Lucene search
K

257 matches found

The Hacker News
The Hacker News
added 2019/12/18 6:32 p.m.6 views

Google Offers Financial Support to Open Source Projects for Cybersecurity

Besides rewarding ethical hackers from its pocket for responsibly reporting vulnerabilities in third-party open-source projects, Google today announced financial support for open source developers to help them arrange additional resources, prioritizing the security of their products. The...

5.8AI score
Exploits0
pentestit
pentestit
added 2019/06/10 6:3 a.m.666 views

UPDATE: OWASP Dependency-Check 5.0.0

PenTestIT RSS Feed My first post about this open source OWASP project was about an older version. About 18 hours ago, a new version was released. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP...

6.5CVSS0.5AI score0.79176EPSS
Exploits1
Microsoft Secure
Microsoft Secure
added 2019/02/04 5:0 p.m.18 views

Announcing the new Security Engineering website

To meet users’ expectations for security when using a product or cloud service, security must be an integral part of all aspects of the lifecycle. We all know this, and yet time has proven that this is far easier said than done because there is no single approach nor silver bullet that works in...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2018/11/27 7:58 a.m.3 views

Rogue Developer Infects Widely Used NodeJS Module to Steal Bitcoins

A widely used third-party NodeJS module with nearly 2 million downloads a week was compromised after one of its open-source contributor gone rogue, who infected it with a malicious code that was programmed to steal funds stored in Bitcoin wallet apps. The Node.js library in question is...

6.7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.55 views

Security Bulletin: Open Source Apache HTTP Server Vulnerabilities which is used by IBM PureApplication Systems (CVE-2016-0736 CVE-2016-2161 CVE-2016-8743)

Summary A vulnerability in Open Source Apache HTTP Server affects the PureSystems® Managers used by IBM PureApplication System. Vulnerability Details CVEID: CVE-2016-0736 DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by an error in modsessioncrypt...

7.5CVSS0.7AI score0.49024EPSS
Exploits4Affected Software1
CNVD
CNVD
added 2018/03/28 12:0 a.m.5 views

AlienVault USM and OSSIM Remote Code Execution Vulnerabilities

AlienVault USM and OSSIM are both products of AlienVault Inc. of the U.S. USM is a set of security management platform that provides security monitoring, security event management and reporting, threat awareness system, etc. OSSIM is an open source security information management system. A securi...

9.8CVSS6.9AI score0.02488EPSS
Exploits0References1
Carbon Black Blog
Carbon Black Blog
added 2018/01/04 2:25 p.m.22 views

January 4, 2017 – Morning Cyber Coffee Headlines – “Scrabble” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! January 4, 2018 - Headlines Carbon Black in the News: Ransomware: The Problem...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/12/07 12:0 a.m.9 views

The vulnerability of the NfSen web interface, the system for management, control, and information security management of AlienVault USM and OSSIM, is related to deficiencies in access control. This allows attackers to enhance their privileges and execute arbitrary commands on the operating system.

The vulnerability of the NfSen web interface, as well as the systems for management, control, and information security management of AlienVault USM and OSSIM, is related to deficiencies in access control. Exploitation of this vulnerability can allow a malicious actor to enhance their privileges a...

10CVSS8.1AI score0.14603EPSS
Exploits3References5Affected Software3
CNVD
CNVD
added 2017/03/23 12:0 a.m.5 views

AlienVault USM/OSSIM/NfSen Remote Code Execution Vulnerability

AlienVault USM and OSSIM are both products of AlienVault, Inc. in the U.S. USM is a security management platform that provides security monitoring, security event management and reporting, and a threat awareness system, among other features.OSSIM is an open-source security information management...

9CVSS7.2AI score0.16179EPSS
Exploits5References1
OSV
OSV
added 2013/08/20 2:56 p.m.3 views

UBUNTU-CVE-2013-5321

Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management OSSIM 4.1 allow remote attackers to execute arbitrary SQL commands via the 1 sensor parameter in a Query action to forensics/baseqrymain.php; the 2 tcpflags or 3 tcpport04 parameter to...

7.5CVSS6.2AI score0.01403EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2011/10/21 2:33 p.m.9 views

OSSAMS - Open Source Security Assessment Management System

OSSAMS - Open Source Security Assessment Management System As information security professionals, we conduct security assessments for companies. One of the biggest problems we have is after all the data is collected, how can we correlate the data accurately. So we decided to start a project to...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2011/10/21 2:33 p.m.6 views

OSSAMS - Open Source Security Assessment Management System

OSSAMS - Open Source Security Assessment Management System As information security professionals, we conduct security assessments for companies. One of the biggest problems we have is after all the data is collected, how can we correlate the data accurately. So we decided to start a project to...

7.1AI score
Exploits0
GithubExploit
GithubExploit
added 2011/08/30 6:13 a.m.12 views

metasploit-framework

Metasploit Framework The Metasploit Framework is an open-sour...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2010/03/19 12:0 a.m.12 views

AlienVault OSSIM Detection

Detects the installed version of AlienVault OSSIM Open Source Security Information Management and USM Unified Security Management This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpt...

7.2AI score
Exploits0References1
Cvelist
Cvelist
added 2009/09/28 10:0 p.m.18 views

CVE-2009-3440

Cross-site scripting XSS vulnerability in Open Source Security Information Management OSSIM before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the option parameter to the default URI aka the main menu...

5.7AI score0.01452EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/03/01 12:0 a.m.27 views

[SECURITYREASON.COM] PostNuke SQL Injection 0.760-RC2=>x cXIb8O3.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2001/01/11 12:0 a.m.45 views

Advisory CA-2001-01

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-01 Interbase Server Contains Compiled-in Back Door Account Original release date: January 10, 2001 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Borland/Inprise Interbase 4.x and 5...

10CVSS0.07024EPSS
Exploits1
Rows per page
Query Builder