Lucene search
K

161 matches found

ThreatPost
ThreatPost
added 2021/10/27 5:0 p.m.38 views

War-Driving Technique Allows Wi-Fi Password-Cracking at Scale

War-driving – the process of driving around mapping residential Wi-Fi networks in hopes of finding a vulnerability to exploit – can still pay off for attackers, apparently: A CyberArk researcher recently found he could easily slice open about 70 percent of Wi-Fi network passwords in one Tel Aviv...

7.4AI score
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2021/02/01 2:0 p.m.47 views

Rapid7 Acquires Leading Kubernetes Security Provider, Alcide

Organizations around the globe continue to embrace the flexibility, speed, and agility of the cloud. Those that have adopted it are able to accelerate innovation and deliver real value to their customers faster than ever before. However, while the cloud can bring a tremendous amount of benefits t...

0.8AI score
Exploits0
NVD
NVD
added 2021/01/29 8:15 a.m.19 views

CVE-2020-35652

An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...

6.5CVSS6.4AI score0.01907EPSS
Exploits1References4
OSV
OSV
added 2021/01/29 8:15 a.m.20 views

CVE-2020-35652

An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...

6.5CVSS6.8AI score
Exploits0References4
Prion
Prion
added 2021/01/29 8:15 a.m.16 views

Design/Logic Flaw

An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...

4CVSS6.4AI score0.01907EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/01/29 8:15 a.m.4 views

UBUNTU-CVE-2020-35652

An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...

6.5CVSS6.6AI score0.01907EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2021/01/29 12:0 a.m.6 views

PT-2021-11818 · Asterisk +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 13.38.0 Asterisk versions 14.x through 16.x before 16.15.0 Asterisk versions 17.x before 17.9.0 Asterisk versions 18.x before 18.1.0 Description: An issue was discovered in res pjsip diversion.c. A crash can occur...

8.8CVSS6AI score0.4557EPSS
Exploits13References50
CNNVD
CNNVD
added 2021/01/29 12:0 a.m.7 views

Sangoma Asterisk Multiple Product Security Vulnerabilities

Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A security vulnerability exists in several Sangoma Asterisk products that stems from a crash...

6.5CVSS6.6AI score0.01907EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2020/08/31 6:46 p.m.47 views

Charming Kitten Returns with WhatsApp, LinkedIn Effort

The Iran-affiliated APT known as Charming Kitten is back with a new approach, impersonating Persian-speaking journalists via WhatsApp and LinkedIn, in order to con victims into opening malicious links. The targets are Israeli scholars from Haifa and Tel Aviv universities, and U.S. government...

0.5AI score
Exploits0References9
0day.today
0day.today
added 2020/07/21 12:0 a.m.340 views

Intellian / Sea Tel / SAILOR VSAT / RedPort maritime Exploit Pack

ever wondered how can someone hack into a ship/vessel/carrier/yacht? well here is the bundle targeting 3 major companies specialized in maritime satellite networks. in this bundle you get Intellian 3 root backdoors seatel 1 DOS sailor 2 sensitive information disclosure redport 1 admin busybox RCE...

6.9AI score
Exploits0
OSV
OSV
added 2019/09/15 4:15 p.m.4 views

CVE-2019-16320

Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...

5.3CVSS6AI score0.01093EPSS
Exploits0References1
NVD
NVD
added 2019/09/15 4:15 p.m.24 views

CVE-2019-16320

Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...

5.3CVSS5.3AI score0.01093EPSS
Exploits0References1
Prion
Prion
added 2019/09/15 4:15 p.m.18 views

Information disclosure

Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...

5CVSS5.3AI score0.01093EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2019/09/15 3:43 p.m.23 views

CVE-2019-16320

Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...

5.3AI score0.01093EPSS
Exploits0References1
CVE
CVE
added 2019/09/15 3:43 p.m.103 views

CVE-2019-16320

Cobham Sea Tel satellite terminals, models v170 224521 through v194 225444, are vulnerable to information disclosure via the public SNMP community, enabling potential exposure of vessel latitude/longitude. The root cause is exposure of SNMP read privileges to unauthenticated users. Exploitation d...

5.3CVSS5.3AI score0.01093EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/03/06 4:29 p.m.6 views

CVE-2019-9593

A reflected Cross-site scripting XSS vulnerability in ShoreTel Connect ONSITE 18.82.2000.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

6.1CVSS5.9AI score0.0442EPSS
Exploits5References3
Hacker One
Hacker One
added 2019/02/24 1:56 a.m.21 views

Slack: URL filter bypass in Enterprise Grid

URL filter bypass in Enterprise Grid Description Slack Enterprise Grid seems to be able to add arbitrary column to the profile of the account. In my company there is a おすすめランチ My Favorite Lunch column, and we can set the URL of the website and Display text. F429131 F429132 Only the http: or https...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/07/20 3:21 p.m.14 views

toptravelfind.com XSS vulnerability

Open Bug Bounty ID: OBB-651072 Description| Value ---|--- Affected Website:| toptravelfind.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
CNVD
CNVD
added 2018/01/18 12:0 a.m.7 views

Cobham Sea Tel Information Disclosure Vulnerability (CNVD-2018-03967)

Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. A remote attacker can exploit this vulnerability by sending a /cgi-bin/getSysStatus request to obtain sensitive information...

5.3CVSS6.3AI score0.01328EPSS
Exploits1References1
NVD
NVD
added 2018/01/16 11:29 p.m.20 views

CVE-2018-5728

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...

5.3CVSS5.2AI score0.01328EPSS
Exploits1References1
Rows per page
Query Builder