Lucene search
+L

457 matches found

ThreatPost
ThreatPost
added 2013/06/20 2:15 p.m.9 views

Yahoo ID recycling plan criticized

Yahoo has gone on the defensive this week, responding to critics who have concerns about a heightened risk for social engineering scams and identity theft that could result from the company’s forthcoming plan to recycle inactive user IDs. The Sunnyvale, Calif. search engine announced plans last...

1.2AI score
Exploits0References2
Oracle linux
Oracle linux
added 2013/02/22 12:0 a.m.45 views

pam security, bug fix, and enhancement update

1.1.1-13 - fix environment file handling problems - CVE-2011-3148 746619 and CVE-2011-3148 746620 1.1.1-12 - add character sequence test to pamcracklib - drop unused difignore option from pamcracklib 811243 - add enforceforroot option to pamcracklib 588893 - mention limits.d in the limits.conf5...

4.6CVSS0.5AI score0.00696EPSS
Exploits0
ThreatPost
ThreatPost
added 2012/11/29 6:47 p.m.11 views

Malicious Browser Add-On Guides Victims to Phishing Sites

Phishers are using a typosquatted domain name designed to mimic the URL of a popular e-commerce destination in order to lure their victims to a malicious Website that prompts its visitors to download a malicious add-on that will guide users to phishing sites, even when they type legitimate URLs...

1.7AI score
Exploits0References1
Atlassian
Atlassian
added 2012/10/17 1:20 p.m.26 views

Inactive users still receiving emails from "Send email" function

The JIRA documentation for deactivating users says, bq. Will not receive any email notifications from JIRA, even if they continue to remain the assignee, reporter, or watchers of issues. However, when users have been marked as inactive they are not excluded from emails sent to groups via the 'Sen...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/10/17 1:20 p.m.23 views

Inactive users still receiving emails from "Send email" function

The JIRA documentation for deactivating users says, bq. Will not receive any email notifications from JIRA, even if they continue to remain the assignee, reporter, or watchers of issues. However, when users have been marked as inactive they are not excluded from emails sent to groups via the 'Sen...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/10/17 1:20 p.m.20 views

Inactive users still receiving emails from "Send email" function

The JIRA documentation for deactivating users says, bq. Will not receive any email notifications from JIRA, even if they continue to remain the assignee, reporter, or watchers of issues. However, when users have been marked as inactive they are not excluded from emails sent to groups via the 'Sen...

0.5AI score
Exploits0
Veeam
Veeam
added 2012/05/05 12:0 a.m.14 views

Exported Report From Veeam ONE Contains Nonfunctional Hyperlinks

Challenge The embedded links in exported Veeam ONE reports are inactive. Cause Embedded links are inactive in all report formats exported directly via Veeam ONE. When SSRS is integrated with Veeam ONE, additional report formats are available, some of which contain active embedded links. Solution...

7AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/12/23 12:0 a.m.17 views

VMware Inactive Virtual Machines

Binary data vmwareinactivevms.nbin...

7.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2011/10/14 10:55 a.m.20 views

CVE-2011-3243

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows...

4.3CVSS5.9AI score0.01982EPSS
Exploits0References1
OSV
OSV
added 2011/10/14 10:55 a.m.2 views

UBUNTU-CVE-2011-3243

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows...

4.3CVSS5.9AI score0.01982EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/04/23 12:0 a.m.34 views

Microsoft Internet Explorer Denial of Service Vulnerability - Apr09

This host is installed with Internet Explorer and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: secpodmsiedosvulnapr09.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Denial of Service Vulnerability - Apr09 Authors: Sharath S Copyright: Copyrig...

4.3CVSS6.6AI score0.14913EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2007/06/19 10:0 p.m.30 views

CVE-2007-3283

GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console...

6.8CVSS4AI score0.00342EPSS
Exploits0
Cvelist
Cvelist
added 2007/03/20 8:0 p.m.26 views

CVE-2007-1535

Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo...

6.6AI score0.11793EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2005/03/23 7:14 p.m.6 views

security flaw

Firefox before 1.0 and Mozilla before 1.7.5 allows inactive background tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."...

5CVSS5.9AI score0.03682EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.18 views

CVE-2002-0674

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication...

6.5AI score0.00378EPSS
Exploits0References4
NVD
NVD
added 2002/07/23 4:0 a.m.14 views

CVE-2002-0674

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication...

7.2CVSS6.5AI score0.00378EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2000/07/03 12:0 a.m.273 views

Microsoft Windows SMB Service Enumeration

This plugin implements the SvcOpenSCManager and SvcEnumServices calls to obtain, using the SMB protocol, the list of active and inactive services of the remote host. An attacker may use this feature to gain better knowledge of the remote host. C Tenable Network Security, Inc. include"compat.inc";...

5.5AI score
Exploits0
Rows per page
Query Builder