Lucene search
K

17 matches found

OSV
OSV
added 2024/12/09 5:15 a.m.7 views

CVE-2024-12359

A vulnerability was found in code-projects Admin Dashboard 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /vendormanagement.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploi...

5.4CVSS3.7AI score0.00371EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.5 views

Code-Projects Admin Dashboard 安全漏洞

Code-Projects Admin Dashboard is an administration dashboard for Code-Projects open source. A security vulnerability exists in Code-Projects Admin Dashboard version 1.0, which stems from a cross-site scripting vulnerability contained in the username parameter of the /vendormanagement.php page...

5.4CVSS4.5AI score0.00371EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2024/02/14 11:23 a.m.19 views

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financia...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.3 views

Aruba Networks AirWave Management Platform Security Vulnerability

Aruba Networks AirWave Management Platform, from Aruba Networks, provides granular visibility into wired and wireless networks and is the leading multi-vendor management platform designed for local campus environments. A security vulnerability exists in the Aruba Networks AirWave Management...

6.8CVSS6.3AI score0.00444EPSS
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2022/12/15 5:0 p.m.19 views

Do more with less with Microsoft Security—3 strategies to get you started

Relentless bad actors, evolving attack tactics, and numerous surfaces and endpoints that attackers may try to exploit. With the average cost of a data breach reaching an all-time high of USD4.35 million in 2022,1 protecting your people and data from adversaries is more important than ever. Plus,...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/12/15 5:0 p.m.21 views

Do more with less with Microsoft Security—3 strategies to get you started

Relentless bad actors, evolving attack tactics, and numerous surfaces and endpoints that attackers may try to exploit. With the average cost of a data breach reaching an all-time high of USD4.35 million in 2022,1 protecting your people and data from adversaries is more important than ever. Plus,...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/04/26 3:7 p.m.17 views

How to Strategically Scale Vendor Management and Supply Chain Security

This post is co-authored by Collin Huber Recent security events — particularly the threat actor activity from the Lapsu$ group, Spring4Shell, and various new supply-chain attacks — have the security community on high alert. Security professionals and network defenders around the world are wonderi...

0.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2022/02/03 6:13 p.m.12 views

The Long-Term Impact of Log4j

In its aftermath, Log4j vulnerabilities put the spotlight on vendor management and supply chain security practices. Software suppliers should expect vendor security questionnaires to expand in scope and detail around application security practices. Its relatively easy for software buyers to...

1.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/13 8:17 a.m.37 views

Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs

Complexity is the bane of effective cybersecurity. The need to maintain an increasing array of cybersecurity tools to protect organizations from an expanding set of cyber threats is leading to runaway costs, staff inefficiencies, and suboptimal threat response. Small to medium-sized enterprises...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2019/06/19 9:0 p.m.1 views

Gain the Trust of Your Business Customers With SOC 2 Compliance

In today's business environment, data is what matters most. It matters to organizations that monetize it into operational insights and optimisations, and it matters the threat actors that relentlessly seek to achieve similar monetisation by compromising it. In the very common scenario in which...

7AI score
Exploits0
Cvelist
Cvelist
added 2019/06/17 4:19 p.m.31 views

CVE-2019-12789

An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence Ctrl-\ to obtain a shell with root privileges. After gaining root access, the attacker can...

6.7AI score0.00574EPSS
Exploits2References2
CVE
CVE
added 2019/06/17 4:19 p.m.77 views

CVE-2019-12789

CVE-2019-12789 affects the Actiontec/Telus T2200H devices (T2200H-31.128L.08). By attaching a UART adapter to system-board UART pins and issuing the key sequence Ctrl-, an attacker can obtain a root shell. This permits mounting the filesystem read-write and making permanent modifications, includi...

7.2CVSS6.7AI score0.00574EPSS
Exploits2References2Affected Software1
ThreatPost
ThreatPost
added 2017/08/11 1:57 p.m.19 views

Many Factors Conspire in ICS/SCADA Attacks

Critical infrastructure operators can’t be blamed for a perpetual case of whiplash. They are mired between hackers targeting internet-facing and air-gapped systems with equal precision, and vendors and management unwilling to properly tackle security for fear of downtime and incompatibility. “The...

0.8AI score
Exploits0References1
Exploit DB
Exploit DB
added 2017/05/09 12:0 a.m.30 views

Personify360 7.5.2/7.6.1 - Improper Access Restrictions

Exploit Title: Access and read and create vendor / API credentials in plaintext Date: 3/29/2017 Exploit Author: Pesach Zirkind Vendor Homepage: https://personifycorp.com/ Version: 7.5.2 - 7.6.1 Tested on: Windows all versions CVE : CVE-2017-7312 Category: webapps 1. Description Any website visito...

9.8CVSS9.7AI score0.02975EPSS
Exploits2
Akamai Blog
Akamai Blog
added 2017/03/27 2:21 p.m.22 views

Supply Chain Security: Akamai from a Customer's Risk Perspective

Managing risk is a key aspect of any business. This becomes more complicated when additional parties, such as vendors are brought into the mix. One of the strongest pieces of guidance on managing vendors that customers have brought to Akamai comes from the US Office of the Comptroller of the...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2014/04/10 11:47 p.m.18 views

Optimizing Network Security with SolarWinds Firewall Security Manager (FSM)

Firewalls are the front-line soldiers, who sit strategically at the edge of your network and defend it from various security threats. Firewalls require constant maintenance and management to ensure that they are accurately configured for optimal security, continuous compliance, and high...

6.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2013/12/10 1:9 p.m.11 views

A Proven Strategy for Implementing Vendor Management Programs

Every regulated industry includes a requirement for managing third-party risk. Some industries are further along the path and have more mature processes than others. However, there are tried and true methodologies and standards established by those early movers that we can utilize across other...

3.7AI score
Exploits0
Rows per page
Query Builder