Lucene search
K

4572 matches found

The Coalfire Blog
The Coalfire Blog
added 2020/04/23 12:26 a.m.9 views

Applied ThreadFix: Effective security team collaboration

Modern enterprises are distributed. Most ThreadFix deployments have stakeholders spanning development and security teams and those team members are spread around the globe. To support these distributed organizations, ThreadFix has a number of collaboration features that make teams more efficient...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2020/04/21 12:0 a.m.4 views

Description of the SharePoint Designer 2010 update: March 12, 2013

Description of the SharePoint Designer 2010 update: March 12, 2013 INTRODUCTION Microsoft has released an update for Microsoft SharePoint Designer 2010. This update provides the latest fix for the 32-bit and 64-bit editions of SharePoint Designer 2010. Additionally, this update contains stability...

5.9AI score
Exploits0
CNVD
CNVD
added 2020/04/16 12:0 a.m.4 views

Unspecified Vulnerability in Oracle E-Business Suite Workflow (CNVD-2020-24056)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Workflow E-Business Suite is one...

5.3CVSS8.4AI score0.01061EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.2 views

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS6.3AI score0.01061EPSS
Exploits0References1
NVD
NVD
added 2020/04/15 2:15 p.m.10 views

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS4.6AI score0.01061EPSS
Exploits0References1
CVE
CVE
added 2020/04/15 1:29 p.m.45 views

CVE-2020-2753

Technical details about CVE-2020-2753 are not publicly available in the provided connected documents; monitor for updates.

5.3CVSS4.8AI score0.01061EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/04/15 1:29 p.m.15 views

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS5.3AI score0.01061EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/04/15 1:29 p.m.9 views

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS5.7AI score0.01061EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/04/15 12:0 a.m.53 views

SUSE SLES12 Security Update : git (SUSE-SU-2020:0992-1)

This update for git fixes the following issues : Security issue fixed : CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host bsc1168930. Non-security issue fixed : git was updated to 2.26.0 f...

9.8CVSS8.1AI score0.97356EPSS
Exploits35References25
Microsoft KB
Microsoft KB
added 2020/04/14 7:0 a.m.32 views

Service Update 0.14 for Microsoft Dynamics 365 9.0

None None...

6.1CVSS6.6AI score0.01791EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2020/04/13 4:8 a.m.35 views

MS15-036: Description of the security update for SharePoint Server 2013: April 14, 2015

Resolves vulnerabilities in Microsoft Office server and productivity software that could allow elevation of privilege if an attacker sends a specially crafted request to an affected SharePoint Server.IntroductionThis security update resolves elevation of privilege vulnerabilities that exist when...

6.2AI score
Exploits0
Microsoft KB
Microsoft KB
added 2020/04/13 12:0 a.m.25 views

MS16-088: Description of the security update for SharePoint Foundation 2013: July 12, 2016

MS16-088: Description of the security update for SharePoint Foundation 2013: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, s...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/04/09 12:0 a.m.3 views

Argo Authorization Issue Vulnerability (CNVD-2020-27456)

Argo is an open source container native workflow engine. Argo suffers from an authorization issue vulnerability that stems from the program not implementing anti-automation protections. An attacker could use this vulnerability to brute-force break the administrator password...

7.5CVSS6.9AI score0.02157EPSS
Exploits1References1
Kitploit
Kitploit
added 2020/04/07 12:0 p.m.306 views

Git-Hound v1.1 - GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System

A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit history searching, and a unique result scoring system. GitHound has earned me over $7500 applied to Bug Bounty research...

7.4AI score
Exploits0References5
Exploit DB
Exploit DB
added 2020/03/31 12:0 a.m.382 views

SharePoint Workflows - XOML Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint Workflows XOML Injection', 'Description' = %q This module exploits a vulnerability within SharePoint and its .NET backend that allows ...

10CVSS9.6AI score0.99193EPSS
Exploits5
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/09 9:24 p.m.23 views

Security Bulletin: An information disclosure vulnerability has been identified with the embedded Content Platform Engine component shipped with IBM Business Automation Workflow (CVE-2019-4572)

Summary A vulnerability in IBM FileNet Content Manager and Case Foundation, in some case, could contain user information in the log when Process Orchestration Web Services is invoked. Vulnerability Details CVEID: CVE-2019-4572 DESCRIPTION: IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific...

4.4CVSS0.3AI score0.00305EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2020/02/28 12:0 a.m.2 views

IBM Business Process Manager and IBM Business Automation Workflow SQL Injection Vulnerability

IBM Business Process Manager is a comprehensive business process management platform.IBM Business Automation Workflow is a platform for creating workflow applications to improve productivity. A SQL injection vulnerability exists in IBM Business Process Manager and IBM Business Automation Workflow...

6.5CVSS7.7AI score0.00835EPSS
Exploits0References1
NVD
NVD
added 2020/02/27 4:15 p.m.18 views

CVE-2019-4669

IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, ad...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References2
OSV
OSV
added 2020/02/27 4:15 p.m.3 views

CVE-2019-4669

IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, ad...

6.3CVSS6.7AI score0.00835EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/02/27 4:10 p.m.19 views

CVE-2019-4669

IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, ad...

6.3CVSS6.6AI score0.00835EPSS
Exploits0References2
Rows per page
Query Builder