Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2010/05/13 12:0 a.m.95 views

VUPEN Security Research - Adobe Shockwave 3D Two Remote Code Execution Vulnerabilities (CVE-2010-1284)

VUPEN Security Research - Adobe Shockwave 3D Two Code Execution Vulnerabilities CVE-2010-1284 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player. These people now have access to some of th...

9.3CVSS9.3AI score0.04011EPSS
Exploits0
securityvulns
securityvulns
added 2010/04/12 12:0 a.m.95 views

VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability

VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "VMware is a provider of virtualization software which runs on Microsoft Windows, Linux, and Mac OS X. VMware's enterprise software,...

9.3CVSS7.3AI score0.0621EPSS
Exploits1
securityvulns
securityvulns
added 2010/04/12 12:0 a.m.95 views

vBulletin 0-day Denial Of Service Exploit

========================================= vBulletin 0-day Denial Of Service Exploit ========================================= The largest Exploit Database in the world ! 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /'...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/04/07 12:0 a.m.95 views

CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323...

4.3CVSS5.7AI score0.04727EPSS
Exploits6
securityvulns
securityvulns
added 2010/01/28 12:0 a.m.95 views

[RT-SA-2010-002] Geo++(R) GNCASTER: Insecure handling of NMEA-data

Advisory: Geo++R GNCASTER: Insecure handling of NMEA-data During a penetration test, RedTeam Pentesting discovered that the GNCaster software does not handle NMEA-data correctly. An attacker that has valid login credentials can use this to crash the server software or potentially execute code on...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2009/12/22 12:0 a.m.95 views

[ MDVSA-2009:337 ] proftpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:337 http://www.mandriva.com/security/ Package : proftpd Date : December 22, 2009 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability has been...

5.8CVSS7.3AI score0.87264EPSS
Exploits14
securityvulns
securityvulns
added 2009/11/11 12:0 a.m.95 views

Microsoft Security Bulletin MS09-065 - Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)

Microsoft Security Bulletin MS09-065 - Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution 969947 Published: November 10, 2009 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities in the...

9.3CVSS1.8AI score0.47489EPSS
Exploits7
securityvulns
securityvulns
added 2009/10/19 12:0 a.m.95 views

Adobe Acrobat / Reader multiple security vulnerabilities

Multiple memory corruptions, array index overflows, etc...

9.3CVSS3.2AI score0.86468EPSS
Exploits22References7Affected Software1
securityvulns
securityvulns
added 2009/10/13 12:0 a.m.95 views

Microsoft Security Bulletin MS09-055 - Critical Cumulative Security Update of ActiveX Kill Bits (973525)

Microsoft Security Bulletin MS09-060 - Critical Vulnerabilities in Microsoft Active Template Library ATL ActiveX Controls for Microsoft Office Could Allow Remote Code Execution 973965 Published: October 13, 2009 Version: 1.0 General Information Executive Summary This security update resolves...

9.3CVSS0.5AI score0.43389EPSS
Exploits7
securityvulns
securityvulns
added 2009/08/11 12:0 a.m.96 views

Microsoft Security Bulletin MS09-039 - Critical Vulnerabilities in WINS Could Allow Remote Code Execution (969883)

Microsoft Security Bulletin MS09-039 - Critical Vulnerabilities in WINS Could Allow Remote Code Execution 969883 Published: August 11, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in the Windows Internet Name Service...

9.3CVSS2.2AI score0.24658EPSS
Exploits2
securityvulns
securityvulns
added 2009/08/08 12:0 a.m.95 views

ZDI-09-052: CA Unicenter Software Delivery dtscore.dll Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-052 August 7, 2009 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates Unicenter S

CA20090806-02: Security Notice for Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, Unicenter Patch Management Issued: August 6, 2009 CA's technical support is alerting customers to a security risk with Unicenter Asset Portfolio Management, Unicenter Desktop and Serv...

4.3CVSS7.2AI score0.75865EPSS
Exploits2
securityvulns
securityvulns
added 2009/07/16 12:0 a.m.95 views

LifeType 1.2.8 Remote File Inclusion Vulnerability

/=============================================================================================================================================== | | o LifeType 1.2.8 Remote File Inclusion Vulnerability | | Software : LifeType 1.2.8 | Vendor : http://lifetype.net/ | Author : Cru3l.b0y | Contact :...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2009/04/10 12:0 a.m.95 views

Windows ZIP folders buffer overflow

Integer overflow in DynaZip DUNZIP32.DLL library on oversized filename in archive...

9.3CVSS4.8AI score0.05664EPSS
Exploits1References7Affected Software5
securityvulns
securityvulns
added 2009/03/10 12:0 a.m.95 views

Microsoft Security Bulletin MS09-007 - Important Vulnerability in SChannel Could Allow Spoofing (960225)

Microsoft Security Bulletin MS09-007 - Important Vulnerability in SChannel Could Allow Spoofing 960225 Published: March 10, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in the Secure Channel SChannel security package in...

7.1CVSS1.4AI score0.15193EPSS
Exploits2
securityvulns
securityvulns
added 2008/12/26 12:0 a.m.95 views

DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection --- Update for BID 32832

Title ----- DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection Severity -------- High Date Discovered --------------- October 14, 2008 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Corey LeBleu and r@b13$ Vulnerability Description...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2008/12/04 12:0 a.m.95 views

VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2008-0019 Synopsis: VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 Issue dat...

7.2CVSS7.2AI score0.04519EPSS
Exploits3
securityvulns
securityvulns
added 2008/08/18 12:0 a.m.95 views

PHP Live Helper <= 2.0.1 Multiple Vulnerabilities

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows the visitors of a website to intera...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2008/07/30 12:0 a.m.95 views

HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability

HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability Ghost Hacker , R-h Team , Real Hack We Will Be Back Soon : Found by : Ghost Hacker - R-H Team - |, .-. .-. ,| My Blog : http://gh0st10.wordpress.com | o/ o | My Email : [email protected] |/ / | Name Script : HIOX Browser...

1.8AI score
Exploits0
securityvulns
securityvulns
added 2008/06/14 12:0 a.m.95 views

[SECURITY] [DSA 1597-1] New mt-daapd packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1597-1 [email protected] http://www.debian.org/security/ Devin Carraway June 12, 2008 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.05592EPSS
Exploits1
securityvulns
securityvulns
added 2008/04/15 12:0 a.m.95 views

Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal

====================================================================== Secunia Research 14/04/2008 - HP OpenView Network Node Manager OpenView5.exe Directory Traversal - ====================================================================== Table of Contents Affected...

5CVSS0.6AI score0.05088EPSS
Exploits1
securityvulns
securityvulns
added 2008/03/12 12:0 a.m.95 views

Microsoft Security Bulletin MS08-016 – Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)

Microsoft Security Bulletin MS08-016 – Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 949030 Published: March 11, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft Office that...

9.3CVSS0.7AI score0.42225EPSS
Exploits5
securityvulns
securityvulns
added 2008/02/06 12:0 a.m.95 views

[security bulletin] HPSBMA02307 SSRT071420 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01321117 Version: 1 HPSBMA02307 SSRT071420 rev.1 - HP OpenView Network Node Manager OV NNM Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as...

7.8CVSS0.4AI score0.04443EPSS
Exploits1
securityvulns
securityvulns
added 2008/02/03 12:0 a.m.95 views

IpSwitch WS_FTPSERVER with SSH remote Buffer Overflow

IpSwitch WSFTPSERVER with SSH remote Buffer Overflow Website:http://www.wsftp.com/products/wsftpserver/ Version:6.1.0.0 last one,others might be vuln too Bug: Remote Buffer Overflow CD 8e8.a78: Access violation - code c0000005 first chance First chance exceptions are reported before any exception...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2007/10/23 12:0 a.m.95 views

Mozilla Foundation Security Advisory 2007-29

Mozilla Foundation Security Advisory 2007-29 Title: Crashes with evidence of memory corruption rv:1.8.1.8 Impact: Critical Announced: October 18, 2007 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.8 Thunderbird 2.0.0.8 SeaMonkey 1.1.5...

4.3CVSS1.4AI score0.0343EPSS
Exploits1
securityvulns
securityvulns
added 2007/10/20 12:0 a.m.95 views

S21SEC-038-en: Alcatel Omnivista 4760 Cross-Site Scripting

S21Sec Advisory - Title: Alcatel Omnivista 4760 Cross-Site Scripting ID: S21SEC-038-en Severity: Medium - History: 10.Jun.2007 Vulnerability discovered 20.Jun.2007 Vendor contacted 19.Oct.2007 Advisory released Authors: Juan de la Fuente Costa [email protected] Pablo Seijo Cajaraville...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2007/08/15 12:0 a.m.95 views

EEYE: VGX.DLL Compressed Content Heap Overflow Vulnerability

VGX.DLL Compressed Content Heap Overflow Vulnerability Release Date: August 14, 2007 Date Reported: October 24, 2006 Severity: High Code Execution Systems Affected: Internet Explorer 6 SP1 - Windows 2000 SP4 Internet Explorer 6 SP1 - Windows XP SP1 Internet Explorer 6 SP2 - Windows XP SP2 Interne...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2007/07/27 12:0 a.m.95 views

IBM AIX utilities multiple security vulnerabilities

Multiple suid root ftp client buffer overflow, dynamic library loading via -R command line argument in pioout, buffer overflow with terminal control sequences in capture...

6.9CVSS3.7AI score0.03496EPSS
Exploits4References3Affected Software1
securityvulns
securityvulns
added 2007/06/19 12:0 a.m.95 views

iG Shop 1.4 eval Inclusion Vulnerability

!/usr/bin/perl -w use LWP::UserAgent; iG Shop 1.4 eval Inclusion Vulnerability found by IFX nyubicrew Vulnerability on page.php if !$action $action = "make"; // here the function will be called. eval "page$action;"; die "Example: perl $0 http://www.planetgolfuk.co.uk/shopn" unless @ARGV; $b =...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/06/01 12:0 a.m.95 views

Mozilla Foundation Security Advisory 2007-13

Mozilla Foundation Security Advisory 2007-13 Title: Persistent Autocomplete Denial of Service Impact: Low Announced: May 30, 2007 Reporter: Marcel Products: Firefox Fixed in: Firefox 2.0.0.4 Firefox 1.5.0.12 Description Marcel reported that a malicious web page could perform a denial of service...

4.3CVSS1AI score0.01798EPSS
Exploits0
securityvulns
securityvulns
added 2007/05/30 12:0 a.m.95 views

Apache httpd vulenrabilities

PSNC Security Team has got the pleasure to announce that, as a result of Apache httpd server ver. 1.3.x, 2.0.x and 2.2.x source code analysis, several vulnerabilities have been found that make it possible to perfom a DoS attack against the services and the system that the application is running o...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/05/07 12:0 a.m.95 views

safari's saved password at risk

I'd like to inform you that safari is prone to a vunlerability that allow a local user to steal safari's saved passwords by using some macosx componenets. More infos about this issue will be made available as soon as apple will provide a fix. I strongly recommend users remove all safari's saved...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2007/05/04 12:0 a.m.95 views

rPSA-2007-0090-1 gimp

rPath Security Advisory: 2007-0090-1 Published: 2007-05-03 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: gimp=/conary.rpath.com@rpl:devel//1/2.2.8-8.3-1 References: https://vulners.com/cve/CVE-2007-2356...

6.8CVSS6.7AI score0.15674EPSS
Exploits1
securityvulns
securityvulns
added 2007/04/06 12:0 a.m.95 views

ACLS ineffective in SQL-Ledger and LedgerSMB

Hi all; I have decided to finally send to this list a serious security flaw in the design of SQL-Ledger all versions. LedgerSMB all versions is also affected but the problem with a workaround has been mentioned in our documentation since the fork. Ordinarily I would not make a big deal out of thi...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/02/05 12:0 a.m.95 views

[SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Potential Denial of Service bug in smbd == CVE ID: CVE-2007-0452 == == Versions: Samba 3.0.6 - 3.0.23d inclusive == == Summary: A logic error in the deferred open code == can le...

6.8CVSS7.2AI score0.0459EPSS
Exploits1
securityvulns
securityvulns
added 2007/01/13 12:0 a.m.95 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.8CVSS1.5AI score0.11044EPSS
Exploits2References5Affected Software4
securityvulns
securityvulns
added 2007/01/12 12:0 a.m.95 views

easy-content filemanager

easy-content filemanager Email: hackerbinhphuoc atyahoo dot com website: http://www.vnsecurity.com ------------------------------------- we can hack web use easy-content filemanager very easy we search with keyword: intitle: easy-content filemanager or inurl: filemanager/Default.asp and we can...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/10 12:0 a.m.95 views

iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability

Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability iDefense Security Advisory 01.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2007 I. BACKGROUND The X Window System is a graphical windowing system based on a client/server model. Mor...

10CVSS0.3AI score0.0339EPSS
Exploits0
securityvulns
securityvulns
added 2006/12/20 12:0 a.m.95 views

Valdersoft Shopping Cart v3.0 (E-Commerce Software)*****[ commonIncludePath ] Remote File Include

Valdersoft Shopping Cart v3.0 E-Commerce Software commonIncludePath Remote File Include +class : Remote File Include Vulnerability +Author : mdx +Files : +/commoninclude/common.php , /include/common.php, /admin/include/common.php +code : + + include $commonIncludePath."common.php" ; + + Exploit :...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2006/12/20 12:0 a.m.95 views

Mozilla Foundation Security Advisory 2006-69

Mozilla Foundation Security Advisory 2006-69 Title: CSS cursor image buffer overflow Windows only Impact: Critical Announced: December 19, 2006 Reporter: Frederik Reiss Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.1 Firefox 1.5.0.9 Thunderbird 1.5.0.9 SeaMonkey 1.0.7...

6.8CVSS1.7AI score0.08288EPSS
Exploits0
securityvulns
securityvulns
added 2006/08/02 12:0 a.m.95 views

[Full-disclosure] Secunia Research: Jetbox Multiple Vulnerabilities

====================================================================== Secunia Research 02/08/2006 - Jetbox Multiple Vulnerabilities - ====================================================================== Table of Contents Affected Software....................................................1...

7.5CVSS0.2AI score0.01722EPSS
Exploits0
securityvulns
securityvulns
added 2006/07/26 12:0 a.m.95 views

[Full-disclosure] Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities Release Date: 2006/07/25 Last Modified: 2006/07/25 Author: Tamriel tamriel at gmx dot net Application: Professional Home Page Tools Login Script Risk: Low Vendor...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/05/03 12:0 a.m.95 views

MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution.

.oOOo. MySQL COMTABLEDUMP .oOOo. Information Leakage and Arbitrary command execution ============================== - Summary: MySQL Server has an information leakage flaw, if a malicious client sends a specific forged packet. Moreover some particular input can crash the server by overwriting the...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/13 12:0 a.m.95 views

[Full-disclosure] URL filter bypass in Fortinet

URL filter bypass in Fortinet Severity: Low Impact: Bypass Fortinet web filter Vulnerabilty type: Design error Affected products: FortiGate v2.8 CVE reference: CAN-2005-3058 Vulnerability Description: ------------------------- It is possible to bypass Fortinet URL blocker by making special HTTP...

7.5CVSS0.03101EPSS
Exploits1
securityvulns
securityvulns
added 2006/01/11 12:0 a.m.95 views

Microsoft Embedded OpenType Font Engine "t2embed" Remote Heap Overflow

/ oh my, bad luck, eEye released the advisory few minutes ago, and I've been researching this bug since about a week, sorry, it's cancelled / NOTE: this is super initial raport, if you expect some more info mail me for the bank account number... Microsoft Embedded OpenType Font Engine "t2embed"...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/12/02 12:0 a.m.95 views

JSE XSS vuln.

JSE XSS vuln. Vuln. dicovered by : r0t Date: 2 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/jse-xss-vuln.html Vendor:http://www.me.lv/jse/index.html affected version:0.9.34 Product Description: Java Search Engine is a server-side search engine program for web sites. Search engin...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/06/30 12:0 a.m.95 views

[EXPL] phpBB Remote PHP Code Execution (viewtopic.php 2)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Exploits0
securityvulns
securityvulns
added 2005/04/21 12:0 a.m.95 views

Annuaire Netref v4.2 [ fwrite php ] vulnerability

Software: annuaire netref version : 4.2 url : http://www.netref.net Risk factor : critical Vendor has been contacted Description: ----------- Netref is a PHP/MySQL-based directory script that supports an unlimited number of categories and links. Many fonctions to manage the links : Fast search...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2005/03/07 12:0 a.m.95 views

wfsections 1.07 advisory

Program: wfsections Verion: 1.07 Bug Type: SQL Injection Bug Discription: ================================= In file class/wfsfiles.php, we can see this function: //START function getAllbyArticle$articleid $db =& Database::getInstance; $table = $db-prefix"wfsfiles"; $ret = array; $sql = "SELECT FR...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2005/02/08 12:0 a.m.95 views

Microsoft Security Bulletin MS05-008 Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)

Microsoft Security Bulletin MS05-008 Vulnerability in Windows Shell Could Allow Remote Code Execution 890047 Issued: February 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

10CVSS0.7AI score0.6349EPSS
Exploits2
securityvulns
securityvulns
added 2004/10/22 12:0 a.m.95 views

Denial of service in LANDesk 8

When connected to a remote machine with LANDesk version 8, and someone connects with, or even telnets to the port of, Remote Desktop 3389, the machine bluescreens, dumps memory, and reboots immediately. I've tested with: Windows 2000 Server, Advanced server SP4 and up Windows 2003 Server Windows ...

3.4AI score
Exploits0
Total number of security vulnerabilities5000