7921 matches found
Design/Logic Flaw
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a 1 NVMe or 2 MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an...
CVE-2015-8946
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2015-8946
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors...
nightHawkResponse - Incident Response Forensic Framework
Custom built application for asynchronus forensic data presentation on an Elasticsearch backend. This application is designed to ingest a Mandiant Redline "collections" file and give flexibility in search/stack and tagging. The application was born out of the inability to control multiple...
Incident Response Forensic Framework: nightHawk Response
Incident Response Forensic Framework Custom built application for asynchronus forensic data presentation on an ElasticSearch backend. This application is designed to ingest a Mandiant Redline “collections” file and give flexibility in search/stack and tagging. The application was born out of the...
Incorrect setup of external storage - ownCloud
The external storage functionality as implemented in ownCloud 9.0.x before 9.0.2 is improperly setting up external storages when multiple groups have been granted access to an external storage and a user is member of both groups. The storage class is setup without any setup information, leading t...
Server: Incorrect setup of external storage
The external storage functionality as implemented in ownCloud 9.0.x before 9.0.2 is improperly setting up external storages when multiple groups have been granted access to an external storage and a user is member of both groups. The storage class is setup without any setup information, leading t...
Error "Citrix License Server unavailable. Check the License Server to Make Sure It Is Running"
When setting up XenDesktop 7.1 or higher, the licensing node displays the following error message, "Citrix License Server unavailable. Check the license server to make sure it is running." Reference Screenshot:...
Bug Tracker 2.7.1 Information Disclosure
======================================================================== | Title : Bug Tracker V 2.7.1 database disclosure vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : https://www.twbsd.org/demo/...
The vulnerability of the Android operating system, which allows a hacker to bypass security measures and delete data
The vulnerability of the Setup Wizard component in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker acting locally to bypass security measures and delete data...
AntiRansom - Fighting against Ransomware using Honeypots
AntiRansom is a tool capable of detect and stop attacks of Ransomware using honeypots. First, Anti Ransom creates a random decoy folder with many useless random documents Excel, PDF and then it monitors the folder waiting for changes. When a change is detected, AntiRansom tries to identify wich...
phpMyAdmin BBCode injection vulnerability
phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in the...
Symphony CMS Session Fixation Vulnerability
Symphony CMS is prone to a session fixation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2016-5730
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1 an array value to FormDisplay.php, 2 incorrect data to validate.php, 3 unexpected data to Validator.php, 4 a missing config directory...
CVE-2016-5701
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...
CVE-2016-5701
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...
UBUNTU-CVE-2016-5730
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1 an array value to FormDisplay.php, 2 incorrect data to validate.php, 3 unexpected data to Validator.php, 4 a missing config directory...
CVE-2016-5701
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI...
CVE-2016-4824
The CVE-2016-4824 issue affects Corega CG-WLR300GNV and CG-WLR300GNV-W wireless routers. The WPS PIN authentication implementation does not limit the number of attempts, enabling authenticated brute-force attempts from within wireless range to recover the PIN and gain network access. Affected com...
CVE-2016-4824
The Wi-Fi Protected Setup WPS implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack...