Lucene search
K

8109 matches found

Cisco
Cisco
added 2013/07/17 1:46 p.m.26 views

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against the user of the web interface. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by convincing a...

4.3CVSS3AI score0.00576EPSS
Exploits0References1
NVD
NVD
added 2013/07/17 1:41 p.m.18 views

CVE-2013-3791

Unspecified vulnerability in Enterprise Manager EM Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

4.3CVSS5.9AI score0.01395EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2013/07/17 1:41 p.m.2 views

CVE-2013-3782

Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI...

4.3CVSS5.5AI score0.01351EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2013/07/17 1:41 p.m.2 views

CVE-2013-3791

Unspecified vulnerability in Enterprise Manager EM Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

4.3CVSS5.6AI score0.01395EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2013/07/17 1:41 p.m.3 views

CVE-2013-3779

Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI...

7.5CVSS5.5AI score0.01581EPSS
Exploits0References6
Prion
Prion
added 2013/07/17 1:41 p.m.21 views

Code injection

Unspecified vulnerability in Enterprise Manager EM Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

4.3CVSS6.3AI score0.01395EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2013/07/17 10:0 a.m.23 views

CVE-2013-3791

Unspecified vulnerability in Enterprise Manager EM Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

5.9AI score0.01395EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2013/07/13 3:3 p.m.11 views

LinkedIn Clickjacking vulnerability tricks users to spam links

A Clickjacking vulnerability existed on LinkedIn that allowed an attacker to trick users for sharing and posting links on behalf of victim. Narendra BhatiR00t Sh3ll, Security Analyst at Cyber Octet informed us about LinkedIn Bug. Clickjacking, also referred as "User Interface redress attack" is o...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.49 views

Oracle Linux 4 : gtk2 (ELSA-2007-0019)

From Red Hat Security Advisory 2007:0019 : Updated gtk2 packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gtk2 package contains the GIMP ToolKit GTK+, a library for creating graphical user...

2.1CVSS5.1AI score0.00904EPSS
Exploits0References2
Kitploit
Kitploit
added 2013/07/11 5:13 a.m.11 views

[Arachni v0.4.3] Ruby framework aimed towards helping penetration testers

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/05 12:0 a.m.34 views

Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox regression (USN-1890-2)

USN-1890-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in Firefox using the wrong network proxy settings. This update fixes the problem. We apologize for the inconvenience. Multiple memory safety issues were discovered in Firefox. If the user wer...

10CVSS8.7AI score0.69021EPSS
Exploits11References17
Tenable Nessus
Tenable Nessus
added 2013/06/27 12:0 a.m.32 views

Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox vulnerabilities (USN-1890-1)

Multiple memory safety issues were discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...

10CVSS8.7AI score0.69021EPSS
Exploits11References17
Mozilla
Mozilla
added 2013/06/25 12:0 a.m.53 views

Arbitrary code execution within Profiler — Mozilla

Security researcher Mariusz Mlynski reported that when a user examines the profiler output on a malicious website containing specially crafted code, it is possible for arbitrary code execution to occur. This occurs because the profiler user interface runs in a special iframe that parses data from...

9.3CVSS6.8AI score0.0256EPSS
Exploits1References2Affected Software1
Kitploit
Kitploit
added 2013/06/19 3:7 a.m.23 views

[EMET v4.0] Enhanced Mitigation Experience Toolkit

The Enhanced Mitigation Experience Toolkit EMET is designed to help prevent hackers from gaining access to your system. Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of...

7.3AI score
Exploits0
Fedora
Fedora
added 2013/06/18 6:22 a.m.28 views

[SECURITY] Fedora 19 Update: rrdtool-1.4.8-2.fc19

RRD is the Acronym for Round Robin Database. RRD is a system to store and display time-series data i.e. network bandwidth, machine-room temperature, server load average. It stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data t...

5CVSS1AI score0.10912EPSS
Exploits0
Kaspersky
Kaspersky
added 2013/05/22 12:0 a.m.64 views

KLA10076 Multiple vulnerabilities in Apple iTunes

Multiple critical vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or spoof HTTPS servers. Below is a complete list of vulnerabilities 1. Vectors related to browsing the iTunes Store can be...

9.3CVSS8.3AI score0.09155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/04/12 12:0 a.m.25 views

Citrix Access Gateway User Web Interface Detection

The remote web server hosts the web interface for using Citrix Access Gateway, an SSL VPN appliance. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65951; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/22";...

5.5AI score
Exploits0References1
Kitploit
Kitploit
added 2013/04/02 10:47 p.m.33 views

[360-FAAR v0.4.1] Firewall Analysis Audit And Repair

360-FAAR Firewall Analysis Audit and Repair is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Changes: This release...

7.7AI score
Exploits0
Kitploit
Kitploit
added 2013/03/10 4:21 p.m.31 views

[JSQL v0.3] Java Tool for Automatic Database Injection

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Version 0.2 features: GET, POST, header, cookie methods normal, error based, blind, time based algorithms automatic...

8AI score
Exploits0
NVD
NVD
added 2013/03/07 12:55 a.m.20 views

CVE-2012-5053

Cross-site scripting XSS vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, and NetR9 before 4.70, and NetRS before 1.3-2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01148EPSS
Exploits0References3
Rows per page
Query Builder