3094 matches found
The vulnerability of the Automated Note Search Tool component of the SAP Basis system management platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Automated Note Search Tool component of the SAP Basis system management platform is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
url.hqhl.net Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1087920 Security Researcher g0bl1nsec Helped patch 3735 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting url.hqhl.net website and...
DEBIAN-CVE-2020-8516
The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to discover circuit information. NOTE: The network team of Tor claims this is an intended behavior and...
Unspecified Vulnerability in SAP Basis Automated Note Search Tool
SAP Basis is a content management system. A security vulnerability exists in SAP Basis Automated Note Search Tool. An attacker could exploit the vulnerability to read sensitive information...
Threat Analysis Unit (TAU) Threat Intelligence Notification: Snatch Ransomware
During the end of the year 2019, a ransomware named ‘Snatch” was discovered. Snatch ransomware will force Windows to reboot in Safe Mode where most of the software and system drivers will not be running in order to perform the file encryption process. Similar to the other variants of ransomware, ...
Threat Analysis Unit (TAU) Threat Intelligence Notification: SatanCryptor Ransomware
In early January 2020, a new ransomware named ‘SatanCryptor’ was discovered. After it performs file encryption, it will drop a ransom note named “ SATAN CRYPTOR .hta” and append ‘.satan’ as a file extension to the encrypted files. In addition, SatanCryptor will delete itself after the execution t...
CVE-2020-6307
Automated Note Search Tool update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54 does not perform sufficient authorization checks leading to the reading of sensitive information...
CVE-2020-6307
Automated Note Search Tool update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54 does not perform sufficient authorization checks leading to the reading of sensitive information...
Authorization
Automated Note Search Tool update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54 does not perform sufficient authorization checks leading to the reading of sensitive information...
CVE-2020-6307
The CVE-2020-6307 issue affects SAP Basis Automated Note Search Tool across SAP Basis versions 7.00 to 7.54, where insufficient authorization checks allow reading of sensitive information. Multiple connected sources (Red Hat advisory, NVD entry, vendor notes, and Symantec writeup) corroborate an ...
CVE-2020-6307
Automated Note Search Tool update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54 does not perform sufficient authorization checks leading to the reading of sensitive information...
SAP Basis Automated Note Search Tool CVE-2020-6307 Remote Authorization Bypass Vulnerability
Description SAP Basis is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Automated Note Search Tool SAP Basis 7.00 SAP Basis 7.01 SAP Basis 7.0...
Threat Analysis Unit (TAU) Threat Intelligence Notification: DeathRansom Ransomware
During mid-November, a new ransomware named ‘DeathRansom” was found being distributed. Similar to the other variants of ransomware, it will perform the deletion of volume shadow copies to ensure all the data cannot be restored easily. After the DeathRansom performs file encryption, it will drop...
New Zeppelin Ransomware Targeting Tech and Health Companies
A new variant of Vega ransomware family, dubbed Zeppelin, has recently been spotted in the wild targeting technology and healthcare companies across Europe, the United States, and Canada. However, if you reside in Russia or some other ex-USSR countries like Ukraine, Belorussia, and Kazakhstan,...
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack Exploit
// Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 85724947 = 00000000051c0f13 const XulsAutomationPrefIsSet = 0x051c0f13...
Dolibarr <= 9.0.5 Multiple Vulnerabilities
Dolibarr is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dolibarr:dolibarr"; ifdescription...
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
Mozilla FireFox Windows 10 x64 - Full Chain Client Side Attack // Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 8572494...
CVE-2012-4525
creationtimestamp| type| source ---|---|--- 2019-12-03 15:39:47+00:00| seen| https://t.me/VulnerabilityNews/11051 2019-12-03 16:03:07+00:00| seen| https://t.me/cibsecurity/8455 2019-12-03 16:03:43+00:00| seen| https://t.me/cibsecurity/8456 2019-12-03 18:02:20+00:00| seen|...
Xiaomi Mi Note 2 is vulnerable
Xiaomi Mi Note 2 is a smartphone from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in the com.miui.powerkeeper app in Xiaomi Mi Note 2 build fingerprint: Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys. An attacker can exploit this vulnerability to make...
BELL-CVE-2019-19221 CVE-2019-19221 does not affect BellSoft software
Bulletin has no description...