Lucene search
+L

9591 matches found

exploitpack
exploitpack
added 2010/04/01 12:0 a.m.14 views

Zabbix 1.8.1 - SQL Injection

Zabbix 1.8.1 - SQL Injection ============================================= - Release date: April 1st, 2010 - Discovered by: Dawid Golunski - Severity: High ============================================= I. VULNERABILITY ------------------------- Zabbix = 1.8.1 SQL Injection II. BACKGROUND...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/03/18 12:0 a.m.12 views

Google Chrome < 4.1.249.1036 Multiple Vulnerabilities

Binary data 800911.prm...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/03/18 12:0 a.m.42 views

Google Chrome < 4.1.249.1036 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is prior to 4.1.249.1036. It is, therefore, affected by multiple vulnerabilities : - Multiple race conditions and pointer errors in the sandbox infrastructure. Issue 28804, 31880 - An error relating to persisted metadata such as Web...

10CVSS5.9AI score0.02567EPSS
Exploits4References10
ThreatPost
ThreatPost
added 2010/03/17 4:39 p.m.10 views

Mapping the Criminal-ISP Infrastructure

According to a report issued today, eight networks connect directly to the botnet-hosting ISP Troyak and four other upstream providers that “surround the malicious core,” and help to “mask the true malware-hosting armada and provide solid uptime to the malware servers” for ZeuS botnets, Gozi, and...

1.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/02/24 3:44 p.m.14 views

What If Bill Gates Never Wrote the Trustworthy Computing Memo?

The security industry has undergone massive changes in the last 15 years, and in some cases it’s hard to imagine what things would be like had these events not taken place. Think of a world in which Google focuses on security and privacy and Microsoft never started Trustworthy Computing, and you...

8.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2010/02/12 4:49 p.m.12 views

Energy, Chemical Companies Are Malware Targets

Critical infrastructure organizations, such as those in the energy, oil, pharmaceutical and chemical sectors, encountered at least twice as much web malware as other organizations during 2009, researchers found. Read the full article. Secure Computing...

2.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/02/11 5:43 p.m.9 views

U.S. Gov to Simulate Cyber Attack Next Week

Security industry analysts and lawmakers will get an unprecedented chance next week to evaluate how the government might respond to a cyber-attack on critical infrastructure targets. Read the full article. Computerworld...

2.3AI score
Exploits0References2
Fedora
Fedora
added 2010/01/28 1:4 a.m.53 views

[SECURITY] Fedora 11 Update: zabbix-1.6.8-1.fc11

ZABBIX is software that monitors numerous parameters of a network and the health and integrity of servers. ZABBIX uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. ZABBIX offers...

7.5CVSS1.8AI score0.0853EPSS
Exploits0
Fedora
Fedora
added 2010/01/28 12:59 a.m.42 views

[SECURITY] Fedora 12 Update: zabbix-1.6.8-1.fc12

ZABBIX is software that monitors numerous parameters of a network and the health and integrity of servers. ZABBIX uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. ZABBIX offers...

7.5CVSS1.8AI score0.0853EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/01/27 12:0 a.m.13 views

Trojan: Aurora.Hydraq (CVE-2010-0249)

The Hydraq Trojan also known as Aurora was being used in the recent attack against Google and other large companies. A then unpatched Internet Explorer vulnerability CVE-2010-0249 was used as one of the propagation vectors for this Trojan. The intent of the trojan is to open a back door on a...

9.3CVSS6.1AI score0.91885EPSS
Exploits16
ThreatPost
ThreatPost
added 2010/01/13 1:27 a.m.13 views

Adobe Confirms 'Coordinated, Sophisticated' Cyber Attack

In an attack described as “sophisticated” and “coordinated,” Adobe said its corporate network systems were breached by hackers. The company said the attack also affected other unnamed companies. Adobe did not provide any other details except to say it was aware of the breach on January 2, 2010...

1.2AI score
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2009/12/29 12:0 a.m.6 views

Microsoft Windows SharePoint Services Cross Site Scripting (MS07-059; CVE-2007-2581)

Microsoft Windows SharePoint Services WSS is an add-on component of Windows Server. WSS is based on IIS and ASP.NET technologies, providing a basic portal infrastructure, collaborative editing of documents, document organization, and version control capabilities. SharePoint functionality is expos...

4.3CVSS6.8AI score0.36226EPSS
Exploits1
NVD
NVD
added 2009/12/16 6:30 p.m.35 views

CVE-2009-4326

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature DPF is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicti...

4.3CVSS6.3AI score0.0179EPSS
Exploits0References9
Prion
Prion
added 2009/12/16 6:30 p.m.24 views

Code injection

The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service memory consumption via unspecified vectors...

5CVSS6.8AI score0.02352EPSS
Exploits0References9Affected Software1
Prion
Prion
added 2009/12/16 6:30 p.m.22 views

Code injection

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature DPF is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicti...

4.3CVSS6.9AI score0.0179EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2009/12/16 6:0 p.m.39 views

CVE-2009-4326

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature DPF is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicti...

6.3AI score0.0179EPSS
Exploits0References9
CVE
CVE
added 2009/12/16 6:0 p.m.71 views

CVE-2009-4326

The CVE-2009-4326 issue affects IBM DB2 9.5 before FP5 and 9.7 before FP1 when the Database Partitioning Feature (DPF) is used. The RAND scalar function in the Common Code Infrastructure can produce repeating values, which may allow an attacker to predict randomness and defeat protection mechanis...

4.3CVSS6.2AI score0.0179EPSS
Exploits0References9Affected Software1
Packet Storm
Packet Storm
added 2009/12/08 12:0 a.m.35 views

TANDBERG Remote Denial Of Service

Security Advisory Platform : TANDBERG Date : November 6, 2009 Affected : All MXP FIPS140 Current as of December 8, 2009 Tested : F8.2, F8.0, F7.2, F6.3 Unconf : VCS, BC, C90 Author : otokoyama Problem Description: Issues with the H.225 RAS implementation in TANDBERG Codecs. This has been confirme...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/12/06 12:0 a.m.43 views

TANDBERG vF8.2 F8.0 F7.2 and F6.3 Remote Denial of Service

No description provided by source. Security Advisory Platform : TANDBERG Date : November 6, 2009 Affected : All MXP FIPS140 Current as of December 8, 2009 Tested : F8.2, F8.0, F7.2, F6.3 Unconf : VCS, BC, C90 Author : otokoyama Problem Description: Issues with the H.225 RAS implementation in...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2009/11/18 5:4 p.m.12 views

Losing the Echo Chamber in the Critical Infrastructure Security Debate

As an analyst, and now as a consultant, I raise issues of digital and physical security: let’s talk about them, in plain terms, and collectively move to do something. As a member of the security digerati, I think we should be helping people, and we have to either step up with a better way forward...

7.4AI score
Exploits0References5
Rows per page
Query Builder