Lucene search
K

3473 matches found

n0where
n0where
added 2012/02/02 3:46 a.m.39 views

Open-Source Collaboration Framework: Dradis

Collaboration and reporting framework for InfoSec teams Some of the features: Platform independent Markup support for the notes: text styles, code blocks, images, links, etc. Integration with existing systems and tools: Brakeman Burp Suite MediaWiki Metasploit Nessus NeXpose Nikto Nmap OpenVAS...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2011/10/14 3:24 a.m.4 views

libpurple: invalid UTF-8 string handling in SILC messages

The gmarkupescapetext function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service crash via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, relate...

4.3CVSS5.9AI score0.03194EPSS
Exploits2References4
Fedora
Fedora
added 2011/09/30 7:6 p.m.24 views

[SECURITY] Fedora 16 Update: opensaml-2.3-6.fc16

OpenSAML is an open source implementation of the OASIS Security Assertion Markup Language Specification. It contains a set of open source C++ classes that support the SAML 1.0, 1.1, and 2.0 specifications...

5.8CVSS1.5AI score0.02291EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/09/30 12:0 a.m.26 views

Fedora Update for opensaml FEDORA-2011-12890

Check for the Version of opensaml OpenVAS Vulnerability Test Fedora Update for opensaml FEDORA-2011-12890 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5.8CVSS6.4AI score0.02291EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/09/15 7:8 p.m.7 views

JBossWS remote Denial of Service

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterpris...

9.3CVSS6.9AI score0.02664EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2011/08/09 12:0 a.m.27 views

Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS3.2AI score0.23356EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2011/07/28 12:0 a.m.30 views

Citrix XenApp / XenDesktop XML Service - Heap Corruption

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.002 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Heap Corruption in Citrix XML Service Risk: HIGH Vendor...

7.4AI score
Exploits0
Opera Security Advisories
Opera Security Advisories
added 2011/06/27 12:0 a.m.485 views

Data URIs may be used to initiate cross site scripting against unrelated sites

Data URIs are supposed to inherit the security context from the page that created them. In some cases, Opera does not enforce this correctly, and will allow unrelated data URIs to interact both with each other, and their source pages. This can be used to enable cross site scripting against the...

1.8AI score
Exploits0Affected Software1
OSV
OSV
added 2011/06/21 2:52 a.m.4 views

UBUNTU-CVE-2011-1756

modules/xmpp/servxmpp.c in Citadel 7.86 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue t...

5CVSS5.8AI score0.0266EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/06/15 12:0 a.m.38 views

Internet Explorer Vector Markup Language Remote Code Execution Vulnerability (2544521)

This host is missing a critical security update according to Microsoft Bulletin MS11-052. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.17977EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2011/06/15 12:0 a.m.41 views

MS11-052: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

The remote host is missing Internet Explorer IE Security Update 2497640. The installed version of IE is affected by a vulnerability in the implementation of the Vector Markup Language VML that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc...

9.3CVSS6.2AI score0.17977EPSS
Exploits1References3
NVD
NVD
added 2011/06/06 7:55 p.m.30 views

CVE-2011-1952

common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service infinite loop via malformed HTML markup, as demonstrated by an a sequence...

5CVSS6.4AI score0.01543EPSS
Exploits2References5
Prion
Prion
added 2011/06/06 7:55 p.m.23 views

Design/Logic Flaw

common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service infinite loop via malformed HTML markup, as demonstrated by an a sequence...

5CVSS7AI score0.01543EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2011/06/06 7:0 p.m.31 views

CVE-2011-1952

common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service infinite loop via malformed HTML markup, as demonstrated by an a sequence...

6.4AI score0.01543EPSS
Exploits2References5
CVE
CVE
added 2011/06/06 7:0 p.m.49 views

CVE-2011-1952

CVE-2011-1952 affects Post Revolution up to version 0.8.0c. The DoS arises from a faulty loop in common.php when stripping non-permitted HTML: an attacker can trigger an infinite loop by posting crafted HTML (e.g., a

5CVSS6.6AI score0.01543EPSS
Exploits2References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/05/31 12:0 a.m.23 views

Fedora 14 : viewvc-1.1.11-1.fc14 (2011-7222)

security fix: remove user-reachable override of cvsdb row limit - fix broken standalone.py -c and -d options handling - add --help option to standalone.py - fix stack trace when asked to checkout a directory issue 478 - improve memory usage and speed of revision log markup issue 477 - fix broken...

5CVSS5.5AI score0.02644EPSS
Exploits0References3
OSV
OSV
added 2011/04/11 6:55 p.m.1 views

DEBIAN-CVE-2011-1157

Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments...

4.3CVSS5.7AI score0.02443EPSS
Exploits1References1
PyPA
PyPA
added 2011/04/11 6:55 p.m.6 views

PYSEC-2011-20

Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments...

4.3CVSS6.1AI score0.02443EPSS
Exploits1References12Affected Software1
OSV
OSV
added 2011/04/04 12:27 p.m.1 views

DEBIAN-CVE-2011-1425

xslt.c in XML Security Library aka xmlsec before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification...

5.1CVSS6.7AI score0.08057EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/11/26 8:32 a.m.6 views

Google Chrome information disclosure vulnerability

Overview Google Chrome contains an information disclosure vulnerability. Google Chrome contains an information disclosure vulnerability caused by the improper handling of XML files. Takayoshi Isayama from Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

6.5CVSS6.2AI score0.00761EPSS
Exploits0References5
Rows per page
Query Builder