Lucene search
K

3943 matches found

CISA
CISA
added 2011/11/03 12:0 a.m.11 views

Microsoft Releases November Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows as part of the Microsoft Security Bulletin Summary for November 2011. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges...

7.3AI score
Exploits0References4
NVD
NVD
added 2011/11/02 9:55 p.m.10 views

CVE-2010-5045

Cross-site scripting XSS vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter...

4.3CVSS5.7AI score0.0148EPSS
Exploits1References4
Prion
Prion
added 2011/11/02 9:55 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter...

4.3CVSS6.1AI score0.0148EPSS
Exploits1References4
CVE
CVE
added 2011/11/02 9:0 p.m.40 views

CVE-2010-5045

CVE-2010-5045 is an XSS vulnerability in Smart ASP Survey, specifically in poll/default.asp via the catid parameter. The root cause is lack of input validation/escaping enabling remote script injection. Impact described as script/HTML execution in the victim’s browser; exploitation details (paylo...

4.3CVSS5.9AI score0.0148EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2011/11/02 9:0 p.m.18 views

CVE-2010-5045

Cross-site scripting XSS vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter...

5.7AI score0.0148EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2011/10/27 9:22 p.m.183 views

Microsoft Invents New Way To Measure Online Safety (And Finds That Consumers Stink At It)

Computer users are taking steps to mitigate online security threats, but still only score a paltry 34 out of 100 – a solid “F” – according to a new study by Microsoft. The study, sponsored by Microsoft’s Trustworthy Computing Group TwC, introduces a new metric, the Microsoft Computing Safety Inde...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References4
CISA
CISA
added 2011/10/27 12:0 a.m.17 views

Apple Releases QuickTime 7.7.1

Apple has released QuickTime 7.7.1 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information. US-CERT encourages users and administrators to review Apple Support Article HT5016 a...

7.5AI score
Exploits0References1
CISA
CISA
added 2011/10/26 12:0 a.m.25 views

Cisco Releases Multiple Security Advisories

Cisco has released four security advisories to address vulnerabilities affecting Cisco Unified Contact Center, Cisco WebEx Player, Cisco Security Agent, and Cisco Unified Communication Manager. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information...

7.6AI score
Exploits0References6
CISA
CISA
added 2011/10/25 12:0 a.m.14 views

Google Releases Chrome 15.0.874.102

Google has released Chrome 15.0.874.102 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...

7.7AI score
Exploits0References1
CISA
CISA
added 2011/10/19 12:0 a.m.20 views

Cisco Releases Two Security Advisories

Cisco has released two security advisories to address vulnerabilities affecting CiscoWorks Common Services and Cisco Show and Share. These vulnerabilities may allow an attacker to execute arbitrary code or bypass security restrictions. US-CERT encourages users and administrators to review Cisco...

7.9AI score
Exploits0References2
CISA
CISA
added 2011/10/11 12:0 a.m.13 views

Apple Releases iTunes 10.5

Apple has released iTunes 10.5 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4981 and apply any necessary updates to help...

7.8AI score
Exploits0References1
CISA
CISA
added 2011/10/07 12:0 a.m.13 views

Apache HTTP Server Reverse Proxy Bypass

The Apache Foundation has issued a Security Advisory to address a vulnerability in Apache HTTP Server's reverse proxy mode. Exploitation of this vulnerability may allow a remote attacker to gain access to internal systems. US-CERT encourages users and administrators to review the Apache HTTP Serv...

7.1AI score
Exploits0References2
0day.today
0day.today
added 2011/10/04 12:0 a.m.33 views

LightNEasy 3.4.2 Multiple Vulnerabilities

Exploit for php platform in category web applications ========================================================================= LightNEasy 3.4.2 Multiple Vulnerabilities =========================================================================...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2011/09/30 12:16 p.m.11 views

Social Media Use Tied to Increase in Malware Infections

With the use of social media platforms such as Twitter, Facebook and Google+ becoming more and more prevalent in the enterprise, companies are having to come to grips with additional security concerns that they bring with them. But, according to the results of a new survey of IT and security...

2AI score
Exploits0References2
CISA
CISA
added 2011/09/29 12:0 a.m.115 views

Cisco Releases Security Advisory for Cisco IOS Software Smart Install

Cisco has released a security advisory to address a vulnerability in the Cisco IOS Software Install feature running on Cisco Catalyst Switches. Exploitation of this vulnerability may allow remote code execution by an unauthenticated attacker. US-CERT encourages administrators to review Cisco...

7.7AI score
Exploits0References2
CISA
CISA
added 2011/09/27 12:0 a.m.15 views

SSL/TLS Protocol Vulnerability

US-CERT is aware of a vulnerability affecting the Secure Socket Layer SSL and Transport Layer Security TLS protocols. Exploitation of this vulnerability may allow an attacker to decrypt encrypted SSL/TLS traffic and obtain sensitive information. Microsoft has released Security Advisory 2588513 to...

6.2AI score
Exploits0References3
NVD
NVD
added 2011/09/24 12:55 a.m.15 views

CVE-2011-3774

php Easy Survey Package phpESP 2.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/landing.php and certain other files...

5CVSS6.1AI score0.01242EPSS
Exploits0References4
CVE
CVE
added 2011/09/24 12:0 a.m.41 views

CVE-2011-3774

The CVE-2011-3774 entry affects php Easy Survey Package (phpESP) 2.1.1. The vulnerability is a remote information disclosure where a direct request to certain .php files (e.g., public/landing.php and similar) causes an error message that reveals the installation path. This detail is present in NV...

5CVSS6.3AI score0.01242EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2011/09/22 12:0 a.m.40 views

U.S. Geological Survey Website SQL Injection

Title: ====== U.S. Geological Survey Website - SQL Injection Vulnerability Date: ===== 2011-09-21 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=278 VL-ID: ===== 278 Introduction: ============= The United States Geological Survey USGS is a scientific agency of the Unit...

0.1AI score
Exploits0
CISA
CISA
added 2011/09/21 12:0 a.m.16 views

Adobe Releases Security Advisory for Adobe Flash Player

Adobe has released a security update for Adobe Flash Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, or perform a cross-site scripting attack. Adob...

6.9AI score
Exploits0References2
Rows per page
Query Builder