Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2012/09/24 12:0 a.m.171 views

APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address the following: Apache Available for: Mac OS X...

10CVSS0.5AI score0.99998EPSS
Exploits80
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.171 views

SMF Board v2.0.2 - Multiple Web Vulnerabilities

Title: ====== SMF Board v2.0.2 - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=596 VL-ID: ===== 624 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: ============= Simple...

Exploits0
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.171 views

OSI Security: CheckPoint Firewall VPN - Information Disclosure

CheckPoint Firewall VPN1 - Information Disclosure Vulnerability http://www.osisecurity.com.au/advisories/checkpoint-firewall-securemote-hostname-information-disclosure Note: this is essentially a feature, but thought it may be useful for pen testers when deciding which system to attack. Release...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/10/24 12:0 a.m.171 views

Multiple vulnerabilities in Pretty Link WordPress Plugin

Vulnerability ID: HTB23049 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinprettylinkwordpressplugin.html Product: Pretty Link WordPress Plugin Vendor: Caseproof http://blairwilliams.com/ Vulnerable Version: 1.4.56 and probably prior Tested Version: 1.4.56 Vendor Notification...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/02/03 12:0 a.m.171 views

Aruba Mobility Controller - multiple advisories: DoS and authentication bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ADVISORY NUMBER 013111 Advisory 1: TITLE Malformed 802.11 Probe Request frame causes Denial of Service condition on an Access Point. SUMMARY A Denial of Service DoS vulnerability was discovered during standard bug reporting procedures. A malformed...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2010/06/14 12:0 a.m.171 views

[advisory] httpd Timeout detection flaw (mod_proxy_http) CVE-2010-2068

Vulnerability; httpd Timeout detection flaw modproxyhttp CVE-2010-2068 Classification; important Description; A timeout detection flaw in the httpd modproxyhttp module causes proxied response to be sent as the response to a different request, and potentially served to a different client, from the...

5CVSS0.5AI score0.16002EPSS
Exploits2
securityvulns
securityvulns
added 2010/06/09 12:0 a.m.171 views

Microsoft Security Bulletin MS10-040 - Important Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)

Microsoft Security Bulletin MS10-040 - Important Vulnerability in Internet Information Services Could Allow Remote Code Execution 982666 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Internet...

8.5CVSS0.6AI score0.28208EPSS
Exploits0
securityvulns
securityvulns
added 2009/08/07 12:0 a.m.171 views

Mozilla Foundation Security Advisory 2009-42

Mozilla Foundation Security Advisory 2009-42 Title: Compromise of SSL-protected communication Impact: Critical Announced: August 1, 2009 Reporter: Dan Kaminsky Products: Firefox, Thunderbird, SeaMonkey, NSS Fixed in: Firefox 3.5 NSS 3.12.3 Description IOActive security researcher Dan Kaminsky...

6.8CVSS1.4AI score0.05741EPSS
Exploits4
securityvulns
securityvulns
added 2006/01/30 12:0 a.m.171 views

[Full-disclosure] Cross Site Cooking

Why, yes, I came up with the name, and had to find some bugs to be able to post this. Summary ------- There are three fairly interesting flaws in how HTTP cookies were designed and later implemented in various browsers; these shortcomings make it possible and alarmingly easy for malicious sites t...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2015/01/02 12:0 a.m.170 views

[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability

----------------------------------------------------------------------------- Mantis Bug Tracker = 1.2.17 ImportXml.php PHP Code Injection Vulnerability ----------------------------------------------------------------------------- - Software Link: http://www.mantisbt.org/ - Affected Versions: All...

7.5CVSS0.3AI score0.50561EPSS
Exploits8
securityvulns
securityvulns
added 2014/05/15 12:0 a.m.170 views

ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability

ESA-2014-005.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-005: EMC Documentum Foundation Services DFS Content Access Vulnerability EMC Identifier: ESA-2014-005 CVE Identifier: CVE-2014-0622 Severity Rating: CVSS v2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C Affected products: • EMC DF...

9CVSS0.5AI score0.02992EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.170 views

SQL Injection in AdRotate

Advisory ID: HTB23201 Product: AdRotate Vendor: AJdG Solutions Vulnerable Versions: 3.9.4 and probably prior Tested Version: 3.9.4 Advisory Publication: January 30, 2014 without technical details Vendor Notification: January 30, 2014 Vendor Patch: January 31, 2014 Public Disclosure: February 20,...

7.5CVSS0.2AI score0.05412EPSS
Exploits7
securityvulns
securityvulns
added 2014/05/01 12:0 a.m.170 views

[security bulletin] HPSBMU03023 rev.1 - HP BladeSystem c-Class Virtual Connect Support Utility (VCSU) running OpenSSL on Linux and Windows, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04264271 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04264271 Version: 1 HPSBMU03023 rev....

5CVSS0.7AI score0.99999EPSS
Exploits88
securityvulns
securityvulns
added 2014/02/03 12:0 a.m.170 views

Code Execution vulnerability in Contact Form 7 for WordPress

Hello 3APA3A! I want to inform you about vulnerability in Contact Form 7 plugin for WordPress. This is Code Execution via Arbitrary File Uploading vulnerability. ------------------------- Affected products: ------------------------- Vulnerable are Contact Form 7 3.5.2 and previous versions. After...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.170 views

Exploit for stealing admin's account in Question2Answer

Hello! Here is exploit for stealing admin's account in Question2Answer. This exploit uses Cross-Site Request Forgery vulnerability at http://site/account and Insufficient Anti-automation vulnerabilities at http://site/forgot and http://site/reset, which I've described in the second advisory about...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/05 12:0 a.m.170 views

CWM (dettaglio-prodotto.asp?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability CWM dettaglio-prodotto.asp?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.cynaskyweb.it/ Persian Gulf 4 Ever! Dork : "Powered by CWM" "inurl:dettaglio-prodotto.asp?id...

3.8AI score
Exploits0
securityvulns
securityvulns
added 2008/03/26 12:0 a.m.170 views

Aztech ADSL2/2+ 4 Port remote root

http://www.aztech.com cat versions VERSION=3.7.0 BUILD=070426 BOARD=AR7RD FSSTAMP=20070426171252 Example: $ lynx "http://192.168.0.5/cgi-bin/script?system20&20whoami" --source root $ lynx "http://192.168.0.5/cgi-bin/script?system20&20ls /" --source bin dev etc lib proc sbin usr var var.tar $...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2005/08/31 12:0 a.m.170 views

AutoLinks Pro 2.1

NewAngels Advisory 1 AutoLinks Pro 2.1 - Remote File Include Vulnerability ============================================================================= Software: AutoLinks Pro Version: 2.1 Type: Remote PHP File Include Vulnerability Risc: High Date: 16.08.05 Vendor: ScriptsCenter Page:...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2004/07/05 12:0 a.m.170 views

[Full-Disclosure] XSS in 12Planet Chat Server 2.9

Donato Ferrante Application: 12Planet Chat Server http://www.12planet.com Version: 2.9 Bug: cross site scripting Date: 05-Jul-2004 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.169 views

Apple watchOS security vulnerabilities

Information disclosure, memory corruptions, multiple vulnerabilities in different libraries...

10CVSS2AI score0.2447EPSS
Exploits7References2Affected Software1
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.169 views

OpenSSH resreictions bypass

It's possible to bypass MaxAuthTries restrictions...

8.5CVSS2AI score0.09302EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.169 views

Microsoft Windows multiple security vulnerabilities

OLE code execution, Internet Explorer multiple vulnerabilities, Schannel code execution, XML Core Services code execution, TCP/IP privilege escalation, Windows Audio Service privilege escalation, .NET Framework privilege escalation, RDP restrictions bypass, IIS restrictions bypass, IME privilege...

10CVSS3.4AI score0.95988EPSS
Exploits66References2Affected Software1
securityvulns
securityvulns
added 2015/03/18 12:0 a.m.169 views

libmagic / file / fileinfo / PHP security vulnerabilities

Vulnerabilities in ELF parsing...

7.5CVSS3.1AI score0.05926EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/07/10 12:0 a.m.169 views

VUPEN Security Research - Oracle Java Preloader Click-2-Play Warning Bypass Vulnerability

VUPEN Security Research - Oracle Java Applet Preloader Click-2-Play Warning Bypass Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Java is the foundation for virtually every type of networked application and is the global standa...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/04/08 12:0 a.m.169 views

Authentication bypass on Netgear WNR1000

Authentication bypass on Netgear WNR1000 ======================================== ADVISORY INFORMATION Title: Authentication bypass on Netgear WNR1000 Discovery date: 10/11/2012 Release date: 29/03/2013 Credits: Roberto Paleari [email protected], twitter: @rpaleari VULNERABILITY INFORMATION...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.169 views

[security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03179046 Version: 1 HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as...

10CVSS0.8AI score0.0867EPSS
Exploits0
securityvulns
securityvulns
added 2010/12/12 12:0 a.m.169 views

www.eVuln.com : HTTP Response Splitting in WWWThreads (php version)

www.eVuln.com advisory: HTTP Response Splitting in WWWThreads php version Summary: http://evuln.com/vulns/156/summary.html Details: http://evuln.com/vulns/156/description.html -----------Summary----------- eVuln ID: EV0156 Software: n/a Vendor: WWWThreads Version: 2006.11.25 Critical Level: low...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/11/25 12:0 a.m.169 views

Aria-Security.net: CoolShot E-Lite POS 1.0

Aria-Security Team http://aria-security.net ------------------------------------- CoolShot E-Lite POS 1.0 http://coolshot.net/index.php/works/49-e-lite-pos Original Advisory @ http://aria-security.net/forum/showthread.php?p=1108post1108 Published on November 24 2007 users.userid users.username...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2007/01/12 12:0 a.m.169 views

Title : VP-ASP Shopping Cart 6.09 Remote Multiple Vulnerabilities

Title : VP-ASP Shopping Cart 6.09 Remote Multiple Vulnerabilities Author : ajann Contact : : S.Page : http://www.vpasp.com $$ : $49.00 - $350.00 - $495.00 SQL--------------------------------------------------------- http://target/path//shopgiftregsearch.asp?LoginLastname=SQL Example:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2006/09/20 12:0 a.m.169 views

Pie Cart Pro => (Home_Path) Remote File Inclusion Exploit

==================================================================== Pie Cart Pro = HomePath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz http://www.doodlebabies.com/...

Exploits0
securityvulns
securityvulns
added 2006/08/10 12:0 a.m.169 views

PhpwCMS 1.2.6 <= Multiple Remote file inclusion vulnerabilities

PhpwCMS 1.2.6 = Multiple Remote file inclusion vulnerabilities Discovered by : |/| . .. | || ||| | | Vuln In : include $spawroot.'class/lang.class.php'; Affected Files : include/incext/spaw/dialogs/table.php include/incext/spaw/dialogs/a.php include/incext/spaw/dialogs/colorpicker.php...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2005/04/13 12:0 a.m.169 views

SQL Injection in Oracle Forms

SQL Injection in Oracle Forms V1.00 © 2005 by Red-Database-Security GmbH 1/5 Summary: All Oracle Forms applications are vulnerable against SQL Injection by default. Oracle Applications =11.5.9 is not affected due to the default setting value “FORMSxxRESTRICTENTERQUERY = TRUE”. About Oracle Forms:...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2015/04/09 12:0 a.m.168 views

APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address the following: Admin Framework Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A process may gain...

10CVSS0.5AI score0.98685EPSS
Exploits60
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.168 views

Open-Xchange Security Advisory 2013-04-17

Open-Xchange Security Advisory multiple vulnerabilities Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been discovered and fixed. The vendor has chosen a responsible full disclosure method to publish security issue details. Users of the software have already been provided...

5CVSS6.4AI score0.01046EPSS
Exploits0
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.168 views

TEMENOS T24 R07.03 Reflected Cross-Site Scripting

TEMENOS T24 R07.03 reflected cross-site scripting Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: TEMENOS T24 R07.03 TEMENOS T24 is prone to a reflected cross-site scripting vulnerability because it...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.168 views

Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Muzedon dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered By Muzedon.com" "inurl:dettaglio.php?id=" Exploite:...

4.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.168 views

Web Fusion Nepal (tour.php?category) XSS Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD XSS Vulnerability Web Fusion Nepal tour.php?category AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://webfusion.com.np/ Persian Gulf 4 Ever! Dork : "Powered by: Web Fusion Nepal" "inurl:tour.php?category="...

2.7AI score
Exploits0
securityvulns
securityvulns
added 2006/11/22 12:0 a.m.168 views

PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability

PhotoCart 3.9 adminprint.php Remote File Include Vulnerability Script site: http://www.picturespro.com/store/programs/129-photocart.html Dork : inurl :/PhotoCart/ Bug Found By : irvian GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid Special greetz: patihack hitamputih nyubicrew bug fou...

1AI score
Exploits0
securityvulns
securityvulns
added 2006/09/29 12:0 a.m.168 views

UBB.threads Multiple input validation error

Hello,, UBB.threads Multiple input validation error Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on Version 6 6.5.1.1 and other versions maybe affected Remote File including :...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2004/09/17 12:0 a.m.168 views

wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities

Westpoint Security Advisory --------------------------- Title: Multiple Browser Cookie Injection Vulnerabilities Risk Rating: Low Software: Multiple Web Browsers Platforms: Unix and Windows Author: Paul Johnston [email protected] assisted by Richard Moore [email protected] Date: 15...

7.5CVSS6.8AI score0.17183EPSS
Exploits1
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.167 views

audiofile memory corruption

Crash on audiofiles processing...

3.1AI score0.08802EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/02/22 12:0 a.m.167 views

Cosmoshop - XSS on Admin-Login Mask

author: l0om page: l0om.org date: 14.02.2015 Cosmoshop is a simple webshop designed for the german market. There is a simple XSS flaw at the admin-login panel in probably all cosmoshop versions. The admin login can be found at http://www.shop-site.de/cgi-bin/cosmoshop/admin/index.cgi This page wi...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.167 views

[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper

Hello, Cross Site Scripting XSS vulnerability exists in videowhisper module for Drupal 7. Vendor Notification: 22, Oct 2014 Vulnerable file: drupal/modules/videowhisper/vwrooms/js/jsor-jcarousel/examples/specialtextscroller.php POC:...

1.9AI score0.01276EPSS
Exploits2
securityvulns
securityvulns
added 2014/05/02 12:0 a.m.167 views

[security bulletin] HPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04268240 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04268240 Version: 1 HPSBMU03029 rev....

5CVSS0.5AI score0.99999EPSS
Exploits88
securityvulns
securityvulns
added 2013/11/26 12:0 a.m.167 views

[SECURITY] [DSA 2797-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2797-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 16, 2013 http://www.debian.org/security/faq -...

10CVSS0.7AI score0.10117EPSS
Exploits4
securityvulns
securityvulns
added 2012/07/16 12:0 a.m.167 views

security advisory: AirDroid 1.0.4 beta

Dear Sir or Madam, we'd like to publish the following advisory. Thanks in advance. TC-SA-2012-02: Several weaknesses in implementation of security features in AirDroid 1.0.4 beta Published: 2012/07/12 Advisory-Version: 1.0 Affected products: AirDroid 1.0.4 beta References: TC-SA-2012-02...

7.5CVSS6.5AI score0.01431EPSS
Exploits5
securityvulns
securityvulns
added 2010/07/15 12:0 a.m.167 views

Cross-Site Scripting vulnerabilities in SimpGB

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting persistent XSS уязвимостях в SimpGB. Ранее я уже сообщал о других уязвимостях в SimpGB http://securityvulns.ru/news/CGI/2009.11.19.html. XSS: Это Persistent XSS в трёх функционалах веб приложения. POST запрос на страницах:...

5.8AI score
Exploits0
securityvulns
securityvulns
added 2009/06/01 12:0 a.m.167 views

MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -->

---------------------------------------------------------------------------------- MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -- ---------------------------------------------------------------------------------- CMS INFORMATION: --WEB: http://www.onlinegrades.org...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2008/01/02 12:0 a.m.167 views

MODx CMS Source code disclosure, local file inclusion

WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: quote...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/04/02 12:0 a.m.167 views

phpBB Module Forum picture and META tags 1.7 File Include Vulnerability

Exploitname: phpBB Module Forum picture and META tags 1.7 File Include Vulnerability Vendor: http://www.rfnnet.nl/downloads/phpbb/MODForumpictureandMETAtags.zip Founder: bd0rk Contact: bd0rkathackermail.com Greetings: str0ke, TheJT, Lu7k, CodeR Vulnerable in MODforumfieldsparse.php:...

0.3AI score
Exploits0
Total number of security vulnerabilities5000