Lucene search
K

68 matches found

Cvelist
Cvelist
added 2018/01/10 6:0 p.m.17 views

CVE-2014-4998

test/tcdatabase.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...

7.5AI score0.00522EPSS
Exploits1References3
CVE
CVE
added 2018/01/10 6:0 p.m.45 views

CVE-2014-4998

The CVE-2014-4998 issue affects the lean-ruport Ruby gem (version 0.3.8). The vulnerability arises from test/tc_database.rb placing the MySQL password on the mysqldump command line, allowing a local attacker to obtain sensitive information by listing the process. Connected documents corroborate t...

7.8CVSS7.4AI score0.00522EPSS
Exploits1References3Affected Software1
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/12/12 1:0 p.m.16 views

Applying Lean to Information Risk Management

Lean Manufacturing brings significant benefits to industry, including cost reduction, quality improvement, reduced cycle time, and greater customer satisfaction See “The Machine that Changed the World”, Womak, J., Jones, D., and Roos, D., Free, Press, 1990 for the groundbreaking analysis of...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/07/19 1:21 p.m.93 views

Rapid7 acquires Komand for security orchestration and automation

Today, Rapid7 announced the acquisition of Komand, an orchestration and automation solution for both security and IT teams. You can read the formal announcement here, but I wanted to share a little bit about why Im so excited about this acquisition. Komand has been bold. Theyve been unafraid to...

6.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2017/03/21 4:18 p.m.9 views

DevOps, Automation, Security and Compliance

Phew, the title of this post alone sounds like it could be quite a lot to deal with! So what is DevOps? DevOps is simply the blending of infrastructure operations processes and software development to enable faster changes to business applications/technology. These processes share a lot of ideolo...

1.8AI score
Exploits0
ICS
ICS
added 2015/11/27 12:0 a.m.222 views

Siemens SIMATIC Communication Processor Vulnerability (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Communication Processor Vulnerability: Authentication Bypass Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-15-335-03...

9.7CVSS6.8AI score0.02149EPSS
Exploits0References10
RubySec
RubySec
added 2014/06/30 12:0 a.m.23 views

lean-ruport Gem for Ruby /test/tc_database.rb Process Table Local Plaintext MySQL Password Disclosure

lean-ruport Gem for Ruby contains a flaw in /test/tcdatabase.rb that is due to the application exposing MySQL password information in plaintext in the process table. This may allow a local attacker to gain access to MySQL password information...

7.8CVSS6.8AI score0.00522EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2011/01/18 10:17 a.m.5 views

Hackers will not be deterred by UK cyber defences !

Military "cyber weaponry" will become commonplace this century, but it will be unlikely to deter attacks by "hacktivists" and criminal gangs, and could easily be used for state-sponsored cyber attacks instead, the Organisation for Economic Co-operation and Development warns. The British authors o...

6.6AI score
Exploits0
Rows per page
Query Builder