Lucene search
K

281 matches found

securityvulns
securityvulns
added 2013/10/01 12:0 a.m.59 views

Open-Xchange Security Advisory 2013-09-10

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28260 Bug ID Vulnerability type: CWE-16: Configuration, CWE-287: Improper Authentication, CWE-200: Information Exposure Vulnerable version: 7.0.0 to 7.2.2 Vulnerable component: backend default configuration Fixed version...

7.5CVSS0.2AI score0.01493EPSS
Exploits2
Prion
Prion
added 2013/09/25 10:31 a.m.22 views

Hardcoded credentials

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote attackers to obtain access by sending network traffic from an unintended...

4.3CVSS6.6AI score0.01493EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2013/09/25 10:0 a.m.57 views

CVE-2013-5935

Open-Xchange AppSuite (Hazelcast cluster API) is affected in 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16. The root cause is that the Hazelcast-based cluster API does not properly restrict the network interfaces that can receive API calls, and REST/memcache interfaces do not require auth...

4.3CVSS6.3AI score0.01078EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/09/25 10:0 a.m.26 views

CVE-2013-5935

The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote attackers to obtain access by sending network traffic from an unintended...

6.1AI score0.01078EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2013/09/10 12:0 a.m.55 views

Open-Xchange AppSuite 7.2.2 Improper Authentication / Information Disclosure

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28260 Bug ID Vulnerability type: CWE-16: Configuration, CWE-287: Improper Authentication, CWE-200: Information Exposure Vulnerable version: 7.0.0 to 7.2.2 Vulnerable component: backend default configuration Fixed version...

7.5CVSS6.5AI score0.01493EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2013/08/21 5:27 p.m.62 views

Important: Red Hat Security Advisory: mongodb and pymongo security and enhancement update

Updated mongodb and pymongo packages that fix two security issues and add one enhancement are now available for Red Hat Enterprise MRG 2.3 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

6CVSS7.6AI score0.44543EPSS
Exploits9References3
exploitpack
exploitpack
added 2013/03/05 12:0 a.m.29 views

Kaspersky Internet Security 2013 - Denial of Service

Kaspersky Internet Security 2013 - Denial of Service I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any...

7.3AI score
Exploits0
Amazon
Amazon
added 2013/03/02 12:0 a.m.55 views

Medium: dnsmasq

Issue Overview: It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of...

5CVSS8.7AI score0.05028EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.37 views

Scientific Linux Security Update : openldap on SL5.x i386/x86_64

A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the...

4.3CVSS5.5AI score0.03094EPSS
Exploits1References17
The Hacker News
The Hacker News
added 2012/04/18 7:43 p.m.6 views

Security Concern : Internet Enabled TV can be hacked !

Security Concern : Internet Enabled TV can be hacked ! Is your Internet TV vulnerable to hackers? Internet TVs could be the newest avenue for cybercriminals to infiltrate your home or business. Last year, Researchers at Mocana, a security technology company in San Francisco, recently discovered...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2012/04/02 6:2 a.m.17 views

Cloudworm - Candidate MS12-020 - POC

Cloudworm - Candidate MS12-020 - POC How secure are cloud servers? In technical circles, people are aware of the cloud variables and that cloud service providers offload the virtual machine security onto the customer as much as possible. Technical people know this. Not all cloud customers fall...

6.8AI score
Exploits0
Debian
Debian
added 2011/12/05 7:26 p.m.38 views

[SECURITY] [DSA 2358-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

10CVSS10AI score0.96714EPSS
Exploits19
OpenVAS
OpenVAS
added 2011/10/16 12:0 a.m.54 views

Debian: Security Advisory (DSA-2311-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.06277EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/09/28 12:0 a.m.40 views

Debian DSA-2311-1 : openjdk-6 - several vulnerabilities

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java SE platform. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code including applets to...

10CVSS8.2AI score0.06277EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.12 views

Nmap NSE net: snmp-interfaces

Attempts to enumerate network interfaces through SNMP. This script can also be run during Nmap's pre-scanning phase and can attempt to add the SNMP server's interface addresses to the target list. The script argument 'snmp- interfaces.host' is required to know what host to probe. To specify a por...

7.3AI score
Exploits0
Ubuntu
Ubuntu
added 2011/01/06 9:31 p.m.43 views

USN-1037-1: ifupdown update

Under certain circumstances, the DHCP client could start before its AppArmor profile was loaded and therefore run unconfined. This update ensures the AppArmor profile is loaded before DHCP client starts...

5.3AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/05/25 8:41 p.m.68 views

Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

An updated rhev-hypervisor package that fixes two security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS7AI score0.87264EPSS
Exploits24References3
Tenable Nessus
Tenable Nessus
added 2010/05/11 12:0 a.m.54 views

RHEL 5 : openldap (RHSA-2010:0198)

Updated openldap packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

4.3CVSS5.8AI score0.03094EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2010/03/29 12:0 p.m.36 views

Moderate: Red Hat Security Advisory: openldap security and bug fix update

Updated openldap packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

4.3CVSS5.7AI score0.03094EPSS
Exploits1References15
Nmap
Nmap
added 2010/03/05 8:19 p.m.454 views

snmp-interfaces NSE Script

Attempts to enumerate network interfaces through SNMP. This script can also be run during Nmap's pre-scanning phase and can attempt to add the SNMP server's interface addresses to the target list. The script argument snmp-interfaces.host is required to know what host to probe. To specify a port f...

10CVSS9.3AI score0.99448EPSS
Exploits33
Rows per page
Query Builder