Lucene search
K

8752 matches found

Akamai Blog
Akamai Blog
added 2019/06/23 4:0 a.m.10 views

In Conversation: Career Development as a Parent

Technology can only continue to thrive with the direct influence of those involved in its evolution. When the experiences of those people are broad, the tech industry benefits from the diversity of what they bring to the table. At Akamai,...

3.2AI score
Exploits0
OSV
OSV
added 2019/06/19 12:0 a.m.5 views

UBUNTU-CVE-2019-6471

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 - 9.11.7, 9.12.0 - 9.12.4-P1, 9.14.0 - 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of...

5.9CVSS6.6AI score0.03271EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/06/18 5:22 p.m.52 views

Moderate: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.7AI score0.37618EPSS
Exploits0References3
Fedora
Fedora
added 2019/06/12 2:48 p.m.50 views

[SECURITY] Fedora 30 Update: python-django-2.1.9-1.fc30

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

6.1CVSS1.6AI score0.02563EPSS
Exploits0
Fedora
Fedora
added 2019/06/05 2:2 a.m.17 views

[SECURITY] Fedora 29 Update: nss-3.44.0-2.fc29

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/04 3:30 p.m.16 views

Security Bulletin: IBM Security Information Queue discloses internal data left over from the product development phases

Summary The initial versions of IBM Security Information Queue ISIQ disclose internal data left over from the product development and Beta phases. In most cases, the data is specific to ISIQ's development environment and not useful to an attacker. Some of it, however, such as ISIQ's exact HTTP...

4CVSS1AI score0.00348EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2019/06/04 1:25 p.m.0 views

OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.9CVSS7.2AI score0.37618EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2019/06/02 12:0 a.m.551 views

Safari Webkit Proxy Object Type Confusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Safari Webkit Proxy Object Type Confusion', 'Description' = %q This module exploits a type confusion bug in the Javascript Proxy object in WebKit...

9.3CVSS0.2AI score0.53772EPSS
Exploits16
Github Security Blog
Github Security Blog
added 2019/05/30 5:15 p.m.12 views

Directory Traversal in ltt.js

Affected versions of ltt.js resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

5.6AI score
Exploits0References4Affected Software1
OSV
OSV
added 2019/05/30 5:15 p.m.7 views

GHSA-6QH5-WX38-Q92G Directory Traversal in ltt.js

Affected versions of ltt.js resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

6.8AI score
Exploits0References3
OSV
OSV
added 2019/05/29 7:29 p.m.5 views

CVE-2019-6957

A recently discovered security vulnerability affects all Bosch Video Management System BVMS versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager VRM, Video Streaming Gateway VSG, Configuration Manager, Building Integration System BIS with Video Engine, Access...

9.8CVSS5.9AI score0.01988EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/05/29 12:0 a.m.5 views

PT-2019-18378 · Bosch · Configuration Manager +7

Name of the Vulnerable Software and Affected Versions: Bosch Video Management System BVMS versions 9.0 and below DIVAR IP versions 2000 through 7000 Configuration Manager affected versions not specified Building Integration System BIS with Video Engine affected versions not specified Access...

9.8CVSS9.4AI score0.01515EPSS
Exploits0References3
OSV
OSV
added 2019/05/21 4:29 p.m.5 views

CVE-2019-12250

IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. NOTE: the software maintainer disputes that this is a vulnerability because the request logger is not...

6.1CVSS6AI score
Exploits0References1
0day.today
0day.today
added 2019/05/20 12:0 a.m.224 views

Solaris 7/8/9 (#SPARC) - (dtprintinfo) Local Privilege Escalation (1) Exploit

Exploit for solaris platform in category local exploits / raptordtprintnamesparc.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability an...

0.4AI score
Exploits0
Kitploit
Kitploit
added 2019/05/16 1:0 p.m.169 views

SecurityRAT - Tool For Handling Security Requirements In Development

OWASP Security RAT Requirement Automation Tool is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you're developing based on this information, list of common securit...

7.3AI score
Exploits0References2
Veeam
Veeam
added 2019/05/15 11:36 a.m.15 views

Slow performance for a single tenant database backup of the SAP HANA system

Challenge When backing up a small 128 GB tenant/system DB of SAP HANA, the backup performance might be comparatively slower than a file based backup or using a different backup solution. Cause After several customers pointed out the performance degradation - compared to file based backups - the...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2019/05/14 9:28 p.m.115 views

Machinae v1.4.8 - Security Intelligence Collector

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes, and SSL fingerprints. It was inspired by Automater, another excellent tool for collecting information. The Machinae...

7AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/05/13 9:8 p.m.4 views

OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

8.1CVSS7.4AI score0.12013EPSS
Exploits1References4
myhack58
myhack58
added 2019/05/09 12:0 a.m.149 views

How to build your own PoC framework Pocsuite3 using the article-the vulnerability warning-the black bar safety net

Compared to boring the usage of the description, the more I want to say about Pocsuite3 why will have these features as well as how to achieve. If you also want to build a similar tool, Pocsuite3 some of the thoughts may be able to help you. This article is also recorded Pocsuite3 development...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.9 views

Online Development, Inc. PCIC-E ControlNet Interface Communication Adapter

Binary data 754799.prm...

7.3AI score
Exploits0
Rows per page
Query Builder