CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Hacker News•added 2016/06/17 5:19 a.m.•11 views

The Pirate Bay Founder Ordered to Pay $395,000 Fine in Lawsuit he didn't even know about

One of the founders of notorious file-sharing website The Pirate Bay has been ordered to pay a fine worth nearly US$400,000 to several major record labels after their content was shared illegally via the platform. The penalty has been imposed on The Pirate Bay co-founder Peter Sunde by a court in...

6.7AI score

Hacker One•added 2016/04/20 3:52 a.m.•13 views

GitLab: Labels created in private projects are leaked

Vulnerability details An insecure direct object reference vulnerability exists in the code that assigns labels to issues and merge requests, that allows an attack to read labels of private projects. This probably doesn't leak a lot of super confidential data, but since it's hard to predict how...

6.6AI score

RedHat Linux•added 2016/04/11 6:54 p.m.•25 views

Important: Red Hat Security Advisory: openvswitch security update

Updated openvswitch packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.1. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.6AI score0.06228EPSS

RedHat Linux•added 2016/03/30 8:43 p.m.•23 views

Important: Red Hat Security Advisory: openvswitch security update

An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

9.8CVSS7.8AI score0.06228EPSS

RedHat Linux•added 2016/03/30 1:25 a.m.•22 views

Important: Red Hat Security Advisory: openvswitch security update

An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

9.8CVSS7.8AI score0.06228EPSS

RedHat Linux•added 2016/03/30 1:25 a.m.•32 views

Important: Red Hat Security Advisory: openvswitch security update

An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

9.8CVSS7.8AI score0.06228EPSS

Citrix•added 2016/01/14 12:0 a.m.•7 views

How do I Customize Unified Gateway Portal?

Use Case Portal is the first interaction point for end users and hence important to have correct representation of an organization. Customize the look and feel, color, logo and labels on the Gateway portal to brand the portal as per organizational standards. Introduction to Portal Customization...

7AI score

CNVD•added 2015/04/26 12:0 a.m.•2 views

PowerDNS Recursor and Authoritative Server Label Denial of Service Vulnerability

PowerDNS Recursor is a domain name resolution server.PowerDNS Authoritative Server is a DNS server. The PowerDNS Recursor and Authoritative Server programs process compressed labels incorrectly, allowing an attacker to exploit a vulnerability that could trigger recursive loops and consume CPU...

7.8CVSS6.8AI score0.81834EPSS

CNVD•added 2015/02/28 12:0 a.m.•2 views

Drupal Entity API Module Field Label Cross-Site Scripting Vulnerability

Drupal is an open source content management platform. A cross-site scripting vulnerability exists in the Drupal Entity API module field labels due to the program failing to properly filter user-supplied input. An attacker could be allowed to exploit this vulnerability to steal cookie-based...

3.5CVSS6.8AI score0.01402EPSS

Exploit DB•added 2014/12/23 12:0 a.m.•48 views

GParted 0.14.1 - OS Command Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: OS Command Execution product: GParted - Gnome Partition Editor vulnerable version: =0.15.0, =0.14.1 with fix for CVE-2014-7208 applied CVE number: CVE-2014-7208 impact:...

7.2CVSS6.4AI score0.01113EPSS

Exploits5

OSV•added 2013/09/30 9:55 p.m.•1 views

DEBIAN-CVE-2013-4291

The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges...

6.9CVSS6.8AI score0.00487EPSS

NVD•added 2013/06/17 11:38 a.m.•16 views

CVE-2012-6565

Cross-site scripting XSS vulnerability in REDCap before 4.14.3 allows remote authenticated users to inject arbitrary web script or HTML via uppercase characters in JavaScript events within user-defined labels...

3.5CVSS5.3AI score0.00944EPSS

Prion•added 2013/06/17 11:38 a.m.•13 views

Cross site scripting

3.5CVSS5.7AI score0.00944EPSS

Exploits0References1Affected Software1

Cvelist•added 2013/06/17 10:0 a.m.•20 views

CVE-2012-6565

5.3AI score0.00944EPSS

Kitploit•added 2013/04/29 11:43 p.m.•14 views

[IPv6 Toolkit v1.3.4] A security assessment and troubleshooting tool for the IPv6 protocols

A security assessment and troubleshooting tool for the IPv6 protocols. The SI6 Networks’ IPv6 toolkit is a set of IPv6 security/trouble-shooting tools, that can send arbitrary IPv6-based packets. Changelog v1.3.4 IPv6-host tracking support in the scan6 tool. A new tool, address6, to analyze IPv6...

7.5AI score

Cvelist•added 2013/03/19 2:0 p.m.•18 views

CVE-2013-0227

Cross-site scripting XSS vulnerability in the Search API Sorts module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain roles to inject arbitrary web script or HTML via unspecified field labels...

5.4AI score0.00941EPSS

Exploits0References4

0day.today•added 2013/01/22 12:0 a.m.•24 views

Perforce P4web 2011/2012 Web Client XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Perforce P4web 2011/2012 Web Client XSS Vulnerability Date: 21 Jan 2013 Researcher: Christy Philip Mathew Email: email protected Vendor or Software Link: http://filehost.perforce.com/perforce/r11.1/bin.ntx86/p4webinst.exe...

7.1AI score