Lucene search
K

3573 matches found

securityvulns
securityvulns
added 2012/02/15 12:0 a.m.48 views

NX Web Companion Spoofing Arbitrary Code Execution Vulnerability

Vuln Title: NX Web Companion Spoofing Arbitrary Code Execution Vulnerability Date: 25.01.2012 Author: otr Software Link: http://www.nomachine.com/documents/plugin/install.php Version: = 3.x Tested on: Linux, Windows, Mac OS X x86, Mac OS X PPC, Solaris CVE : None, yet Summary The No Machine NX We...

1.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/02/14 12:0 a.m.34 views

Apple iOS < 5.0.1 Multiple Vulnerabilities

Binary data appleios501check.nbin...

9.3CVSS7.8AI score0.05329EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2012/01/19 12:0 a.m.4521 views

SMB Signing not required

Signing is not required on the remote SMB server. An unauthenticated, remote attacker can exploit this to conduct man-in-the-middle attacks against the SMB server. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid57608; scriptversion"1.20";...

5.7AI score
Exploits0References5
NVD
NVD
added 2011/11/28 9:55 p.m.23 views

CVE-2011-4560

Cross-site scripting XSS vulnerability in the Petition Node module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to signing a petition...

3.5CVSS5.3AI score0.00935EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2011/11/28 12:0 a.m.18 views

Fedora 14 : nss-3.12.10-7.fc14 (2011-15586)

This security update revokes trust in DigiCert Sdn. Bhd Intermediate Certificate Authority from NSS - rhbz751674 It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority CA issued HTTPS certificates with weak keys. This update renders any HTTPS certificates signed...

5.5AI score
Exploits0References2
Hewlett-Packard
Hewlett-Packard
added 2011/11/28 12:0 a.m.43 views

HPSBPI02728 SSRT100692 rev.7 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default

Potential Security Impact Remote firmware update enabled by default VULNERABILITY SUMMARY In November, 2011, a potential security vulnerability was identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware...

10CVSS1.7AI score0.13953EPSS
Exploits0
Amazon
Amazon
added 2011/11/19 12:0 a.m.10 views

Medium: nss

Issue Overview: It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority CA issued HTTPS certificates with weak keys. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and co...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2011/11/11 4:45 p.m.23 views

Apple Releases iOS Patch Fixing Flaw That Led to Charlie Miller's Expulsion

Apple shipped an update to their IOS mobile platform on Thursday that included patches for a number of security vulnerabilities, including a resolution for a vulnerability that led to the expulsion of renowned security researcher, Charlie Miller, from Apple’s developer program. As reported by...

Exploits0References8
OpenVAS
OpenVAS
added 2011/11/11 12:0 a.m.18 views

CentOS Update for nss CESA-2011:1444 centos4 i386

Check for the Version of nss OpenVAS Vulnerability Test CentOS Update for nss CESA-2011:1444 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2011/11/11 12:0 a.m.20 views

RedHat Update for nss RHSA-2011:1444-01

Check for the Version of nss OpenVAS Vulnerability Test RedHat Update for nss RHSA-2011:1444-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2011/11/11 12:0 a.m.14 views

RedHat Update for nss RHSA-2011:1444-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5AI score
Exploits0References2
The Hacker News
The Hacker News
added 2011/11/08 6:51 p.m.8 views

Researcher Charlie Miller kicked out from iOS dev program for Exploiting iOS security flaw

Researcher Charlie Miller kicked out from iOS dev program for Exploiting iOS security flaw A major security flaw in Apple's iOS operating system that could allow hackers to remotely gain unauthorized access to an iPhone, iPod touch or iPad has been uncovered by a security expert "Charlie Miller "...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2011/11/08 2:23 p.m.7 views

Demo of Charlie Miller's iOS Code-Signing Bug

Security researcher Charlie Miller of Accuvant discovered a vulnerability in the Apple iOS software that enables him to use an app he placed in the iTunes App Store to download unsigned code from a remote Web server and run it on any iOS device. In this video, he demonstrates the app and the way...

2.5AI score
Exploits0
OpenVAS
OpenVAS
added 2011/11/07 12:0 a.m.15 views

IT-Grundschutz M4.334: SMB Message Signing und Samba

IT-Grundschutz M4.334: SMB Message Signing und Samba ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94241 Diese Prüfung bezieht sich auf die 12. Ergänzungslieferung 12...

Exploits0References1
OpenVAS
OpenVAS
added 2011/11/07 12:0 a.m.24 views

IT-Grundschutz M4.334: SMB Message Signing und Samba

IT-Grundschutz M4.334: SMB Message Signing und Samba ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94241 Diese Prüfung bezieht sich auf die 12. Ergänzungslieferung 12...

7.4AI score
Exploits0References1
OSV
OSV
added 2011/10/27 8:55 p.m.2 views

DEBIAN-CVE-2011-3848

Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request CSR to arbitrary locations via 1 a double-encoded key parameter in the URI in 2.7.x, 2 the CN in the Subject of a CSR in 2.6 and 0.25...

5CVSS7AI score0.01115EPSS
Exploits0References1
OSV
OSV
added 2011/10/27 8:55 p.m.1 views

DEBIAN-CVE-2011-3872

Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise PE Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof ...

2.6CVSS6.3AI score0.02454EPSS
Exploits0References1
Prion
Prion
added 2011/10/27 8:55 p.m.15 views

Design/Logic Flaw

Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise PE Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof ...

2.6CVSS6.8AI score0.02454EPSS
Exploits0References11Affected Software3
Prion
Prion
added 2011/10/27 8:55 p.m.17 views

Directory traversal

Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request CSR to arbitrary locations via 1 a double-encoded key parameter in the URI in 2.7.x, 2 the CN in the Subject of a CSR in 2.6 and 0.25...

5CVSS7.1AI score0.01115EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2011/10/27 8:0 p.m.29 views

CVE-2011-3848

Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request CSR to arbitrary locations via 1 a double-encoded key parameter in the URI in 2.7.x, 2 the CN in the Subject of a CSR in 2.6 and 0.25...

5CVSS6.5AI score0.01115EPSS
Exploits0
Rows per page
Query Builder