Lucene search
K

2594 matches found

OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.75 views

Fedora Update for ceph FEDORA-2019-6a2e72916a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.4AI score
Exploits0References2
OSV
OSV
added 2019/04/24 9:29 p.m.4 views

CVE-2019-8992

The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for...

8.8CVSS7.5AI score0.02163EPSS
Exploits0References3
Tibco
Tibco
added 2019/04/22 10:47 p.m.17 views

TIBCO Security Advisory: April 24, 2019 - TIBCO Active MatrixService Grid -2019-8992

TIBCO Active Matrix Service Grid Administrator Remote Code Execution Original release date: April 24, 2019 Last revised: CVE-2019-8992 Source: TIBCOSoftware Inc. TIBCO Active Matrix Service Grid Administrator Remote Code Execution Original release date: April 24, 2019 Last revised: -- Source: TIB...

6.5CVSS8.1AI score0.02163EPSS
Exploits0Affected Software8
Carbon Black Blog
Carbon Black Blog
added 2019/04/15 5:6 p.m.62 views

Mirai Rebirth Highlights Importance of Defending IoT

Editor’s Note: Sam Bocetta, a guest author on the Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. Enterprises of all sizes face a massive challenge when it come...

0.1AI score
Exploits0
OSV
OSV
added 2019/04/09 4:29 a.m.1 views

DEBIAN-CVE-2019-10903

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check...

7.5CVSS8.7AI score0.05592EPSS
Exploits1References1
Imperva Blog
Imperva Blog
added 2019/04/03 2:28 p.m.57 views

Not just for Processing: How Kafka Streams as a Distributed Database Boosted our Reliability and Reduced Maintenance

The Apache Kafka Streams library is used by enterprises around the world to perform distributed stream processing on top of Apache Kafka. One aspect of this framework that is less talked about is its ability to store local state, derived from stream processing. In this blog post we describe how w...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2019/03/19 7:55 a.m.3 views

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original...

9.8CVSS8.2AI score0.56237EPSS
Exploits9
OSV
OSV
added 2019/03/07 6:47 p.m.1 views

GHSA-WG37-7MRV-CFWM Unauthenticated Remote Code Execution in Apache JMeter

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS5.9AI score0.02709EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2019/03/07 6:47 p.m.26 views

Unauthenticated Remote Code Execution in Apache JMeter

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS3AI score0.02709EPSS
Exploits0References4Affected Software1
ThreatPost
ThreatPost
added 2019/03/06 7:45 p.m.64 views

RSA Conference 2019: The Sky's the Limit For Satellite Hacks

SAN FRANCISCO – The satellites orbiting the world are rife with vulnerabilities – and as more satellites go up, and antenna equipment becomes cheaper, they are becoming a lucrative target for threat actors back on earth, according to researchers. William Malik, vice president of infrastructure...

0.4AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/03/06 5:29 p.m.21 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS7.2AI score0.02709EPSS
Exploits0References3
OSV
OSV
added 2019/03/06 5:29 p.m.1 views

DEBIAN-CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS6.9AI score0.02709EPSS
Exploits0References1
OSV
OSV
added 2019/03/06 5:29 p.m.14 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS9.4AI score
Exploits0References2
OSV
OSV
added 2019/03/06 5:29 p.m.2 views

UBUNTU-CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS7.3AI score0.02709EPSS
Exploits0References4
Prion
Prion
added 2019/03/06 5:29 p.m.9 views

Deserialization of untrusted data

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

7.5CVSS9.4AI score0.02709EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/03/06 5:0 p.m.100 views

CVE-2019-0187

Apache JMeter in distributed mode (-r/-R) is affected by CVE-2019-0187, enabling unauthenticated remote code execution via a RemoteJMeterEngine over RMI using untrusted data deserialization. The issue is limited to tests running in Distributed mode; pre-4.0 versions do not encrypt traffic between...

9.8CVSS9.3AI score0.02709EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/03/06 5:0 p.m.29 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.5AI score0.02709EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/03/06 5:0 p.m.14 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS9.5AI score0.02709EPSS
Exploits0
Veracode
Veracode
added 2019/03/04 6:19 a.m.20 views

Remote Code Execution (RCE)

ApacheJMetercore is vulnerable to remote code execution RCE. The vulnerability exists due to a lack of client authentication when Apache JMeter is configured in a distributed mode, allowing an attacker to perform arbitrary deserialization of untrusted data which will lead to arbitrary code...

9.8CVSS9.8AI score0.02709EPSS
Exploits0References6Affected Software2
OpenVAS
OpenVAS
added 2019/03/03 12:0 a.m.69 views

Debian: Security Advisory (DLA-1696-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.02136EPSS
Exploits0References3
Rows per page
Query Builder