Lucene search
K

7691 matches found

Malwarebytes
Malwarebytes
added 2018/01/19 4:0 p.m.34 views

Cybersecurity New Year’s resolutions, you say? Why not.

It's mid-January, and oh, how time flies. It wasn’t long since we bid farewell to 2017 and welcomed the new year with renewed hope and vigor. Of course, with such positivity comes a sense of an equally favorable outlook for the year ahead. However good that may sound, being faced with a tabula ra...

7AI score
Exploits0
Prion
Prion
added 2018/01/18 2:29 a.m.17 views

Design/Logic Flaw

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware subcomponent: Web Server Plugin. The supported version that is affected is 11.1.2.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Access...

4.3CVSS5.7AI score0.01583EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/01/18 2:0 a.m.66 views

CVE-2017-10262

CVE-2017-10262 affects Oracle Fusion Middleware’s Oracle Access Manager Web Server Plugin (component in 11.1.2.3.0). The vulnerability allows an unauthenticated attacker with network access via HTTPS to compromise Oracle Access Manager, potentially leading to unauthorized access to data across Or...

5.9CVSS6.1AI score0.01583EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/01/18 2:0 a.m.23 views

CVE-2017-10262

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware subcomponent: Web Server Plugin. The supported version that is affected is 11.1.2.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Access...

6.3AI score0.01583EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2018/01/15 7:0 a.m.13 views

OnePlus Site’s Payment System Reportedly Hacked to Steal Credit Card Details

This year's first bad news for OnePlus users—a large number of OnePlus customers are reporting of fraudulent credit card transactions after buying products from the Chinese smartphone manufacturer's official online store. The claim initially surfaced on the OnePlus support forum over the weekend...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.19 views

Fedora 27 : python-copr (2017-1fbb5ccbd6)

Change default COPR URL route from http://copr.fedoraproject.org to https://copr.fedorainfracloud.org Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

5.5AI score
Exploits0References3
OpenVAS
OpenVAS
added 2018/01/10 12:0 a.m.279 views

Microsoft Word 2010 Service Pack 2 Multiple RCE Vulnerabilities (KB4011659)

This host is missing a critical security update according to Microsoft KB4011659 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.7AI score0.95121EPSS
Exploits7References3
Openbugbounty
Openbugbounty
added 2018/01/07 4:39 a.m.24 views

adyen.com XSS vulnerability

Open Bug Bounty ID: OBB-495955 Description| Value ---|--- Affected Website:| adyen.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on...

6.4AI score
Exploits0
Veracode
Veracode
added 2018/01/04 7:36 a.m.12 views

Man-in-the-Middle (MitM)

github.com/nlopes/slack is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists due to the usage of hardcoded non-HTTPS Slack API URL...

6.5AI score
Exploits0
OpenVAS
OpenVAS
added 2018/01/04 12:0 a.m.29 views

Debian: Security Advisory (DLA-823-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.07486EPSS
Exploits0References3
Hacker One
Hacker One
added 2017/12/27 3:57 p.m.70 views

LocalTapiola: Secure Client-Initiated Renegotiation

Renegotiation can open the door to attacks. There are two primary worries: CVE-2009-3555: This vulnerability allows a “man-in-the-middle” attacker to inject data into an HTTPS session and execute requests on behalf of the victim. Refer to CVE-2009-3555 for more details. Denial of Service DoS:...

5.8CVSS6.8AI score0.87264EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2017/12/26 12:0 a.m.66 views

F5 Networks BIG-IP : Apache HTTPD vulnerability (K83043359)

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port. CVE-2017-3169 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

9.8CVSS6.8AI score0.19953EPSS
Exploits0References2
OSV
OSV
added 2017/12/19 11:29 p.m.4 views

CVE-2017-17763

SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection...

7.5CVSS5.9AI score0.0109EPSS
Exploits1References1
Prion
Prion
added 2017/12/19 11:29 p.m.10 views

Design/Logic Flaw

SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection...

7.6CVSS7.8AI score0.0109EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/12/19 11:29 p.m.21 views

CVE-2017-17763

SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection...

7.6CVSS7.8AI score0.0109EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/19 11:0 p.m.18 views

CVE-2017-17763

SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection...

7.8AI score0.0109EPSS
Exploits1References1
CVE
CVE
added 2017/12/19 11:0 p.m.45 views

CVE-2017-17763

SuperBeam versions up to 4.1.3 are affected when using LAN or WiFi Direct Share. The issue is that file transfers do not use HTTPS or any integrity-protection mechanism, enabling a remote attacker to send crafted files (e.g., via APK injection). Affected component: the LAN/WiFi Direct sharing cha...

7.6CVSS7.7AI score0.0109EPSS
Exploits1References1Affected Software1
Kitploit
Kitploit
added 2017/12/16 1:1 p.m.52 views

Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs...

7.3AI score
Exploits0References3
NVD
NVD
added 2017/12/16 2:29 a.m.14 views

CVE-2017-3194

Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle MITM attacks...

8.1CVSS7.7AI score0.01282EPSS
Exploits0References4
NVD
NVD
added 2017/12/16 2:29 a.m.11 views

CVE-2017-3190

Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and earlier fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle MITM attacks...

7.5CVSS7.3AI score0.00423EPSS
Exploits0References3
Rows per page
Query Builder