Lucene search
K

210 matches found

Carbon Black Blog
Carbon Black Blog
added 2020/03/04 6:2 p.m.32 views

RSA 2020 – That’s a Wrap!

Last week VMware Carbon Black attended the RSA Conference 2020 in San Francisco! This year was bigger than ever before, as we shared our vision for intrinsic security — for a safer, more effective world. Get all the highlights and check out some of our favorite moments in the wrap up below. The...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2020/01/19 2:58 a.m.1183 views

JhoneRAT: Cloud based python RAT targeting Middle Eastern countries

By Warren Mercer, Paul Rascagneres and Vitor Ventura with contributions from Eric Kuhla. Updated January 17th: the documents do not exploit the CVE-2017-0199 vulnerability. Executive Summary Today, Cisco Talos is unveiling the details of a new RAT we have identified we're calling "JhoneRAT." This...

9.3CVSS0.4AI score0.99933EPSS
Exploits29
The Hacker News
The Hacker News
added 2019/10/11 10:20 a.m.125 views

UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

A 39-year-old password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers. In 2014, developer Leah Neukirchen spotted a...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/11 12:0 p.m.55 views

Congratulations to our Query of the Month Winner for June 2019!

Last month, we launched our Query of The Month competition, which recognizes the top community-shared query that provides value to other Osquery users. To determine the query of the month, our team selects the community-shared query that has the most engagement or helps solve an important problem...

1.8AI score
Exploits0
Oracle linux
Oracle linux
added 2019/07/10 12:0 a.m.102 views

libvirt security update

5.0.0-9.el7 - qemu: remove cpuhostmask and cpuguestmask from virCaps structure Wim ten Have Orabug: 29956508 5.0.0-8.el7 - api: disallow virDomainSaveImageGetXMLDesc on read-only connections Jan Tomko Orabug: 29955742 CVE-2019-10161 - domain: Define explicit flags for saved image xml Eric Blake...

8.8CVSS1AI score0.01553EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/06/19 12:0 a.m.55 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0026) (SACK Panic) (SACK Slowness)

The remote OracleVM system is missing necessary patches to address critical security updates : - Add CVE numbers for CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Chuck Anderson Orabug: 29890820 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 - tcp: fix...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References4
Carbon Black Blog
Carbon Black Blog
added 2019/03/04 2:2 p.m.140 views

Carbon Black Cybersecurity Experts to Present in 4 Sessions at RSA 2019

We hope you’ll join Carbon Black at one of the company’s four presentations at RSA 2019. And don’t forget the company will also host a book launch and advanced signing of “Gray Day: My Undercover Mission to Expose America’s First Cyber Spy,” with Carbon Black’s National Security Strategist and...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/11/21 9:5 a.m.10 views

eric-beisswenger.de XSS vulnerability

Open Bug Bounty ID: OBB-700573 Description| Value ---|--- Affected Website:| eric-beisswenger.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

Exploits0
Openbugbounty
Openbugbounty
added 2018/11/19 9:0 p.m.12 views

eric-bompard.com XSS vulnerability

Open Bug Bounty ID: OBB-700108 Description| Value ---|--- Affected Website:| eric-bompard.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

Exploits0
0day.today
0day.today
added 2018/09/21 12:0 a.m.59 views

HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write Vulnerabilities

Multiple bugs were found in the code handling fax page reception in JPEG format that allow arbitrary writes to an uninitialized pointer by remote parties dialing in. When processing an specially crafted input, the issue could lead to remote code execution. HylaFAX versions 6.0.6 and 5.6.0 are...

0.8AI score0.05588EPSS
Exploits2
0day.today
0day.today
added 2018/08/17 12:0 a.m.63 views

Yubico PIV Tool 1.5.0 Buffer Overflow Vulnerability

A buffer overflow and an out of bounds memory read were identified in the yubico-piv-tool-1.5.0, these can be triggered by a malicious token. Multiple Vulnerabilities in Yubico Piv ====================================== Overview - -------- Confirmed Affected Versions: 1.5.0 Confirmed Patched...

0.4AI score0.00486EPSS
Exploits1
0day.today
0day.today
added 2018/08/17 12:0 a.m.476 views

Apple Smart Card Services Memory Corruption Vulnerability

Attackers with local access can exploit security issues in the smartcard driver. These result in memory corruptions, which might lead to code execution. Since smartcards can be used for authentication, the vulnerabilities may allow an attacker to login to the system without valid credentials as a...

0.01841EPSS
Exploits1
0day.today
0day.today
added 2018/08/17 12:0 a.m.60 views

OpenSC 0.18.0 Buffer Overflow / Out Of Bounds Read Vulnerability

Multiple issues have been identified in OpenSC, ranging from stack based buffer overflows to out of bounds reads and writes on the heap. They can be triggered by malicious smartcards sending malformed responses to APDU commands. Additionally to those fixes reported here, a lot of minor issues eg...

0.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/08/15 4:16 p.m.64 views

A Bug in Chrome Gives Bad Actors License to Play ‘20 Questions’ with Your Private Data

In a 2013 interview with The Telegraph, Eric Schmidt, then CEO of Google was quoted as saying: “You have to fight for your privacy or lose it.” Five years later, with the ‘Cambridge Analytica’ data breach scandal fresh in our memory, Eric Schmidt’s statement rings as a self-evident truth. Similar...

6.4AI score
Exploits0
Oracle linux
Oracle linux
added 2018/08/14 12:0 a.m.117 views

Unbreakable Enterprise kernel security update

4.14.35-1818.1.6 - ipv4: frags: handle possible skb truesize change Eric Dumazet Orabug: 28481663 CVE-2018-5391 4.14.35-1818.1.5 - inet: frag: enforce memory limits earlier Eric Dumazet Orabug: 28481663 CVE-2018-5391 - init/main.c: reorder bootcpustateinit/smppreparebootcpu Mihai Carabas Orabug:...

7.8CVSS7.7AI score0.7354EPSS
Exploits0
ICS
ICS
added 2018/05/08 12:0 a.m.86 views

Silex Technology SX-500/SD-320AN or GE Healthcare MobileLink (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable Remotely / Low skill level to exploit / Public exploits are available Vendors : Silex Technology, GE Healthcare Equipment : SX-500, SD-320AN, MobileLink Vulnerabilities : Improper Authentication, OS Command Injection 2. UPDATE INFORMATION...

7.4CVSS7.9AI score0.01348EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2018/01/19 3:12 p.m.8 views

ceric-eric.eu XSS vulnerability

Open Bug Bounty ID: OBB-531664 Description| Value ---|--- Affected Website:| ceric-eric.eu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/01/02 5:15 p.m.37 views

Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes

The individual who allegedly made a fake emergency call to Kansas police last week that summoned them to shoot and kill an unarmed local man has claimed credit for raising dozens of these dangerous false alarms -- calling in bogus hostage situations and bomb threats at roughly 100 schools and at...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/11/15 12:0 a.m.98 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3640)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3640 advisory. - selinux: fix off-by-one in setprocattr Stephen Smalley Orabug: 27001717 CVE-2017-2618 CVE-2017-2618 CVE-2017-2618 - sysctl: Drop reference added ...

5.5CVSS6.8AI score0.00459EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2017/11/14 12:0 a.m.69 views

PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free

X41 D-Sec GmbH Security Advisory: X41-2017-006 Multiple Vulnerabilities in PSFTPd Windows FTP Server ===================================================== Overview -------- Confirmed Affected Versions: 10.0.4 Build 729 Confirmed Patched Versions: None Vendor: Sergei Pleis Softwareentwicklung Vend...

5.9CVSS4.9AI score0.08742EPSS
Exploits4
Rows per page
Query Builder