Commit Graph

751 Commits (c973ddbb71e10a8d83e0f614dc7167cc7e24a91f)

Author SHA1 Message Date
Ritik Chaddha 764bb2e584
Merge pull request #7087 from kazet/ftp-creds-high-severity
exposed ftpsync.settings files are high severity, as their may contain passwords
2023-04-24 15:56:11 +05:30
Ritik Chaddha c1876a737c
updated metadata 2023-04-22 13:23:53 +05:30
Ritik Chaddha 2caf9d94a6
Update ftp-credentials-exposure.yaml 2023-04-21 20:19:32 +05:30
Krzysztof Zając 0295ae2670 FTP credentials are high severity, as their may contain passwords 2023-04-19 08:04:32 +02:00
Prince Chaddha 4d9122b5e1
Update prometheus-metrics.yaml 2023-04-17 09:37:09 +05:30
MostInterestingBotInTheWorld 301fddaeb0
Dashboard Content Enhancements (#6965)
* Add description and enhance one where the UI failed to save properly.
dos2unix on a template

* Change cvedetails link to nvd

* make severities match

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2017/CVE-2017-14524.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2019/CVE-2019-16759.yaml by md

* Enhancement: cves/2021/CVE-2021-22986.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24347.yaml by md

* Enhancement: cves/2021/CVE-2021-25003.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25298.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-28151.yaml by md

* Enhancement: cves/2021/CVE-2021-30128.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0885.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-24816.yaml by md

* Enhancement: cves/2022/CVE-2022-31499.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-34753.yaml by md

* Enhancement: cves/2022/CVE-2022-39952.yaml by md

* Enhancement: cves/2022/CVE-2022-4060.yaml by md

* Enhancement: cves/2022/CVE-2022-44877.yaml by md

* Enhancement: cves/2023/CVE-2023-0669.yaml by md

* Enhancement: cves/2023/CVE-2023-26255.yaml by md

* Enhancement: cves/2023/CVE-2023-26256.yaml by md

* Enhancement: exposures/files/salesforce-credentials.yaml by md

* Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md

* Enhancement: network/backdoor/backdoored-zte.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-dbt.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md

* Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md

* Enhancement: vulnerabilities/froxlor-xss.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md

* Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md

* Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md

* Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md

* Enhancement: vulnerabilities/other/graylog-log4j.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Initial cleanups for syntax errors

* dashboard gremlins

* Add log4j back to name

* Enhancement: exposures/files/salesforce-credentials.yaml by cs

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs

* Enhancement: network/backdoor/backdoored-zte.yaml by cs

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs

* Sev and other info tweaks

* Merge conflict

---------

Co-authored-by: sullo <sullo@cirt.net>
2023-03-27 23:16:47 +05:30
Ritik Chaddha 05ba9aa284
updated severity 2023-03-17 22:41:28 +05:30
Ritik Chaddha 18ce42523a
severity update 2023-03-17 22:39:32 +05:30
Ritik Chaddha eb1a7c482a
updated severity 2023-03-17 22:31:54 +05:30
Ritik Chaddha 4df8a231cf
Update ovpn-config-exposed.yaml 2023-03-17 22:29:26 +05:30
Ritik Chaddha 72f8bcee30
severity update 2023-03-17 22:25:58 +05:30
Ritik Chaddha 822dde47a7
severity update 2023-03-17 22:19:35 +05:30
Ritik Chaddha c1fd90963a
Update proftpd-config.yaml 2023-03-17 22:16:08 +05:30
Ritik Chaddha c1db1d6c8c
updated reference 2023-03-17 22:10:39 +05:30
Ritik Chaddha 3d225cc547
Update ruijie-phpinfo.yaml 2023-03-17 22:06:18 +05:30
Ritik Chaddha a88cfa1c58
Update ssh-authorized-keys.yaml 2023-03-17 22:00:35 +05:30
Ritik Chaddha 0f8b1cf3c5
added metadata 2023-03-17 21:52:31 +05:30
MostInterestingBotInTheWorld 7677e07dec
Merge branch 'main' into dashboard 2023-03-17 11:24:28 -04:00
sullo 2a7b69bab3 Match severity with CVSS 2023-03-03 10:27:54 -05:00
sullo f42443a761 Add missing cves
Cleanup a poor quality template
Rename/relocate ruijie from password leak to RCE
2023-03-02 16:07:26 -05:00
sullo 3efe5786ef Severity cleanups 2023-03-02 15:58:29 -05:00
MostInterestingBotInTheWorld 66c0e8ebb6 Enhancement: exposures/configs/ventrilo-config.yaml by cs 2023-03-02 15:05:17 -05:00
MostInterestingBotInTheWorld 772484d63d Enhancement: exposures/configs/symfony-profiler.yaml by cs 2023-03-02 15:04:39 -05:00
MostInterestingBotInTheWorld cadf0606d4 Enhancement: exposures/configs/sftp-deployment-config.yaml by cs 2023-03-02 15:02:58 -05:00
MostInterestingBotInTheWorld cd0506a5a9 Enhancement: exposures/configs/sftp-config-exposure.yaml by cs 2023-03-02 15:02:30 -05:00
MostInterestingBotInTheWorld 64853e6351 Enhancement: exposures/configs/server-private-keys.yaml by cs 2023-03-02 15:01:42 -05:00
MostInterestingBotInTheWorld 696fe4567d Enhancement: exposures/configs/ruijie-information-disclosure.yaml by cs 2023-03-02 15:01:03 -05:00
MostInterestingBotInTheWorld 1ef31e4538 Enhancement: exposures/configs/robomongo-credential.yaml by cs 2023-03-02 14:59:40 -05:00
MostInterestingBotInTheWorld f32de60a33 Enhancement: exposures/configs/xprober-service.yaml by cs 2023-03-02 14:58:17 -05:00
MostInterestingBotInTheWorld 9033eaef93 Enhancement: exposures/configs/websheets-config.yaml by cs 2023-03-02 14:56:15 -05:00
MostInterestingBotInTheWorld 92d26c9215 Enhancement: exposures/configs/tox-ini.yaml by cs 2023-03-02 14:55:14 -05:00
MostInterestingBotInTheWorld a747c96df4 Enhancement: exposures/configs/svnserve-config.yaml by cs 2023-03-02 14:54:29 -05:00
MostInterestingBotInTheWorld 3b058b0059 Enhancement: exposures/configs/ssh-authorized-keys.yaml by cs 2023-03-02 14:53:03 -05:00
MostInterestingBotInTheWorld 8fd6a63872 Enhancement: exposures/configs/saia-web-server-info.yaml by cs 2023-03-02 14:51:36 -05:00
MostInterestingBotInTheWorld 74f6fbc1d7 Enhancement: exposures/configs/ruijie-phpinfo.yaml by cs 2023-03-02 14:47:36 -05:00
MostInterestingBotInTheWorld 724df256c6 Enhancement: exposures/configs/rails-database-config.yaml by cs 2023-03-02 14:47:05 -05:00
MostInterestingBotInTheWorld f65819bc74 Enhancement: exposures/configs/pubspec-config.yaml by cs 2023-03-02 14:45:40 -05:00
MostInterestingBotInTheWorld 1bdd424bb6 Enhancement: exposures/configs/proxy-wpad-exposure.yaml by cs 2023-03-02 14:43:18 -05:00
MostInterestingBotInTheWorld 26866253b2 Enhancement: exposures/configs/prometheus-metrics.yaml by cs 2023-03-02 14:35:26 -05:00
MostInterestingBotInTheWorld fa5948df94 Enhancement: exposures/configs/proftpd-config.yaml by cs 2023-02-24 16:31:03 -05:00
MostInterestingBotInTheWorld 56d45b8eb2 Enhancement: exposures/configs/proftpd-config.yaml by cs 2023-02-24 16:30:30 -05:00
MostInterestingBotInTheWorld 1a317418e7 Enhancement: exposures/configs/xprober-service.yaml by md 2023-02-24 14:14:27 -05:00
MostInterestingBotInTheWorld b4b21b3f86 Enhancement: exposures/configs/wgetrc-config.yaml by md 2023-02-24 14:09:59 -05:00
MostInterestingBotInTheWorld 34e515854d Enhancement: exposures/configs/websheets-config.yaml by md 2023-02-24 14:07:09 -05:00
MostInterestingBotInTheWorld 0f81e2b284 Enhancement: exposures/configs/webpack-config.yaml by md 2023-02-24 14:03:51 -05:00
MostInterestingBotInTheWorld 8fb8041752 Enhancement: exposures/configs/web-config.yaml by md 2023-02-24 14:00:45 -05:00
MostInterestingBotInTheWorld 505c5161e5 Enhancement: exposures/configs/web-config.yaml by md 2023-02-24 13:48:47 -05:00
MostInterestingBotInTheWorld 34e99a994b Enhancement: exposures/configs/ventrilo-config.yaml by md 2023-02-24 13:47:54 -05:00
MostInterestingBotInTheWorld 5c9a7f0155 Enhancement: exposures/configs/tox-ini.yaml by md 2023-02-24 13:45:04 -05:00
MostInterestingBotInTheWorld 26b98da888 Enhancement: exposures/configs/proxy-wpad-exposure.yaml by md 2023-02-23 16:41:12 -05:00