44 matches found
EUVD-2017-16334
Malware in sbrugna...
EUVD-2009-3683
Malware in sbrugna...
EUVD-2017-14747
Malware in sbrugna...
CVE-2009-3710
RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username dbadmin and password sq!us3r for an SSH tunnel, which allows remote attackers to gain privileges via port 8022...
christianrioshaircouture.com Cross Site Scripting vulnerability OBB-3913473
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
web.arc.losrios.edu Cross Site Scripting vulnerability OBB-3185802
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Qualys Cloud Platform 8.22 New Features (VM, PC)
Update December 11, 2019: See additional details about this release. The 8.22.0 release adds several new features in Qualys Cloud Platform, adds a new API in Policy Compliance and support for 2 new technologies for OCA. Feature Highlights Qualys Cloud Platform Support for DNS tracking – You can n...
Qualys Cloud Platform 8.21.7 New Features
Update November 27, 2019: The features referenced in this blog post will be released in Qualys Cloud Platform release 8.22. Update November 19, 2019: The features referenced in this blog post will be released in the next Qualys Cloud Platform release scheduled for December 2019, and will be...
confing (>=0.1.0 <=0.1.4), prismh-core (>=0.1.0 <=0.4.0) +1 more potentially affected by CVE-2017-18361 via colander (>=1.0.0 <=1.4.0)
colander PYPI version =1.0.0, =0.1.0, =0.1.0, =0.5.0, =0.8.3 Source cves: CVE-2017-18361 Source advisory: OSV:GHSA-RV95-4WXJ-6FQQ...
Researcher Billy Rios, Talks Medical Device Security at RSA Conference 2018
Researcher Billy Rios, founder of WhiteScope, discusses medical device hacking at RSA Conference 2018 with Threatpost’s Tom Spring. Rios also talks about his work where he demonstrated how an attacker could remotely hack an internet-connected car wash and used it to attack and damage vehicles...
CVE-2017-7306
Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that...
CVE-2017-5670
Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program not shred or srm, which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks...
Design/Logic Flaw
DISPUTED Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The produc...
CVE-2017-7307
Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file...
Design/Logic Flaw
Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file...
CVE-2017-7307
Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file...
CVE-2017-7305
Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contain...
CVE-2017-7305
Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism via a crafted boot. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contain...
Design/Logic Flaw
Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program not shred or srm, which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks...
Default credentials
DISPUTED Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor...