63 matches found
General Motors collected location & radio listening habits data of 90,000 drivers
By Waqas The listening habits of around 90,000 drivers of General Motors in Chicago and Los Angeles were monitored by the company for three months in 2017 under its radio-tracking program. The Detroit Free Press reported later released a report that General Motors was involved in targeted...
Threat Outbreak Alert RuleID25413: Email Messages Distributing Malicious Software on October 4, 2016
Medium Alert ID: 49181 First Published: 2016 October 4 14:54 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID25413 may contain the following files: Name |...
CVE-2014-2329
Multiple cross-site scripting XSS vulnerabilities in CheckMK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the 1 agent string for a checkmk agent, a 2 crafted request to a monitored host, which is not properly handled by the...
CVE-2014-2329
Multiple cross-site scripting XSS vulnerabilities in CheckMK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the 1 agent string for a checkmk agent, a 2 crafted request to a monitored host, which is not properly handled by the...
CVE-2014-2329
Check_MK is affected in versions before 1.2.2p3 and 1.2.3x before 1.2.3i5 by multiple cross-site scripting (XSS) vulnerabilities due to improper validation of user input. An authenticated remote attacker can inject arbitrary script via the (1) agent string for a check_mk agent, (2) a crafted requ...
thermostat: world-readable configuration file containing credentials
It was discovered that the Thermostat web application stored database authentication credentials in a world-readable configuration file. A local user on a system running the Thermostat web application could use this flaw to access and modify monitored JVM data, or perform actions on connected JVM...
ntopng 1.2.0 - Cross-Site Scripting Injection
ntopng 1.2.0 - Cross-Site Scripting Injection ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based...
SGI IRIX 6.5.x FAM Arbitrary Root Owned Directory File Listing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5487/info fam is a freely available, open source file alteration monitor. It is maintained and distributed by SGI, and will work on the Linux and Unix operating systems. It is possible for a user to execute fam to discove...
Veeam ONE v7 R2 update
Challenge Release Notes for Veeam ONE v7 R2 update Cause Please confirm you are running version 7.0.0.876 prior to installing this update. You can check this under Help | About in Veeam ONE Monitor Client. After upgrading, your build will be version 7.0.0.919. This update should be applied to...
CVE-2013-2980
Cross-site request forgery CSRF vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to hijack the authentication of arbitrary users for requests that access monitored database information...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to hijack the authentication of arbitrary users for requests that access monitored database information...
CVE-2013-2980
Cross-site request forgery CSRF vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to hijack the authentication of arbitrary users for requests that access monitored database information...
FBI sponsored Ragebooter DDoS attack service
A website that can be described as "DDoS for hire" is perfectly legitimate, according to the owner. Malicious sites that offer attack services are not strangers on the Internet, but web sites sponsored by law enforcement is another story altogether. Ragebooter, is one of many sites that accepts...
OPC UA Delete Monitored Items Request Command
...
OPC UA Modify Monitored Items Response Command
...
OPC UA Create Monitored Items Request Command
...
OPC UA Modify Monitored Items Request Command
...
OPC UA Monitored Item Create Request Command
...
OPC UA Delete Monitored Items Response Command
...
OPC UA Monitored Item Modify Request Command
...