Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2014/06/17 12:0 a.m.98 views

[oss-security] CVE-2014-3940 - Linux kernel - missing check during hugepage migration

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The scope of CVE-2014-3940 is the https://lkml.org/lkml/2014/3/18/784 post, i.e., "PATCH RESEND -mm 1/2 mm: add !ptepresent check on existing hugetlbentry callbacks" on 18 March. Two notes about this: - Applying the https://lkml.org/lkml/2014/3/18/784...

4CVSS7.5AI score0.00274EPSS
Exploits0
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.98 views

[USN-2218-1] Xalan-Java vulnerability

========================================================================== Ubuntu Security Notice USN-2218-1 May 21, 2014 libxalan2-java vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

7.5CVSS0.2AI score0.13809EPSS
Exploits2
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.98 views

D-Link DSL-500T / DAP 1150 / DAP-1320 multiple security vulnerabilities

Web administration interface crossite request forgery, authentication bypass, directory traversal...

3.1AI score
Exploits0References9
securityvulns
securityvulns
added 2014/06/02 12:0 a.m.98 views

[ MDVSA-2014:097 ] libvirt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:097 http://www.mandriva.com/en/support/security/ Package : libvirt Date : May 16, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in libvirt...

5.8CVSS8.2AI score0.00573EPSS
Exploits0
securityvulns
securityvulns
added 2014/02/28 12:0 a.m.98 views

APPLE-SA-2014-02-25-3 QuickTime 7.7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-3 QuickTime 7.7.5 QuickTime 7.7.5 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Playing a maliciously crafted movie file may lead to an unexpected application...

9.3CVSS0.9AI score0.04107EPSS
Exploits3
securityvulns
securityvulns
added 2014/02/18 12:0 a.m.98 views

[SECURITY] [DSA 2862-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2862-1 [email protected] http://www.debian.org/security/ Michael Gilbert February 16, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.2AI score0.02032EPSS
Exploits9
securityvulns
securityvulns
added 2013/11/26 12:0 a.m.98 views

[SECURITY] [DSA 2802-1] nginx security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2802-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst November 21, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.4AI score0.67718EPSS
Exploits15
securityvulns
securityvulns
added 2013/10/28 12:0 a.m.98 views

[USN-2004-1] python-glanceclient vulnerability

========================================================================== Ubuntu Security Notice USN-2004-1 October 23, 2013 python-glanceclient vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

5.8CVSS0.7AI score0.00986EPSS
Exploits0
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.98 views

[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin

waraxe-2013-SA103 - Multiple Vulnerabilities in phpMyAdmin =============================================================================== Author: Janek Vind "waraxe" Date: 25. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-103.html Description of vulnerable software:...

6.5CVSS0.1AI score0.28851EPSS
Exploits18
securityvulns
securityvulns
added 2013/04/02 12:0 a.m.98 views

[USN-1787-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1787-1 April 02, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.2CVSS6.2AI score0.005EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/04 12:0 a.m.98 views

[SECURITY] [DSA 2613-1] rails security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2613-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 29, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.1AI score0.98582EPSS
Exploits7
securityvulns
securityvulns
added 2012/11/01 12:0 a.m.98 views

SQL Injection Vulnerability in OrangeHRM

Advisory ID: HTB23119 Product: OrangeHRM Vendor: OrangeHRM Inc. Vulnerable Versions: 2.7.1-rc.1 and probably prior Tested Version: 2.7.1-rc.1 Vendor Notification: October 10, 2012 Public Disclosure: October 31, 2012 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2012-5367 CVSSv2 Base...

6CVSS0.1AI score0.0132EPSS
Exploits3
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.98 views

XSS Vulnerabilities in ClipBucket

Information -------------------- Name : XSS Vulnerabilities in ClipBucket Software : ClipBucket 2.6 and possibly below. Vendor Homepage : http://clip-bucket.com Vulnerability Type : Cross-Site Scripting Severity : Critical Researcher : Canberk Bolat Advisory Reference : NS-12-013 Description...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2012/08/13 12:0 a.m.98 views

Social Engine 4 Persistent XSS & Non-Persistent XSS

===================================================== Social Engine 4 Persistent XSS & Non-Persistent XSS ===================================================== :------------------------------------------------------------------------------------------ ---------------------------------------------...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2012/08/13 12:0 a.m.98 views

[USN-1529-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1529-1 August 10, 2012 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.6CVSS0.6AI score0.08738EPSS
Exploits8
securityvulns
securityvulns
added 2012/06/18 12:0 a.m.98 views

Simple Forum PHP 2.1 - SQL Injection Vulnerabilities

Title: ====== Simple Forum PHP 2.1 - SQL Injection Vulnerabilities Date: ===== 2012-06-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=599 VL-ID: ===== 599 Common Vulnerability Scoring System: ==================================== 7.5 Introduction: ============= Simpl...

8.6AI score
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.98 views

ZDI-12-091 : Symantec Web Gateway upload_file Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-091 : Symantec Web Gateway uploadfile Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-091 June 8, 2012 - -- CVE ID: CVE-2012-0299 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Symantec ...

10CVSS0.4AI score0.64061EPSS
Exploits5
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.98 views

GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities

Title: ====== GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=501 VL-ID: ===== 501 Introduction: ============= epesi BIM stands for Business Information Manager. We just did not like the...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2012/02/03 12:0 a.m.98 views

Apache multiple security vulnerabilities

Information leakage, filtering bypass, privilege escalation, DoS...

5CVSS2.3AI score0.90734EPSS
Exploits23References1Affected Software1
securityvulns
securityvulns
added 2012/01/21 12:0 a.m.98 views

[security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03153338 Version: 1 HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be act...

7.8CVSS0.2AI score0.05262EPSS
Exploits0
securityvulns
securityvulns
added 2012/01/21 12:0 a.m.98 views

[SECURITY] [DSA 2389-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2389-1 [email protected] http://www.debian.org/security/ Dann Frazier January 15, 2012 http://www.debian.org/security/faq -...

6.9CVSS0.8AI score0.08793EPSS
Exploits9
securityvulns
securityvulns
added 2012/01/02 12:0 a.m.98 views

lighthttpd security vulnerabilities

DoS on base64 parsing...

5CVSS1.9AI score0.73327EPSS
Exploits12References2Affected Software1
securityvulns
securityvulns
added 2011/10/10 12:0 a.m.98 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Advisory ID: cisco-sa-20111005-fwsm Revision 1.0 For Public Release 2011 October 05 1600 UTC GMT +-------------------------------------------------------------------...

7.9CVSS0.8AI score0.0177EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.98 views

Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Chezola Systems display-section.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://chezolasystems.com/ Persian Gulf 4 Ever! Dork : "Powered by Chezola Systems Canada Inc"...

3AI score
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.98 views

ZDI-11-194: Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability

ZDI-11-194: Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-194 June 14, 2011 -- CVE ID: CVE-2011-1260 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Microsoft -- Affected Products: Microsoft...

9.3CVSS0.5AI score0.60849EPSS
Exploits6
securityvulns
securityvulns
added 2011/03/23 12:0 a.m.98 views

SCADA Trojans: Attacking the Grid + Advantech vulnerabilities

Hi! You can download the slides of the research I was presenting at RootedCon'11 in Madrid "SCADA Trojans: Attacking the grid". A journey into attacking the power grid. I presented: - 0days in Advantech/BroadWin WebAccess SCADA product - Weak Design/Vulnerabilities in CSE-Semaphore TBOX RTUs -...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2011/02/03 12:0 a.m.98 views

HTB22810: SQL Injection in ReOS

Vulnerability ID: HTB22810 Reference: http://www.htbridge.ch/advisory/sqlinjectioninreos3.html Product: ReOS Vendor: IT ELAZOS S.L. http://reos.elazos.com/ Vulnerable Version: 2.0.5 Vendor Notification: 20 January 2011 Vulnerability Type: SQL Injection Risk level: High Credit: High-Tech Bridge SA...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2010/11/24 12:0 a.m.98 views

[eVuln.com] sitename XSS in Hot Links Lite

New eVuln Advisory: sitename XSS in Hot Links Lite Summary: http://evuln.com/vulns/143/summary.html Details: http://evuln.com/vulns/143/description.html -----------Summary----------- eVuln ID: EV0143 Software: Hot Links Lite Vendor: Mrcgiguy Version: 1.0 Critical Level: low Type: Cross Site...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2010/11/20 12:0 a.m.98 views

About the security content of Safari 5.0.3 and Safari 4.1.3

About the security content of Safari 5.0.3 and Safari 4.1.3 Last Modified: November 18, 2010 Article: HT4455 Email this article Print this page Summary This document describes the security content of Safari 5.0.3 and Safari 4.1.3. For the protection of our customers, Apple does not disclose,...

10CVSS0.3AI score0.09691EPSS
Exploits5
securityvulns
securityvulns
added 2010/10/24 12:0 a.m.98 views

The GNU C library dynamic linker expands $ORIGIN in setuid library search path

The GNU C library dynamic linker expands $ORIGIN in setuid library search path ------------------------------------------------------------------------------ Gruezi, This is CVE-2010-3847. The dynamic linker or dynamic loader is responsible for the runtime linking of dynamically linked programs...

7.2CVSS10AI score0.08747EPSS
Exploits22
securityvulns
securityvulns
added 2010/10/23 12:0 a.m.98 views

Mozilla Foundation Security Advisory 2010-70

Mozilla Foundation Security Advisory 2010-70 Title: SSL wildcard certificate matching IP addresses Impact: Moderate Announced: October 19, 2010 Reporter: Richard Moore Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.11 Firefox 3.5.14 Thunderbird 3.1.5 Thunderbird 3.0.9 SeaMonkey...

4.3CVSS0.6AI score0.01096EPSS
Exploits0
securityvulns
securityvulns
added 2010/09/12 12:0 a.m.98 views

Security problems in Zenphoto version 1.3

We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this blog post, we will look into the details of a number of security problems discovered by Acunetix WVS in the popular web gallery applicati...

8AI score
Exploits0
securityvulns
securityvulns
added 2010/06/08 12:0 a.m.98 views

VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability (CVE-2010-1392)

About the security content of Safari 5.0 and Safari 4.1 Last Modified: June 07, 2010 Article: HT4196 Email this article Print this page Summary This document describes the security content of Safari 5.0 and Safari 4.1. For the protection of our customers, Apple does not disclose, discuss, or...

10CVSS0.2AI score0.19016EPSS
Exploits8
securityvulns
securityvulns
added 2009/11/26 12:0 a.m.98 views

dstat privilege escalation

share libraries are searched in the working directory...

4.4CVSS2.4AI score0.0034EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2009/11/09 12:0 a.m.98 views

Apache Tomcat for Windows backdoor account

admin account with empty password is created during installation...

7.5CVSS4.1AI score0.78995EPSS
Exploits10References1Affected Software1
securityvulns
securityvulns
added 2009/10/11 12:0 a.m.98 views

Subrion CMS Multiple Vulnerabilities

---------------------------------------------------------------------- PT-2009-16 Positive Technologies Security Advisory Subrion CMS Multiple Vulnerabilities ---------------------------------------------------------------------- --- Affected Software Subrion CMS Versions prior to 1.1.x Product...

8.4AI score
Exploits0
securityvulns
securityvulns
added 2009/06/29 12:0 a.m.98 views

[Full-disclosure] [ GLSA 200906-02 ] Ruby: Denial of Service

Gentoo Linux Security Advisory GLSA 200906-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

5CVSS9AI score0.08375EPSS
Exploits2
securityvulns
securityvulns
added 2009/02/12 12:0 a.m.98 views

[Suspected Spam][Fwd: Re: Novell-QuickFinder Server Xss & Java remote execution Code]

NULL CODE SERVICES www.nullcode.com.ar Hunting Security Bugs! +================================================================================================================================+ + Novell-QuickFinder Server //Cross-site scripting XSS Remote Java Execution Code +...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.98 views

[waraxe-2009-SA#070] - Multiple Vulnerabilities in MKPortal <= 1.2.1

waraxe-2009-SA070 - Multiple Vulnerabilities in MKPortal = 1.2.1 ============================================================================== Author: Janek Vind "waraxe" Date: 15. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-70.html Description of vulnerable software...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/12/10 12:0 a.m.98 views

Microsoft Security Bulletin MS08-074 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)

Microsoft Security Bulletin MS08-074 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution 959070 Published: December 9, 2008 Version: 1.0 General Information Executive Summary This security update resolves three privately reported vulnerabilities in Microsoft...

9.3CVSS0.3AI score0.27585EPSS
Exploits5
securityvulns
securityvulns
added 2008/12/04 12:0 a.m.98 views

[Full-disclosure] CVE-2008-2086: Java Web Start File Inclusion via System Properties Override

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Java Web Start File Inclusion via System Properties Override Release Date:...

9.3CVSS7.6AI score0.07319EPSS
Exploits1
securityvulns
securityvulns
added 2008/11/12 12:0 a.m.98 views

Microsoft Security Bulletin MS08-069 – Critical Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Microsoft Security Bulletin MS08-069 – Critical Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution 955218 Published: November 11, 2008 Version: 1.0 General Information Executive Summary This security update resolves several vulnerabilities in Microsoft XML Core...

9.3CVSS7.2AI score0.27747EPSS
Exploits8
securityvulns
securityvulns
added 2008/11/10 12:0 a.m.98 views

[USN-666-1] Dovecot vulnerability

=========================================================== Ubuntu Security Notice USN-666-1 November 07, 2008 dovecot vulnerability CVE-2008-4907 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also...

4.3CVSS1.2AI score0.06203EPSS
Exploits0
securityvulns
securityvulns
added 2008/10/14 12:0 a.m.98 views

Telecom Italia Alice Pirelli routers backdoor discoverd to activate telnet/ftp/tftp from internal LAN/WLAN.

saxdax & drpepperONE Discovered embedded backdoor to activate telnet/ftp/tftp/web extended admin interface with Admin privileges, from internal network lan on Alice ADSL CPE Modem/Router, manufactered by Pirelli based on Broadcom platform. saxdax & drpepperONE Router Vendor: Alice Telecom Italia...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2008/07/18 12:0 a.m.98 views

Mozilla Foundation Security Advisory 2008-35

Mozilla Foundation Security Advisory 2008-35 Title: Command-line URLs launch multiple tabs when Firefox not running Impact: Critical Announced: July 15, 2008 Reporter: Billy Rios, Ben Turner, Dan Veditz Products: Firefox Fixed in: Firefox 3.0.1 Firefox 2.0.0.16 Description Security researcher Bil...

2.6CVSS0.3AI score0.02753EPSS
Exploits1
securityvulns
securityvulns
added 2008/07/12 12:0 a.m.98 views

[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1605-1 [email protected] http://www.debian.org/security/ Florian Weimer July 08, 2008 http://www.debian.org/security/faq -...

5CVSS6.6AI score0.95182EPSS
Exploits20
securityvulns
securityvulns
added 2008/07/12 12:0 a.m.98 views

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Advisory ID: cisco-sa-20080708-dns http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml Revision 1.0 For Public Release 2008 July 08 1800 UTC GMT...

5CVSS0.4AI score0.95182EPSS
Exploits20
securityvulns
securityvulns
added 2008/05/30 12:0 a.m.98 views

[Full-disclosure] Opera - heap based buffer overflow (CVE-2007-6521)

============================================ ||| Security Advisory AKLINK-SA-2008-006 ||| ||| CVE-2007-6521 CVE candidate ||| ============================================ Opera - heap-based buffer overflow ================================== Date released: 28.05.2007 Date reported: 05.10.2007...

10CVSS7AI score0.05018EPSS
Exploits1
securityvulns
securityvulns
added 2008/02/16 12:0 a.m.98 views

joomla com_activities sql injection

allinurl :"comactivities" index.php?option=comactivities&Itemid=51&func=detail&id=-1//union//select//0,1,password,3,4,5,6,7,8,9,10,11,12,13,14,15,username//from//mosusers/...

2.3AI score
Exploits0
securityvulns
securityvulns
added 2007/10/24 12:0 a.m.98 views

Bosdev Multiple vulnerabilities

BosMarket Business Directory System http://www.bosdev.com BosMarket Multiple XSS vulnerabilities BosMarket is a craigslist like application that attempts to let users refer other small businesses. The problem is that when you post listings, its a a no holds barred kind of deal. Firstly, One can...

6.2AI score
Exploits0
Total number of security vulnerabilities5000