10 matches found
EUVD-2014-6861
Malware in sbrugna...
AlienVault OSSIM NBE Protocol SQL Injection Vulnerability
AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM handles the NBE protocol with an SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries ...
Alienvault OSSIM/USM Multiple Vulnerabilities
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
Alienvault OSSIMUSM 4.144.155.0 - Multiple Vulnerabilities
Alienvault OSSIMUSM 4.144.155.0 - Multiple Vulnerabilities Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely...
Alienvault OSSIM/USM 4.x / 5.0 XSS / SQL Injection / Command Execution
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
CVE-2014-6983
The NBE aka com.nbe.app application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The NBE aka com.nbe.app application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6983
CVE-2014-6983 affects the NBE (com.nbe.app) Android application, version 1.1, which does not verify X.509 certificates from SSL servers. This allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. The NVD reports a base score of 5.4 (Medium...
CVE-2014-6983
The NBE aka com.nbe.app application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...