Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2006/02/16 12:0 a.m.145 views

XMB Forums Multiple Vulnerabilities

GulfTech Security Research February 12, 2006 Vendor : XMB Software URL : http://www.xmbforum.com/ Version : XMB Forums = 1.9.3 Risk : Multiple Vulnerabilities Description: XMB Forums is a popular forum software written in php and mysql that allows you to open up your own online community or...

Exploits0
securityvulns
securityvulns
added 2002/08/12 12:0 a.m.145 views

Apache 2.0 vulnerability affects non-Unix platforms

-----BEGIN PGP SIGNED MESSAGE----- For Immediate Disclosure =============== SUMMARY ================ Title: Apache 2.0 vulnerability affects non-Unix platforms Date: 9th August 2002 Revision: 2 Product Name: Apache HTTP server 2.0 OS/Platform: Windows, OS2, Netware Permanent URL:...

7.5CVSS0.7AI score0.69698EPSS
Exploits0
securityvulns
securityvulns
added 2001/05/26 12:0 a.m.145 views

WFTPD 32-bit (X86) 3.00 R5 Directory Traversal / Buffer Overflow / DoS

WFTPD 32-bit X86 3.00 R5 Directory Traversal / Buffer Overflow / DoS AFFECTED SYSTEMS WFTPD 32-bit X86 version 3.00 R5 on Windows 95 / 98 / SE / ME is vulnerable to a directory traversal, all versions of windows are likely to be vulnerable to the buffer overflow / DoS DESCRIPTION 1 Directory...

Exploits0
securityvulns
securityvulns
added 2015/10/11 12:0 a.m.144 views

[USN-2757-1] Oxide vulnerabilities

========================================================================== Ubuntu Security Notice USN-2757-1 October 05, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

7.5CVSS0.2AI score0.01757EPSS
Exploits2
securityvulns
securityvulns
added 2015/08/17 12:0 a.m.144 views

Cisco Unified Communications Manager Multiple Vulnerabilities (VP2015-001)

Vantage Point Security Advisory 2015-001 ======================================== Title: Cisco Unified Communications Manager Multiple Vulnerabilities Vendor: Cisco Vendor URL: http://www.cisco.com/ Versions affected: 9.2, 10.5.2, 11.0.1. Severity: Low to medium Vendor notified: Yes Reported: Oct...

10CVSS1.2AI score0.99999EPSS
Exploits130
securityvulns
securityvulns
added 2015/07/19 12:0 a.m.144 views

Adobe Flash Player multiple security vulnerabilities

Multiple memory corruptions, buffer overflows, information disclosure...

10CVSS2.1AI score0.99344EPSS
Exploits11Affected Software1
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.144 views

[ MDVSA-2015:186 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:186 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : March 31, 2015 Affected: Business Server 1.0 Problem Description: A vulnerability has been discovered and corrected in phpmyadmin:...

5CVSS6.4AI score0.03263EPSS
Exploits0
securityvulns
securityvulns
added 2014/07/14 12:0 a.m.144 views

[USN-2276-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2276-1 July 09, 2014 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

7.5CVSS0.8AI score0.30128EPSS
Exploits6
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.144 views

DNN (DotNetNuke®) ASPSlideshow Module Arbitrary File Download Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNN DotNetNuke® ASPSlideshow Module Arbitrary File Download Vulnerability Author : alieye vendor : http://www.mediaant.com/ , http://store.dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork:...

2.4AI score
Exploits0
securityvulns
securityvulns
added 2014/05/10 12:0 a.m.144 views

Сross-Site Request Forgery (CSRF) in TAO

Advisory ID: HTB23211 Product: TAO Vendor: Open Assessment Technologies S.A. Vulnerable Versions: 2.5.6 and probably prior Tested Version: 2.5.6 Advisory Publication: April 16, 2014 without technical details Vendor Notification: April 16, 2014 Public Disclosure: May 7, 2014 Vulnerability Type:...

6.8CVSS0.2AI score0.012EPSS
Exploits1
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.144 views

Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk

Deutsche Telekom CERT Advisory DTC-A-20140324-002 update140328 Summary: Several vulnerabilities were found in checkmk version 1.2.2p2. Update to original advisory: Corrected: vulnerability 5 and 6 not 4 and 5 are currently not fixed. The vulnerabilities are: 1 - Reflected Cross-Site Scripting XSS...

8.5CVSS0.1AI score0.02068EPSS
Exploits4
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.144 views

[ MDVSA-2013:212 ] otrs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:212 http://www.mandriva.com/en/support/security/ Package : otrs Date : August 13, 2013 Affected: Business Server 1.0 Problem Description: Updated otrs package fixes security vulnerability: It was discovered...

8.9AI score0.01322EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.144 views

[PSA-2013-0813-1] Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0813-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Oracle...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.144 views

[SECURITY] [DSA 2504-1] libspring-2.5-java security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2504-1 [email protected] http://www.debian.org/security/ Florian Weimer June 28, 2012 http://www.debian.org/security/faq -...

7.5CVSS1AI score0.11779EPSS
Exploits1
securityvulns
securityvulns
added 2011/11/27 12:0 a.m.144 views

OWASP Academy Portal - FREE OWASP TOP 10 security challenges with Hacking-Lab Scripting Vulnerabilities

The OWASP Academy-Portal is proud to announce the first free online OWASP TOP 10 security lab based on Hacking-Lab.com! Hacking-Lab is supporting the OWASP mission and made their online training environment available for OWASP on free-to-use basis! The Hacking-Lab is not just a common "hackme"...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/11/06 12:0 a.m.144 views

eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities

---------------------------------------------------------------- eFront = 3.6.10 build 11944 Multiple Security Vulnerabilities ---------------------------------------------------------------- author.............: EgiX mail...............: n0b0d13satgmaildotcom software link......:...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.144 views

python security vulnerabilities

Source code leakage in CGIHTTPServer, local files acces in urllib...

6.4CVSS1.5AI score0.04266EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/05/08 12:0 a.m.144 views

HTB22968: XSS in PHP Directory Listing Script

Vulnerability ID: HTB22968 Reference: http://www.htbridge.ch/advisory/xssinphpdirectorylistingscript.html Product: PHP Directory Listing Script Vendor: http://www.evoluted.net http://www.evoluted.net Vulnerable Version: 3.1 Vendor Notification: 21 April 2011 Vulnerability Type: XSS Cross Site...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.144 views

[SECURITY] [DSA 2206-1] New mahara packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 2206-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2011 http://www.debian.org/security/faq -...

5.8CVSS1.4AI score0.019EPSS
Exploits1
securityvulns
securityvulns
added 2009/07/16 12:0 a.m.144 views

MULTIPLE ARBITRARY INFORMATION DISCLOSURE AND EDITION --ILIAS LMS <= 3.10.7/3.9.9-->

-------------------------------------------------------------------------------------- MULTIPLE ARBITRARY INFORMATION DISCLOSURE AND EDITION --ILIAS LMS = 3.10.7/3.9.9-- -------------------------------------------------------------------------------------- CMS INFORMATION: --WEB:...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2008/07/03 12:0 a.m.144 views

Mozilla Foundation Security Advisory 2008-31

Mozilla Foundation Security Advisory 2008-31 Title: Peer-trusted certs can use alt names to spoof Impact: Moderate Announced: July 1, 2008 Reporter: John G. Myers Products: Firefox 2, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.15 SeaMonkey 1.1.10 Description Mozilla developer John G. Myers...

4CVSS0.5AI score0.0124EPSS
Exploits1
securityvulns
securityvulns
added 2007/04/24 12:0 a.m.144 views

claroline <= Multiple Remote File Include Vulnerablitiy

claroline = Multiple Remote File Include Vulnerablitiy D.Script: http://www.e-learningone.it/softwarefree/e-learning/claroline175.zip Discovered by: MoHaNdKo-=-=- [email protected] Homepage: http://www.MoHaNdKo.cOm Exploit:Path/claroline/inc/lib/rootSys=Shell Greetz To: Tryag-Team & AsbMay's Gro...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/02/26 12:0 a.m.144 views

Few unreported vulnerabilities by SehaTo

Hello lists, SehaTo sehato at yandex ru reported few vulnerabilities in different Windows applications. Original messages in Russian may be found at http://securityvulns.com/source16446.html 1. Microsoft Windows Explorer corrupted WMF vulnerability...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/03/06 12:0 a.m.144 views

[SA19098] DVguestbook "dv_gbook.php" Cross-Site Scripting Vulnerability

TITLE: DVguestbook "dvgbook.php" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA19098 VERIFY ADVISORY: http://secunia.com/advisories/19098/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: DVguestbook 1.x http://secunia.com/product/8572/ DESCRIPTION:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.144 views

Sakki's guestbook V.1.01 script injection vulnerability.

This advisory can be found at www.blacktigerz.org. Description: Easy to manage and configure asp powered guestbook. Works with MS Access database or without it. Vendor: http://www.sakki.net Vulnerability: gb.asp neglects filtering user input allowing for script injection to the guestbook via "nam...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2002/12/17 12:0 a.m.144 views

PHP-Nuke 6.0 : Path Disclosure & Cross Site Scripting

Informations : °°°°°°°°°°°°°° Product : PHP-Nuke Version : 6.0 Website : http://www.phpnuke.org Problems : - Path Disclosure - XSS Developpement : °°°°°°°°°°°°°°° The majority of the PHPNuke's files are includes in modules.php or index.php. To prevent the direct access, PHPNuke made two kinds of...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/10/10 12:0 a.m.144 views

Flood ACK packets cause AIX DoS

--------------------------------------------------------------------------- Title: Flood ACK packets cause AIX DoS. Released: 9th Oct 2002 --------------------------------------------------------------------------- Vulnerable: =========== - AIX version 4.3.3 with any ML - AIX 5 Overview: ========...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2015/03/16 12:0 a.m.143 views

ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities CVE Identifier: CVE-2015-0235, CVE-2015-0524, CVE-2015-0525 Severity Rating: CVSSv2 Base Score: See below for individual scores for each CVE Affected...

10CVSS1.8AI score0.94859EPSS
Exploits34
securityvulns
securityvulns
added 2014/05/02 12:0 a.m.143 views

[security bulletin] HPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04271396 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04271396 Version: 1 HPSBMU03030 rev....

5CVSS0.3AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.143 views

Path Traversal in DeWeS Web Server (Twilight CMS)

Advisory ID: HTB23167 Product: DeWeS web server Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 0.4.2 and probably prior Tested Version: 0.4.2 Vendor Notification: July 24, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Path Traversal CWE-22 CVE Reference:...

5CVSS0.04111EPSS
Exploits5
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.143 views

DoS and XSS vulnerabilities in Googlemaps plugin for Joomla

Hello 3APA3A! Earlier I wrote about multiple vulnerabilities in Googlemaps plugin for Joomla http://securityvulns.ru/docs29645.html. After my informing, the developer fixed these vulnerabilities in versions 2.19 and 3.1 of the plugin - by removing proxy functionality. And in version 3.2 of the...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.143 views

[security bulletin] HPSBMU02900 rev.2 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03839862 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03839862 Version: 2 HPSBMU02900 rev....

7.5CVSS1AI score0.73327EPSS
Exploits27
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.143 views

Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites

Title: ====== Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites Date: ===== 2012-10-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=710 VL-ID: ===== 710 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/11/27 12:0 a.m.143 views

wordpress Lanoba Social Plugin Xss Vulnerabilities

a bug in wordpress Lanoba Social Plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. Islamic Republic Of Iran Security Team Www.IrIsT.Ir wordpress Lanoba Social Plugin Xss Vulnerabilities Download......: wordpress.org/extend/plugins/lanoba-social-plugin/...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/02/15 12:0 a.m.143 views

R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities

R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities February 7, 2011 -- Vulnerability Details: The Accellion File Transfer Appliance, prior to version FTA80562, suffers from a number of security flaws that can lead to a remote root compromise. 1. Message Routing Daemon Default...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2010/07/17 12:0 a.m.143 views

python security vulnerabilities

Buffer overflow in audioop.lin2lin, memory corruption in audioop.reverse...

5CVSS3.6AI score0.14643EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2009/07/16 12:0 a.m.143 views

[DSECRG-09-025] Oracle Secure Enterprise Search 10.1.8 Linked XSS vulnerability

Digital Security Research Group DSecRG Advisory DSECRG-09-025 http://dsecrg.com/pages/vul/show.php?id=125 Application: Oracle Secure Enterprise Search SES Versions Affected: Oracle Secure Enterprise Search SES version 10.1.8.2.0 Vendor URL: http://www.oracle.com Bugs: XSS Exploits: YES Reported:...

4.3CVSS5.1AI score0.40079EPSS
Exploits1
securityvulns
securityvulns
added 2009/04/10 12:0 a.m.143 views

Exjune Guestbook v2 Remote Database Disclosure Exploit

!/usr/bin/perl By AlpHaNiX NullArea.Net alphaathacker.bz Made in Tunisia script : Exjune Guestbook v2 download : http://www.exjune.com/downloads/downloads/exJuneguestbook.asp Vulnerable : database path : /admin/exdb.mdb Real Life Example : OOO OOO OO OO OO OO O O O O O O O OO OO O O O O OO OOO OO...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2009/04/03 12:0 a.m.143 views

Remote access vulnerability using File Thingie v2.5.4

============================================================ !vuln File Thingie v2.5.4 Previous versions may also be affected. ============================================================ ============================================================ !risk Low There are currently just a few website...

1AI score
Exploits0
securityvulns
securityvulns
added 2009/03/19 12:0 a.m.143 views

[ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability

ECHOADV107$2009 ----------------------------------------------------------------------------------------- ECHOADV107$2009 FubarForum = 1.6 Critical File Disclosure Vulnerability ----------------------------------------------------------------------------------------- Author : K-159 Date : March, ...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2008/09/29 12:0 a.m.143 views

Cross Site Scripting (XSS) Vulnerabilitiy in flatpress 0.804, CVE-2008-4120

Cross Site Scripting XSS Vulnerabilitiy in flatpress 0.804, CVE-2008-4120 References http://www.datensalat.eu/fabian/cve/CVE-2008-4120-flatpress.html https://vulners.com/cve/CVE-2008-4120 http://www.flatpress.org/ Description FlatPress is an open-source standard-compliant multi-lingual extensible...

4.3CVSS5.9AI score0.01758EPSS
Exploits1
securityvulns
securityvulns
added 2007/11/27 12:0 a.m.143 views

Mozilla Foundation Security Advisory 2007-37

Mozilla Foundation Security Advisory 2007-37 Title: jar: URI scheme XSS hazard Impact: High Announced: November 26, 2007 Reporter: Jesse Ruderman, Petko D. Petkov, beford.org Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.10 SeaMonkey 1.1.7 Description The jar: URI scheme was introduced as ...

4.3CVSS5.4AI score0.02712EPSS
Exploits0
securityvulns
securityvulns
added 2007/06/12 12:0 a.m.143 views

Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566)

Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer 933566 Published: June 12, 2007 Version: 1.0 General Information Executive Summary This critical security update resolves five privately reported vulnerabilities and one publicly disclosed...

9.3CVSS1.2AI score0.60841EPSS
Exploits6
securityvulns
securityvulns
added 2000/08/31 12:0 a.m.143 views

[COVERT-2000-10] Windows NetBIOS Unsolicited Cache Corruption

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Network Associates, Inc. COVERT Labs Security Advisory August 29, 2000 Windows NetBIOS Unsolicited Cache Corruption COVERT-2000-10 o Synopsis The Microsoft Windows implementation of the NetBIOS cache allows a remote attacker to insert and flush dynami...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2015/10/05 12:0 a.m.142 views

APPLE-SA-2015-09-16-1 iOS 9

APPLE-SA-2015-09-16-1 iOS 9 iOS 9 is now available and addresses the following: Apple Pay Available for: iPhone 6, iPad mini 3, and iPad Air 2 Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: The transaction log...

10CVSS0.1AI score0.2447EPSS
Exploits6
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.142 views

[SYSS-2015-041] XSS in OpenText Secure MFT

Advisory ID: SYSS-2015-041 Product: Secure MFT Vendor: OpenText Affected Versions: 2013 R1, 2014 R1, 2014 R2 Tested Versions: 2014 R2 SP4 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2015-08-05 Solution Date: 2015-08-14 Public...

5.8AI score
Exploits0
securityvulns
securityvulns
added 2015/07/27 12:0 a.m.142 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.20829EPSS
Exploits25References17Affected Software11
securityvulns
securityvulns
added 2015/05/10 12:0 a.m.142 views

[SYSS-2015-019] BullGuard Antivirus - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-019 Product: BullGuard Antivirus Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solution...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.142 views

BookFresh - Persistent Clients Invite Vulnerability

Document Title: =============== BookFresh - Persistent Clients Invite Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1351 Release Date: ============= 2014-10-28 Vulnerability Laboratory ID VL-ID: ==================================== 1351...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2014/01/08 12:0 a.m.142 views

[SECURITY] [DSA 2832-1] memcached security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2832-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 01, 2014 http://www.debian.org/security/faq -...

5CVSS2.1AI score0.22317EPSS
Exploits4
Total number of security vulnerabilities5000