Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2012/03/19 12:0 a.m.100 views

Wolf CMS v0.7.5 - Multiple Web Vulnerabilities

Title: ====== Wolf CMS v0.7.5 - Multiple Web Vulnerabilities Date: ===== 2012-02-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=452 VL-ID: ===== 452 Introduction: ============= Wolf CMS is a content management system and is Free Software published under the GNU...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2011/11/04 12:0 a.m.100 views

Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability Advisory ID: cisco-sa-20111102-srp500 Revision 1.0 For Public Release 2011 November 2 16:00 UTC GMT...

9.3CVSS0.7AI score0.01802EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/02 12:0 a.m.100 views

Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar Advisory ID: cisco-sa-20110601-cnr Revision 1.0 For Public Release 2011 June 01 1600 UTC GMT +---------------------------------------------------------------------...

10CVSS0.9AI score0.03372EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.100 views

CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. These attacks should be conducted on modem owner, which is logged into control panel. Taking into...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/02/08 12:0 a.m.100 views

[SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.3 - - Tomcat 6.0.0 to 6.0.? - - Tomcat 5.5.0 to 5.5.? - - Earlier, unsupported...

1.2CVSS5.3AI score0.01353EPSS
Exploits1
securityvulns
securityvulns
added 2010/12/09 12:0 a.m.100 views

Linux kernel exploit

Hi all, I've included here a proof-of-concept local privilege escalation exploit for Linux. Please read the header for an explanation of what's going on. Without further ado, I present full-nelson.c: Happy hacking, Dan --snip-- / Linux Kernel = 2.6.37 local privilege escalation by Dan Rosenberg...

6.2CVSS0.2AI score0.02655EPSS
Exploits11
securityvulns
securityvulns
added 2010/09/15 12:0 a.m.100 views

Microsoft Security Bulletin MS10-068 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege (983539)

Microsoft Security Bulletin MS10-068 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege 983539 Published: September 14, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability ...

9CVSS1.3AI score0.14361EPSS
Exploits0
securityvulns
securityvulns
added 2010/04/05 12:0 a.m.100 views

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems. It is the underlying technology that powers...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2009/12/23 12:0 a.m.100 views

XSS Vulnerability in JpGraph 3.0.6

XSS Vulnerability in JpGraph 3.0.6 Discovered by Martin Barbella [email protected] Description of Vulnerability: ----------------------------- JpGraph is an object oriented library for PHP that can be used to create various types of graphs which also contains support for client side image...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.100 views

[ONSEC-09-017] Blogolet PHP including

ONSEC-09-017 Blogolet PHP including Цель: Blogolet CMS Тип: PHP инъекция Угроза: Высокая Дата обнаружения: 21.09.2009 Дата оповещения разработчика: 21.09.2009 Дата выхода исправления: 21.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимость существует...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2009/09/09 12:0 a.m.100 views

Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products Advisory ID: cisco-sa-20090908-tcp24 Revision 1.0 For Public Release 2009 September 8 1700 UTC GMT...

7.8CVSS0.4AI score0.32123EPSS
Exploits3
securityvulns
securityvulns
added 2009/08/20 12:0 a.m.100 views

Kaspersky Antivirus DoS

Infinite loop on parsing URL with large number of dots...

2.8AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2009/07/16 12:0 a.m.100 views

[DSECRG-09-031] Oracle BEA Weblogic 10.3 Linked ХSS vulnerability

Digital Security Research Group DSecRG Advisory DSECRG-09-031 http://dsecrg.com/pages/vul/show.php?id=131 Application: Oracle BEA Weblogic 10 Versions Affected: Oracle BEA Weblogic 10 Vendor URL: http://oracle.com Bugs: Linked XSS Vulnerability Exploits: YES Reported: 18.03.2009 Vendor response:...

6AI score
Exploits0
securityvulns
securityvulns
added 2009/06/05 12:0 a.m.100 views

[SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-0783: Apache Tomcat information disclosure vulnerability Severity: low Vendor: The Apache Software Foundation Versions Affected: Tomcat 6.0.0 to 6.0.18 Tomcat 5.5.0 to 5.5.27 Tomcat 4.1.0 to 4.1.39 The unsupported Tomcat 3.x, 4.0.x and 5.0.x...

4.6CVSS5AI score0.00809EPSS
Exploits1
securityvulns
securityvulns
added 2008/12/18 12:0 a.m.100 views

Mozilla Foundation Security Advisory 2008-69

Mozilla Foundation Security Advisory 2008-69 Title: XSS vulnerabilities in SessionStore Impact: Critical Announced: December 16, 2008 Reporter: mozbugra4 Products: Firefox Fixed in: Firefox 3.0.5 Firefox 2.0.0.19 Description Mozilla security researcher mozbugra4 reported vulnerabilities in the...

4.3CVSS0.8AI score0.01784EPSS
Exploits0
securityvulns
securityvulns
added 2008/10/29 12:0 a.m.100 views

Secunia Research: Trend Micro OfficeScan CGI Parsing Buffer Overflows

====================================================================== Secunia Research 22/10/2008 - Trend Micro OfficeScan CGI Parsing Buffer Overflows - ====================================================================== Table of Contents Affected...

10CVSS0.8AI score0.18406EPSS
Exploits6
securityvulns
securityvulns
added 2008/08/04 12:0 a.m.100 views

America's army game server DoS

Invalid assert on network traffic parsing...

4AI score
Exploits0References1
securityvulns
securityvulns
added 2008/05/29 12:0 a.m.100 views

[SECURITY] [DSA 1588-1] New Linux 2.6.18 packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1588-1 [email protected] http://www.debian.org/security/ dann frazier May 27, 2008 http://www.debian.org/security/faq -...

7.8CVSS0.1AI score0.04934EPSS
Exploits3
securityvulns
securityvulns
added 2008/03/11 12:0 a.m.100 views

PHP-Nuke Module NukeC30 sql injection

------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : HouSSaMix from H-T Team = Script : PHP-Nuke Module NukeC30 Module's Name: NukeC30 Module's Version: 3.0 ...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2008/03/04 12:0 a.m.100 views

PHP-Nuke Module "seminar" Local FIle Inclusion

Aria-Security Team Persian Security Network http://Aria-Security.net ----------------------------------------------- Shoutz: AurA, Null, Kinglet, imm02tal And all our staff PHP-Nuke Module "seminar" Local FIle Inclusion Original Advisory: http://forum.aria-security.net/showthread.php?p=1591...

1.9AI score
Exploits0
securityvulns
securityvulns
added 2007/12/05 12:0 a.m.100 views

Blind Sql-Injection in Joomla 1.5 RC3

Thanks to team of Darkc0de.com Blind Sql-Injection in Joomla 1.5 RC3 URL : http://localhost/index.php 1. Parameter = view The following changes were applied to the original request: • Set parameter 'view's value to 'somechars'20+20'article' POC URL :...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/11/05 12:0 a.m.100 views

JBC Explorer <= V7.20 RC 1 Remote Code Execution Exploit

!/usr/bin/php ?php This file require the PhpSploit class. If you want to use this class, the latest version can be downloaded from acid-root.new.fr. errorreportingEALL ^ ENOTICE; require'phpsploitclass.php'; head; if$argc 3 usage; $url = getparam'url', true; $prx = getparam'proxy', false; $pra =...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/06/01 12:0 a.m.100 views

[ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200705-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

10CVSS7.2AI score0.18185EPSS
Exploits0
securityvulns
securityvulns
added 2007/05/19 12:0 a.m.100 views

[CVE-2007-1355] Tomcat documentation XSS vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-1355: Tomcat documentation XSS vulnerabilities Severity: Moderate Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.36 Tomcat 5.0.0 to 5.0.30 Tomcat 5.5.0 to 5.5.23 Tomcat...

4.3CVSS0.5AI score0.58246EPSS
Exploits2
securityvulns
securityvulns
added 2007/05/14 12:0 a.m.100 views

[Full-disclosure] SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities

netVigilance Security Advisory 18 SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities Description: SonicBB is a user-friendly and fully customizable bulletin board package. SonicBB is compatible with any web server/operating system combo with PHP 4.x or higher installed.SonicBB is the...

4.3CVSS6.5AI score0.01595EPSS
Exploits0
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.100 views

Web Slider 0.6(path)Remote File Inclusion Vulnerabilities

Web Slider 0.6pathRemote File Inclusion Vulnerabilities D.Script: http://sourceforge.net/projects/webslider/ Discovered by: GolDM = Mahmoodali Homepage: http://Www.Tryag.Com/cc Exploit:Path/index.php?path=Shell Exploit:Path/modules/pdf.php?path=Shell Exploit:Path/plugins/highlight.php?path=Shell...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/30 12:0 a.m.100 views

PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability

Title : PHPFootball 1.6 show.php Remote Database Disclosure Vulnerability Author : ajann Contact : : S.Page : http://phpfootball.sourceforge.net $$ : Free Dork : inurl:/phpfootball/ DBREAD--------------------------------------------------------- http://target/path//show.php VARIABLES Example:...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2007/01/09 12:0 a.m.100 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.8CVSS1.5AI score0.101EPSS
Exploits4References17Affected Software8
securityvulns
securityvulns
added 2006/12/23 12:0 a.m.100 views

Multiple Oracle application server vulnerabilities

SQL injections, DoS, data modification, crossite scripting, privilege escalation, audit setings modification. Password is passed from JDeveloper to SQLPlus in cleartext. JDeveloper password is stored in cleartext in different XML configuration files. Cleartext FormBuilder password is stored in...

7.5CVSS0.6AI score0.41051EPSS
Exploits4References81Affected Software3
securityvulns
securityvulns
added 2006/11/06 12:0 a.m.100 views

[ECHO_ADV_58_2006]Cyberfolio <=2.0 RC1 $av Remote File Inclusion Vulnerability

----------------------------------------------------------------------------------------------- ECHOADV58$2006Cyberfolio =2.0 RC1 $av Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------------- Author : Dedi Dwianto a.k.a...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2006/10/21 12:0 a.m.100 views

[DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues

------------------------------------------------------------------------ ---- Drupal security advisory DRUPAL-SA-2006-024 ------------------------------------------------------------------------ ---- Project: Drupal core Date: 2006-Oct-18 Security risk: Moderately critical Exploitable from: Remot...

Exploits0
securityvulns
securityvulns
added 2006/09/29 12:0 a.m.100 views

Tagmin C.C 2.1.B Remote File Include

Tagmin C.C 2.1.B Remote File Include +Advisory 3 +LMS 1.12 Sql Injection +Product :Tagmin Control Center 2.1.B +Develop: http://ds3.bbminc.net/tagit2b/ +Dork: inurl:"/tagit2b/" +Vulnerable: Remote File Include +Risk:High +Discovered:by Kernel-32 +Contact: [email protected] +Homepage:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/08/21 12:0 a.m.100 views

K-Meleon Concurrency-related Vulnerability

The newest version of K-Meleon browser is affected to disclosed on Bugtraq recently. When using test link http://lcamtuf.coredump.cx/ffoxdie3.html browser crashed after a delay of some seconds. No user interaction was needed. Affected versions: Vulnerability has been confirmed in K-Meleon 1.0.1 i...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/06/25 12:0 a.m.100 views

SYMSA-2006-005

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-005 Advisory Title: Lanap CAPTCHA bypass exposure Author : Michael White, [email protected] and Graham Murphy, [email protected]...

5CVSS0.5AI score0.01546EPSS
Exploits0
securityvulns
securityvulns
added 2005/06/07 12:0 a.m.100 views

Raknet network library DoS

Endless loop with 100 CPU usage on empty UDP packet...

2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/01/13 12:0 a.m.100 views

Woltlab Burning Book addentry.php SQL Injection

Advisory Information -------------------- Advisory name : Woltlab Burning Book addentry.php SQL Injection Discovered by : drhankey / it-security23.net Vendor Name : Woltlab Vendor Homepage : http://www.woltlab.de Software : Woltlab Burning Book Lite Vulnerability Type : Cross-Site-Scripting...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2004/12/17 12:0 a.m.100 views

iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability

MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability iDEFENSE Security Advisory 12.16.04 http://www.idefense.com/application/poi/display?id=168 December 16, 2004 I. BACKGROUND MPlayer is a movie player for Linux that also runs on many other Unices, and non- x86 CPUs. It plays most MPEG, VOB,...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2000/06/07 12:0 a.m.100 views

Security Bulletin (MS00-039)

Microsoft Security Bulletin MS00-039 - -------------------------------------- Patch Available for "SSL Certificate Validation" Vulnerabilities Originally posted: June 05, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities in Microsoftr Internet...

Exploits0
securityvulns
securityvulns
added 2000/04/03 12:0 a.m.100 views

Security Bulletin (MS00-022)

Patch Available for "XLM Text Macro" Vulnerability Originally Posted: April 03, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Excel. The vulnerability could allow a macro to run without generating the expected security warning. Frequent...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.99 views

[SECURITY] [DSA 3346-1] drupal7 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3346-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini August 31, 2015 https://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.0506EPSS
Exploits0
securityvulns
securityvulns
added 2015/08/31 12:0 a.m.99 views

[USN-2724-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2724-1 August 27, 2015 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

7.2CVSS0.9AI score0.13288EPSS
Exploits1
securityvulns
securityvulns
added 2015/08/17 12:0 a.m.99 views

APPLE-SA-2015-08-13-3 iOS 8.4.1

APPLE-SA-2015-08-13-3 iOS 8.4.1 iOS 8.4.1 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem...

9.3CVSS0.4AI score0.13322EPSS
Exploits5
securityvulns
securityvulns
added 2015/03/18 12:0 a.m.99 views

[USN-2531-1] Requests vulnerability

========================================================================== Ubuntu Security Notice USN-2531-1 March 16, 2015 requests vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS6.7AI score0.03408EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/11 12:0 a.m.99 views

[SECURITY] [DSA 3155-1] postgresql-9.1 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3155-1 [email protected] http://www.debian.org/security/ Luciano Bello February 06, 2015 http://www.debian.org/security/faq -...

1.4AI score0.05533EPSS
Exploits0
securityvulns
securityvulns
added 2014/12/30 12:0 a.m.99 views

[SECURITY] [DSA 3116-1] polarssl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3116-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 30, 2014 http://www.debian.org/security/faq -...

7.8CVSS1.6AI score0.01718EPSS
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.99 views

[ MDVSA-2014:237 ] perl-Mojolicious

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:237 http://www.mandriva.com/en/support/security/ Package : perl-Mojolicious Date : November 28, 2014 Affected: Business Server 1.0 Problem Description: Updated perl-Mojolicious package fixes security...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2014/09/21 12:0 a.m.99 views

Apple Mac OS X / OS X Server multiple security vulnerabilities

Privilege escalation, multiple memory corruptions on different formats parsing, information leakage, DoS, protection bypass, multiple vulnerabilities in 3rd parties components...

10CVSS2.8AI score0.99977EPSS
Exploits31References4Affected Software2
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.99 views

[USN-2311-1] pyCADF vulnerability

========================================================================== Ubuntu Security Notice USN-2311-1 August 11, 2014 python-pycadf vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

5CVSS0.5AI score0.02774EPSS
Exploits0
securityvulns
securityvulns
added 2014/08/11 12:0 a.m.99 views

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java =================================================================== Smack http://www.igniterealtime.org/projects/smack/ is an Open Source XMPP Jabber client library for instant messaging and presence written in Java. Smack prior ...

6.8CVSS0.8AI score0.0123EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/15 12:0 a.m.99 views

[SECURITY] [DSA 2926-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2926-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 12, 2014 http://www.debian.org/security/faq -...

7.2CVSS0.9AI score0.22475EPSS
Exploits14
Total number of security vulnerabilities5000