fedora
Fedora
added 2017/06/18 1:18 a.m.33 views

[SECURITY] Fedora 24 Update: redis-3.2.8-1.fc24

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

3.3CVSS0.7AI score0.00484EPSS
Exploits0
n0where
n0where
added 2016/12/04 10:35 p.m.43 views

Open Source Malware Clusterization Toolkit: Cosa Nostra

Open Source Malware Clusterization Toolkit Cosa Nostra is an open source software clustering toolkit with a focus on malware analysis. It can create phylogenetic trees of binary malware samples that are structurally similar. It was initially released during SyScan360 Shanghai 2016. Required 3rd...

0.7AI score
Exploits0References3
Packet Storm
Packet Storm
added 2016/11/19 12:0 a.m.85 views

SAP NetWeaver AS ABAP 7.4 Directory Traversal

Application: SAP NetWeaver AS ABAP Versions Affected: SAP NetWeaver AS ABAP 7.4 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 22.04.2016 Reported: 23.04.2016 Vendor response: 23.04.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2312966 Author: Daria Prosochkina...

0.3AI score
Exploits0
NVD
NVD
added 2016/11/18 8:59 p.m.16 views

CVE-2016-4331

When decoding data out of a dataset encoded with the H5ZNBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution...

8.6CVSS8.8AI score0.00762EPSS
Exploits2References4
OSV
OSV
added 2016/11/18 8:59 p.m.4 views

UBUNTU-CVE-2016-4331

When decoding data out of a dataset encoded with the H5ZNBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution...

8.6CVSS7.5AI score0.00762EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2016/11/18 8:0 p.m.40 views

CVE-2016-4331

When decoding data out of a dataset encoded with the H5ZNBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution...

8.6CVSS8.8AI score0.00762EPSS
Exploits2
Talos
Talos
added 2016/11/17 12:0 a.m.44 views

HDF5 Group libhdf5 H5T_COMPOUND Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0179 HDF5 Group libhdf5 H5TCOMPOUND Code Execution Vulnerability November 17, 2016 CVE Number CVE-2016-4333 Description HDF5 is a file format that is maintained by a non-profit organization, The HDF Group. HDF5 is designed to be used for storage and...

8.6CVSS8.6AI score0.00613EPSS
Exploits2
Metasploit
Metasploit
added 2016/10/22 4:45 a.m.48 views

Censys Search

The module uses the Censys REST API to access the same data accessible through the web interface. The search endpoint allows queries using the Censys Search Language against the Hosts dataset. Setting the CERTIFICATES option will also retrieve the certificate details for each relevant service by...

0.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/07/14 5:54 p.m.5 views

Dashbuilder: SQL Injection on data set lookup filters

A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter...

9.8CVSS5.8AI score0.03653EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/10/21 12:0 a.m.39 views

Fortinet FortiManager FortiOS 5.0.x >= 5.0.3 and < 5.0.11 Dataset Reports XSS

The Fortinet FortiManager FortiOS version running on the remote host is 5.x greater than or equal to 5.0.3 and prior to 5.0.11. It is, therefore, affected by a cross-site scripting vulnerability in the advanced dataset reports page due to a failure to properly sanitize user-supplied input to the...

4.3CVSS6.4AI score0.02388EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2015/10/21 12:0 a.m.54 views

Fortinet FortiAnalyzer FortiOS 5.0.x < 5.0.11 / 5.2.x < 5.2.2 Dataset Reports XSS

The Fortinet FortiAnalyzer FortiOS version running on the remote host is 5.0.x prior to 5.0.11 or 5.2.x prior to 5.2.2. It is, therefore, affected by a cross-site scripting vulnerability in the advanced dataset reports page due to a failure to properly sanitize user-supplied input to the...

4.3CVSS6.4AI score0.02388EPSS
Exploits4References2
Exploit DB
Exploit DB
added 2014/08/27 12:0 a.m.63 views

WordPress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities

Exploit Title: WooCommerce Store Exporter v1.7.5 Stored XSS Google Dork: inurl:"woocommerce-exporter" Date: 26/08/2014 Exploit Author: Mike Manzotti @ Dionach Vendor Homepage: http://www.visser.com.au/plugins/store-exporter/ Software Link:...

7.4AI score
Exploits0
RubySec
RubySec
added 2014/06/30 12:0 a.m.19 views

codders-dataset Gem for Ruby lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb Process Table Local Plaintext Credential Disclosure

"1 lib/dataset/database/mysql.rb and 2 lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process."...

7.8CVSS6.2AI score0.00546EPSS
Exploits1References1
Rows per page
Query Builder