Lucene search
K

4178 matches found

OpenVAS
OpenVAS
added 2020/02/21 12:0 a.m.25 views

Fedora: Security Advisory for systemd (FEDORA-2020-f8e267d6d0)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.6AI score
Exploits0References2
OSV
OSV
added 2020/02/20 11:26 p.m.19 views

GHSA-CMCX-XHR8-3W9P Denial of Service in uap-core when processing crafted User-Agent strings

Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-core to gt;=...

5.7CVSS7.3AI score0.02205EPSS
Exploits1References5
FireEye
FireEye
added 2020/02/20 12:0 a.m.16 views

M-Trends 2020: Insights From the Front Lines

Today we release M-Trends 2020, the 11th edition of our popular annual FireEye Mandiant report. This latest M-Trends contains all of the statistics, trends, case studies and hardening recommendations that readers have come to expect through the years—and more. One of the most exciting takeaways...

0.8AI score
Exploits0References1
OpenVAS
OpenVAS
added 2020/02/19 12:0 a.m.11 views

Linux: Read /etc/group (KB)

The /etc/group file is a text file that defines the groups on the system. There is one entry per line, with the following format: - groupname:password:GID:userlist Note: This script only stores information for other Policy Controls. Copyright C 2020 Greenbone Networks GmbH Some text descriptions...

7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2020/02/19 12:0 a.m.9 views

Linux: Unique primary groups for user accounts

The password file stores information about users such like username, UID, GID, etc. Users with same group can access and unintentionally or maliciously modify another user Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

7.2AI score
Exploits0References1
NVD
NVD
added 2020/02/18 7:15 p.m.27 views

CVE-2013-4228

The OG access fields visibility fields implementation in Organic Groups OG module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via...

4.3CVSS4.4AI score0.01157EPSS
Exploits0References5
Prion
Prion
added 2020/02/18 7:15 p.m.17 views

Spoofing

The OG access fields visibility fields implementation in Organic Groups OG module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via...

4CVSS6.8AI score0.01157EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2020/02/18 6:13 p.m.96 views

CVE-2013-4228

CVE-2013-4228 affects the Drupal contributed module Organic Groups (OG) for 7.x-2.x prior to 7.x-2.3. The vulnerability arises from the OG access/visibility fields not properly restricting access to private groups, allowing remote authenticated users to guess node IDs, subscribe to, and read cont...

4.3CVSS4.4AI score0.01157EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2020/02/18 6:13 p.m.29 views

CVE-2013-4228

The OG access fields visibility fields implementation in Organic Groups OG module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via...

4.4AI score0.01157EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2020/02/18 3:6 p.m.5 views

Iranian Hackers Exploiting VPN Flaws to Backdoor Organizations Worldwide

A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed "Fox Kitten ," the cyber-espionage campaign is said to have been directed a...

5.8AI score
Exploits0
Packet Storm
Packet Storm
added 2020/02/05 12:0 a.m.137 views

Verodin Director Web Console 3.5.4.0 Password Disclosure

Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Discovery Date: 2019-01-31 Exploit Author: Nolan B. Kennedy nxkennedy Vendor Homepage: https://www.verodin.com/ Software Link : https://www.verodin.com/demo-request/demo-request-form Tested Versions...

4CVSS0.041EPSS
Exploits5
exploitpack
exploitpack
added 2020/02/05 12:0 a.m.67 views

Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure (PoC)

Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Discovery Date: 2019-01-31 Exploit Author: Nolan B. Kennedy nxkennedy Vendor Homepage: https://www.verodin.com/...

4CVSS0.3AI score0.041EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2020/02/02 2:43 p.m.34 views

CVE-2019-9495

A flaw was found in wpasupplicant. Side channel attacks were recently discovered in the SAE implementations used by both hostapd and wpasupplicant. EAP-pwd uses a similar design for deriving PWE from the password and while a specific attack against EAP-pwd is not yet known to be tested, there is ...

7.5CVSS0.9AI score0.03449EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.49 views

Huawei EulerOS: Security Advisory for openssl110h (EulerOS-SA-2019-2218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.5AI score0.12154EPSS
Exploits0References2
Penetration Testing Lab
Penetration Testing Lab
added 2020/01/22 11:12 a.m.46 views

Persistence – Modify Existing Service

It is not uncommon for APT Groups to modify an existing service on the compromised host in order to execute an arbitrary payload when the… Continue reading - Persistence - Modify Existing Service...

5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2020/01/22 12:0 a.m.7 views

January 23, 2020—KB4534308 (OS Build 17134.1276)

January 23, 2020—KB4534308 OS Build 17134.1276 Windows 10, version 1803 the April 2018 Update Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update wit...

5.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/01/21 6:41 p.m.155 views

Threat Analysis Unit (TAU) Technical Report: The Prospect of Iranian Cyber Retaliation

Several different events in the Middle East ME region have escalated in the last several weeks between Iran and the United States. After a series of military operations between the two countries, several alerts were released from the U.S. government of a potential for cyberattacks. Traditionally...

7.2CVSS7.7AI score0.06932EPSS
Exploits8
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/01/17 1:35 p.m.44 views

This Week in Security News: The First Patch Tuesday Update of 2020 and Pwn2Own Vancouver Announced

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a major crypto-spoofing bug impacting Windows 10 that has been fixed as part of Microsoft’s January Patch Tuesday update. Also,...

7.2AI score
Exploits0
NVD
NVD
added 2020/01/07 6:15 p.m.17 views

CVE-2014-8673

Multiple SQL vulnerabilities exist in planning.php, userlist.php, projets.php, usergroupes.php, and groupelist.php in Simple Online Planning SOPPlanningbefore 1.33...

9.8CVSS9.9AI score0.11938EPSS
Exploits5References4
Kitploit
Kitploit
added 2020/01/05 11:30 a.m.111 views

AWS Report - Tool For Analyzing Amazon Resources

AWS Report is a tool for analyzing amazon resources. Features Search iam users based on creation date Search buckets public Search security group with inbound rule for 0.0.0.0/0 Search elastic ip dissociated Search volumes available Search AMIs with permission public Search internet gateways...

7.3AI score
Exploits0References1
Rows per page
Query Builder