8688 matches found
Unspecified Vulnerability in Oracle Hospitality OPERA 5 Property Services Component (CNVD-2017-31738)
Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hotel management from Oracle Corporation. The solution provides human resource cost management, tracking and management of services throughout a customer's journey to improve customer...
openSUSE Security Update : cacti / cacti-spine (openSUSE-2017-999)
This update for cacti and cacti-spine fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-12927: Cross-site scripting vulnerability in methodparameter bsc1054390 - CVE-2017-12978:Cross-site scripting vulnerability via the title field bsc1054742 It also contains a...
Framadate CSV Export Input Validation Vulnerability
Framadate is a free polling software developed by the Framadate team.CSV Export is one of the CVS Comma Separated Values export components. A security vulnerability exists in CSV Export in Framadate version 1.0. An attacker can exploit this vulnerability to obtain information and execute code...
XWiki labs CryptPad pad export cross-site scripting vulnerability
XWiki labs CryptPad is an editor from XWiki labs. pad export is one of the modules for exporting files in pad format. A cross-site scripting vulnerability exists in pad export in XWiki labs CryptPad versions prior to 1.1.1. A remote attacker can exploit this vulnerability to inject arbitrary web...
Kaspersky Internet Security for Android Security Bypass Vulnerability
Kaspersky Internet Security for Android is a set of security software based on the Android platform developed by the Russian Kaspersky Lab Kaspersky Lab with both antivirus and firewall functions. A security vulnerability exists in version 11.12.4.1622 of Kaspersky Internet Security for Android,...
Open Distributed Threat Intelligence: Yeti
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don’t have to. Yeti provides an interface for humans shiny...
Visualize network Topologies From pcap Files: PcapViz
PcapViz visualizes network topologies and provides graph statistics based on pcap files. It should be possible to determine key topological nodes or data exfiltration attempts more easily. Features Draw network topologies Layer 2 and communication graphs Layer 3 and 4 Network topologies contain...
GitLab -- two vulnerabilities
GitLab reports: Remote Command Execution in git client An external code review performed by Recurity-Labs identified a remote command execution vulnerability in git that could be exploited via the "Repo by URL" import option in GitLab. The command line git client was not properly escaping command...
CVE-2017-10195
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. The supported version that is affected is 2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality...
CVE-2017-10182
Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: OPERA Export Functionality. Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vulnerability allows high privileged attacker with...
CVE-2017-10182
Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: OPERA Export Functionality. Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vulnerability allows high privileged attacker with...
CVE-2017-10195
Oracle Hospitality Simphony (Import/Export subcomponent) in Oracle Hospitality Applications is affected, specifically version 2.8. The vulnerability allows unauthenticated network access over HTTP to compromise Simphony, with attacks requiring user interaction and potentially enabling unauthorize...
Oracle Hospitality Simphony Remote Vulnerability (CNVD-2017-26286)
Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation. Oracle Hospitality Simphony is one of the cloud-based mobile food and beverage sales components of the solution, which provides human resource cos...
Pegasystem PEGA Platform Access Control Vulnerability
Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications for BPM Business Process Management, Case Management, Real Time Decision Making and CRM Customer Relationship Management. A security vulnerability exists in th...
CVE-2017-11356
The application distribution export functionality in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control...
CVE-2017-11356
The CVE-2017-11356 entry describes an improper access control in the Pegasystem PEGA Platform, where the application distribution export function in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information due to a m...
Learning PowerShell: some basic commands
My first Powershell script The first PowerShell script I wrote see below was a quick fix to remove certificates from the “Untrusted” registry key after a Vonteera infection. After some initial commands, this script basically loops back for every certificate that doesn’t belong under a certain key...
RastLeak - Tool To Automatic Leak Information Using Hacking With Engine Searches
Tool to automatic leak information using Hacking with engine searches. How to install Install requirements with: pip install -r requirements.txt How to use: python rastleak.py Usage: $ python rastleak.py -h usage: rastleak.py -h -d DOMAIN -o OPTION -n SEARCH -e EXT -f EXPORT This script searchs...
Unspecified Vulnerability in Oracle Hospitality Simphony (CNVD-2017-20294)
Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation, of which Hospitality Simphony is a cloud-based hospitality management component. A security vulnerability exists in the Import/Export subcomponent...
Open Fire User Import Export Plugin XML External Entity Injection
Summary An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability...