Lucene search
K

293 matches found

Schneier on Security
Schneier on Security
added 2018/06/14 11:28 a.m.50 views

Thomas Dullien on Complexity and Security

For many years, I have said that complexity is the worst enemy of security. At CyCon earlier this month, Thomas Dullien gave an excellent talk on the subject with far more detail than I've ever provided. Video. Slides...

3.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/06/07 10:2 a.m.9 views

stthomasgirlsschool.com XSS vulnerability

Open Bug Bounty ID: OBB-628528 Description| Value ---|--- Affected Website:| stthomasgirlsschool.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
0day.today
0day.today
added 2018/06/04 12:0 a.m.50 views

CyberArk < 10 - Memory Disclosure Exploit

Exploit for linux platform in category remote exploits Exploit Title: CyberArk 10 - Memory Disclosure Exploit Author: Thomas Zuk Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 2008, Windows...

5CVSS5.3AI score0.14116EPSS
Exploits12
Intel
Intel
added 2018/06/04 12:0 a.m.15 views

Intel® Integrated Performance Primitives Cryptography Library Update

Summary: Some implementations in Intel® Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time. - 4.7 Medium CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: Intel® Integrated Performance Primitives Cryptograph...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/05/20 12:30 a.m.11 views

will.state.wy.us XSS vulnerability

Open Bug Bounty ID: OBB-618768 Description| Value ---|--- Affected Website:| will.state.wy.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Intel
Intel
added 2018/05/10 12:0 a.m.9 views

Intel® SGX SDK and Intel® SGX Platform Software Updates

Summary: Intel® Software Guard Extensions Software Development Kit SDK and Platform Software PSW utilize the Intel® Integrated Performance Primitives Cryptography Library. Vulnerabilities in this cryptography library have been reported that may enable a local attacker running malware utilizing...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/03/26 10:16 a.m.8 views

thomas-hill.no XSS vulnerability

Open Bug Bounty ID: OBB-591879 Description| Value ---|--- Affected Website:| thomas-hill.no Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/01/22 4:28 p.m.19 views

January 22, 2018 – Morning Cyber Coffee Headlines – “NFL” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! January 22, 2018 - Headlines Carbon Black in the News: Strategic Cyber Ventures...

6.7AI score
Exploits0
Apple
Apple
added 2018/01/08 10:28 a.m.74 views

About the security content of macOS High Sierra 10.13.2 Supplemental Update - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

5.6CVSS0.8AI score0.93838EPSS
Exploits12Affected Software1
RedHat Linux
RedHat Linux
added 2017/12/14 10:12 p.m.58 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security and bug fix update

An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.3AI score0.05529EPSS
Exploits0References7
myhack58
myhack58
added 2017/09/20 12:0 a.m.51 views

Many high-risk SVGA code execution vulnerability bug,VMware efforts to be patched-vulnerabilities and early warning-the black bar safety net

VMware this week announced a patch to fix a number of vulnerabilities flaws bug, contains a major vulnerability flaws bugs, exploits flaws bug touches the product containing ESXi, vCenter Server, Workstation and Fusion. This is the major vulnerability flaws bug number for CVE-2017-4924, which is ...

0.1AI score0.00777EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2017/09/18 3:15 a.m.9 views

www3.thomas.edu XSS vulnerability

Open Bug Bounty ID: OBB-298140 Description| Value ---|--- Affected Website:| www3.thomas.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/25 12:59 a.m.14 views

custominteriorsbythomas.com XSS vulnerability

Vulnerable URL: http://custominteriorsbythomas.com/?s=%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/05/12 7:59 a.m.9 views

mytmc.thomasmore.edu XSS vulnerability

Vulnerable URL: https://mytmc.thomasmore.edu/ICS/Admissions/?tool=search=%22%3E%3Cimg%20src=x%20onerror=prompt/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown /...

6.3AI score
Exploits0
Drupal
Drupal
added 2017/05/10 12:0 a.m.15 views

Media - Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2017-044

This module provides intuitive ways to manage large libraries of media, insert or display or import various types of media either through fields or a wysiwyg interface. Versions of this module prior to 7.x-2.1 or 7.x-3.0-alpha5 did not sufficiently whitelist input parameters for the media browser...

6.9AI score
Exploits0References10
Openbugbounty
Openbugbounty
added 2017/04/22 9:51 p.m.8 views

thomasoppermann.de XSS vulnerability

Vulnerable URL: http://www.thomasoppermann.de/suche.php Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 19:23 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 5607741 VIP website status:| No Check...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/04/22 9:21 p.m.15 views

thomas-mahlberg.de XSS vulnerability

Vulnerable URL: http://www.thomas-mahlberg.de/index.php Details: Description| Value ---|--- Patched:| Yes, at 26.04.2017 Latest check for patch:| 26.04.2017 10:40 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2017/02/16 9:0 a.m.8 views

Cris Thomas on Cyberwar Rhetoric

Cris Thomas of Tenable Networks, aka Space Rogue of the L0pht, talks to Mike Mimoso during RSA Conference about the rhetoric and hype surrounding cyberwar, as well as a quick trip down memory lane with the L0pht and its famous 1998 testimony before Congress. Download:...

2.5AI score
Exploits0References3
Debian
Debian
added 2017/02/09 2:9 p.m.33 views

[SECURITY] [DSA 3784-1] viewvc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3784-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 09, 2017 https://www.debian.org/security/faq -...

6.1CVSS6AI score0.01318EPSS
Exploits0
Drupal
Drupal
added 2017/01/11 12:0 a.m.24 views

OpenLucius - Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2017-004

OpenLucius is a work management platform for social communication, documentation, and projects. The distribution doesn't sufficiently use tokens when marking messages for users as read thereby exposing a Cross Site Request Forgery CSRF vulnerability. The distribution does not sufficiently filter...

6.4AI score
Exploits0References11
Rows per page
Query Builder