CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5397 matches found

NVD•added 2011/04/22 10:55 a.m.•12 views

CVE-2011-1687

Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote authenticated users to obtain sensitive information by using the search interface, as demonstrated by retrieving encrypted passwords...

4CVSS5.7AI score0.00497EPSS

Exploits0References10

Prion•added 2011/04/22 10:55 a.m.•15 views

Input validation

4CVSS6.2AI score0.00497EPSS

Exploits0References10Affected Software1

ATTACKERKB•added 2011/04/22 10:55 a.m.•1 views

CVE-2011-1687

4CVSS5.5AI score0.00497EPSS

Exploits0References11

UbuntuCve•added 2011/04/22 10:55 a.m.•10 views

CVE-2011-1687

4CVSS5.9AI score0.00497EPSS

Exploits0References1

Cvelist•added 2011/04/22 10:0 a.m.•17 views

CVE-2011-1687

5.5AI score0.00497EPSS

Exploits0References10

securityvulns•added 2011/04/19 12:0 a.m.•151 views

[USN-1110-1] KDE-Libs vulnerabilities

========================================================================== Ubuntu Security Notice USN-1110-1 April 14, 2011 kde4libs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.3CVSS0.5AI score0.01407EPSS

Exploits2

ThreatPost•added 2011/04/13 3:38 p.m.•9 views

Texas Comptroller Exposes Personal Data on Millions

The Texas Comptroller’s Office is issuing letters Wednesday to some 3.5 million citizens after personally identifiable data was left exposed to the public on a state server for more than a year, according to a published statement. The exposed data included the names, addresses and Social Security...

0.3AI score

Exploits0References5

The Hacker News•added 2011/04/08 11:19 a.m.•8 views

Cain & Abel 4.9.40 released , Download now !

Cain & Abel 4.9.40 released , Download now ! Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords,...

7AI score

Exploits0

Tenable Nessus•added 2011/04/07 12:0 a.m.•15 views

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : nss vulnerabilities (USN-1106-1)

It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a man in the middle attack to view sensitive information or alter encrypted communications. These certificates were marked as explicitly not trusted to prevent their misus...

5.5AI score

Exploits0References1

Ubuntu•added 2011/04/06 5:57 a.m.•51 views

USN-1106-1: NSS vulnerabilities

It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. These certificates were marked as explicitly not trusted to prevent their...

5.5AI score

Exploits0References1

OpenVAS•added 2011/04/06 12:0 a.m.•11 views

Ubuntu Update for qt4-x11 vulnerabilities USN-1101-1

Ubuntu Update for Linux kernel vulnerabilities USN-1101-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11011.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for qt4-x11 vulnerabilities USN-1101-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Exploits0References2

ThreatPost•added 2011/04/05 3:51 p.m.•14 views

Virus Watch: The Chinese Bootkit

We recently discovered a new bootkit, i.e. a malicious program which infects the hard drive’s boot sector. Kaspersky Lab detects it as Rookit.Win32.Fisp.a. The bootkit is distributed by Trojan-Downloader.NSIS.Agent.jd. The Trojan infects the computers of users who try to download a video clip fro...

6.9AI score

Exploits0References4

Ubuntu•added 2011/04/01 8:12 p.m.•37 views

USN-1101-1: Qt vulnerabilities

It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. These were placed on the certificate blocklist to prevent their misuse...

5.5AI score

Exploits0References1

The Hacker News•added 2011/03/31 9:41 a.m.•5 views

Farmville Compromises Facebook - Facebook Fixes Flaw !

After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps. Savvy users immediately discovered that if they tried to use gross...

6.8AI score

Exploits0

Prion•added 2011/03/22 5:55 p.m.•31 views

Command injection

The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a...

6.8CVSS6.8AI score0.32222EPSS

Exploits1References6Affected Software2

OSV•added 2011/03/18 4:55 p.m.•1 views

DEBIAN-CVE-2010-4764

Open Ticket Request System OTRS before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys, which makes it easier for remote attackers to spoof e-mail communication by leveraging a key that has a revocation...

5CVSS6.6AI score0.00302EPSS

Exploits0References1

NVD•added 2011/03/18 4:55 p.m.•14 views

CVE-2010-4764

5CVSS6.6AI score0.00302EPSS

Exploits0References2

Prion•added 2011/03/18 4:55 p.m.•13 views

Design/Logic Flaw

5CVSS7.1AI score0.00302EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2011/03/18 4:55 p.m.•15 views

CVE-2010-4764