Lucene search
K

7925 matches found

Prion
Prion
added 2018/06/12 1:29 p.m.14 views

Default credentials

ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. When engine-setup was run and one chooses to provision the database manually or connect to a remote database, the password input was logged in cleartext during the verification step...

2.1CVSS8.2AI score0.00353EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/06/08 7:29 p.m.17 views

Design/Logic Flaw

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

4CVSS6.4AI score0.01947EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/06/08 7:29 p.m.20 views

CVE-2018-1281

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

6.5CVSS6.4AI score0.01947EPSS
Exploits0References1
OSV
OSV
added 2018/06/08 7:29 p.m.24 views

CVE-2018-1281

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

6.5CVSS6.6AI score
Exploits0References1
CVE
CVE
added 2018/06/08 7:0 p.m.48 views

CVE-2018-1281

CVE-2018-1281 involves Apache MXNet in clustered deployments. The root cause is that in versions older than 1.0.0, the MXNet scheduler can be made to listen on 0.0.0.0 instead of the user-specified DMLC_PS_ROOT_URI/DMLC_PS_ROOT_PORT when a scheduler node initializes. This misconfiguration causes ...

6.5CVSS6.3AI score0.01947EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/08 7:0 p.m.20 views

CVE-2018-1281

The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLCPSROOTURI and DMLCPSROOTPORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLCPSROOTURI onc...

6.4AI score0.01947EPSS
Exploits0References1
Citrix
Citrix
added 2018/06/04 12:0 a.m.10 views

How to Collect Support Bundle from XenMobile Server CLI using FileZilla

This article describes how to collect XenMobile support bundle with FileZilla. FileZilla can be installed locally and act as FTP server...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2018/06/03 10:30 p.m.21 views

Backdoorme - Powerful Auto-Backdooring Utility

Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time. Once an SSH connection has been established with the target,...

8AI score
Exploits0References1
Circl
Circl
added 2018/05/29 3:50 p.m.7 views

CVE-2013-10061

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netgeardgn1000bsetupexec.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

8.6CVSS5.7AI score0.04391EPSS
Exploits1References1
n0where
n0where
added 2018/05/24 6:52 p.m.23 views

Windows Packer Project for Defenders: DARKSURGEON

Darksurgeon is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. Darksurgeon has three stated goals: Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment...

Exploits0References1
Kitploit
Kitploit
added 2018/05/22 10:0 p.m.16 views

Acunetix v12 - More Comprehensive, More Accurate and now 2X Faster

In-depth analysis of JavaScript-rich sites and Single Page Applications Acunetix, the pioneer in automated web application security software, has announced the release of version 12. This new version provides support for JavaScript ES7 to better analyse sites which rely heavily on JavaScript such...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/05/22 2:48 a.m.72 views

Important: Red Hat Security Advisory: rhvm-setup-plugins security update

An update for rhvm-setup-plugins is now available for Red Hat Virtualization Engine 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.5CVSS7.1AI score0.60631EPSS
Exploits2References3
Citrix
Citrix
added 2018/05/22 12:0 a.m.8 views

Error: "Http/1.1 Internal Server Error 43531" When Enrolling Device to XenMobile

MAM enrollment is failing with below errors: 1. While authenticating from the Gateway Web Page -"Http/1.1 Internal Server Error 43531" 2. While attempting from the mobile device - "Enrollment Failed - There's a prblem with the server setup. Please contact your administrator"...

7.1AI score
Exploits0
OSV
OSV
added 2018/05/18 4:29 a.m.4 views

CVE-2018-11232

The etmsetupaux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service panic because a parameter is incorrectly used as a local variable...

5.5CVSS5.4AI score
Exploits0References3
Exploit DB
Exploit DB
added 2018/05/17 12:0 a.m.47 views

Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery

Exploit Title: Powerlogic Schneider Electric IONXXXX Series - Cross-Site Request Forgery Date: 2018-05-17 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.schneider-electric.com/ Version: ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, PM5XXX series. Tested o...

8.8CVSS8.8AI score0.02045EPSS
Exploits4
Kitploit
Kitploit
added 2018/05/16 10:30 p.m.86 views

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application For iOS

This is a Swift version of original iGoat Objective C project. Using OWASP iGoat, you can learn exploiting and defending vulnerabilities in iOS Swift applications. Developed using Swif 4 and Ruby iGoat Objective C was presented at: OWASP TOP 10 Mobile Reverse Engineering Runtime Analysis Data...

7.7AI score
Exploits0References2
Kitploit
Kitploit
added 2018/05/16 2:37 p.m.25 views

DNSBin - Tool To Test Data Exfiltration Through DNS (RCE and XXE)

DNSBin is a simple tool to test data exfiltration through DNS and help test vulnerability like RCE or XXE when the environment has significant constraint. The project is in two parts, the first one is the web server and it's component. It offers a basic web UI, for most cases you won't need more...

7.1AI score
Exploits0References2
CNVD
CNVD
added 2018/05/15 12:0 a.m.4 views

Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC Intel wireless driver and related software DLL injection vulnerabilities

Intel Dual Band Wireless-AC, Tri-Band Wireless-AC, and Wireless-AC are wireless NIC products from Intel Corporation.Intel wireless drivers is one of the wireless NIC drivers.Autorun.exe is one of the Autorun.exe is an executable file; Setup.exe is an installation file. A security vulnerability...

7.8CVSS7.9AI score0.00552EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/11 12:0 a.m.2 views

hyperstart denial of service vulnerability

HyperHQ Hyper is a layered system based on virtualization. hyperstart is one of the launchers. A security vulnerability exists in the 'containersetupmodules' and 'hyperrescanscsi' functions of the container.c file in hyperstart version 1.0.0 in HyperHQ Hyper. ' functions contain a security...

5.3CVSS6.7AI score0.01377EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/05/07 12:0 a.m.513 views

Unprotected Web App / Device Installers (HTTP)

The script attempts to identify installation/setup pages of various web apps/devices that are publicly accessible and not protected by e.g. account restrictions or having their setup finished. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced...

7AI score
Exploits0
Rows per page
Query Builder