[SECURITY] Fedora 21 Update: wildmagic5-5.13-12.fc21

A library of source code for computing in the fields of graphics, mathematics, physics, and image analysis. Web page documentation: http://www.geometrictools.com/Documentation/Documentation.html...

The Artillery Project

Artillery is a combination of a honeypot, monitoring tool, and alerting system. Eventually this will evolve into a hardening monitoring platform as well to detect insecure configurations from nix systems. It’s relatively simple, run ./setup.py and hit yes, this will install Artillery in...

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-34.fc21

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

SAP 3D Visual Enterprise Viewer Arbitrary Code Execution Vulnerability

SAP 3D Visual Enterprise Viewer VEV is a suite of software from SAP for viewing, zooming, panning and rotating interactive 3D data and playing step-by-step animations. A security vulnerability exists in SAP 3D Visual Enterprise Viewer VEV. The vulnerability can be exploited by a remote attacker t...

CVE-2015-7898

creationtimestamp| type| source ---|---|--- 2015-11-03 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38610...

Docker Remote API 未授权访问

介绍 docker 在使用集群管理如:Kubernetes,swarm时，要使用remote api对节点进行管理.remote api无认证时的默认端口是2375需要TLS认证默认登录是2376。 remote api默认是可以不需要认证能直接访问，能直接对docker进行操作,如新建容器,删除容器,查看镜像容器信息等... remote api操作方法见docker官方文档 检测docker remote api 未授权访问可以使用curl或者直接用浏览器访问 http://ip:2375/info 如果返回了json证明漏洞存在，如下图 其他参考链接...

CVE-2015-4902

creationtimestamp| type| source ---|---|--- 2015-10-28 15:34:58+00:00| seen| MISP/5630e8bc-eaf0-4130-a4d6-4609950d210b 2017-04-26 06:44:05+00:00| seen| MISP/59003521-ebbc-4b0b-92ed-3a25bce2ab96 2020-10-09 14:23:52+00:00| seen| MISP/ac986ebb-348a-4ad8-a64f-0afcac8f9b9b 2020-10-09 17:20:22+00:00|...

Mail.ru: [api.allodsteam.com] Authentication Data

api.allodsteam.com had an open public folder with some sensitive information for initial server setup, including sensitive internal documentation and database dumps...

RHEL 5 : JBoss EAP (RHSA-2015:1904)

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.4 and fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common...

ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities EMC Identifier: ESA-2015-142 CVE Identifier: CVE-2015-4541, CVE-2015-4542, CVE-2015-4543 Severity Rating: CVSS v2 Base Score: View details below for individual CVSS v2 scores Affected...

ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities EMC Identifier: ESA-2015-152 CVE Identifier: CVE-2015-4547, CVE-2015-4548 Severity Rating: CVSS v2 Base Score: View details below for individual CVSS v2 scores Affected Products: · RSA® W...

[SECURITY] Fedora 22 Update: wireshark-1.12.7-2.fc22

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

Bosch Security Systems Dinion NBN-498 - Web Interface XML Injection

Exploit Title: Bosch Security Systems - XML Injection - Dinion NBN-498 Web Interface Date: 01/09/2015 Exploit Author: neom22 Vendor Homepage: http://us.boschsecurity.com Data Sheet: http://resource.boschsecurity.us/documents/DatasheetenUS9007201286798987.pdf Version: Hardware Firmware 4.54.0026 -...

ownCloud: Apache documentation

maybe you want to remove this page https://download.owncloud.org/manual/ also other servers have this issue: https://doc.owncloud.com/manual/ https://forum.owncloud.org/manual/...

User Friendly Interactive Shell: Fish

Fish is a smart and user-friendly command line shell for OS X, Linux, and the rest of the family. fish includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. FISH is designed to work with any other shell like...

openSUSE Security Update : icedtea-web (openSUSE-2015-602)

The icedtea-web java plugin was updated to 1.6.1. Changes included : - Enabled Entry-Point attribute check - permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. - fixed DownloadService - comments in deployment.properties n...

How to Bind Certificates to Citrix Gateway Virtual Server

Refer to Citrix Documentation for detailed instruction -To bind the certificate and private key to a virtual server...

CVE-2015-1724

creationtimestamp| type| source ---|---|--- 2015-09-22 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38272...

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-33.fc23

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

CVE-2015-2520

creationtimestamp| type| source ---|---|--- 2015-09-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38215 2025-08-31 03:01:28+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:13:07+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...