Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2000/12/02 12:0 a.m.89 views

Security Bulletin MS00-092

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------ Issue: Buffer overrun...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2000/09/20 12:0 a.m.89 views

Cisco PIX Firewall (smtp content filtering hack)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 How to escape "fixup smtp" of Cisco Pix Firewall: The Cisco Pix Firewall normally restrict some protocol commandhttp,ftp,smtp and manage multisession protocolh323, ftp,sqlnet . I made some test on a BSDI3.0 running sendmail9 placed in the dmz . The Pi...

7AI score
Exploits0
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.88 views

CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin

Vulnerability title: SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin CVE: CVE-2015-7319 Vendor: WordPress DWBooster Product: Appointment Booking Calendar Affected version: 1.1.7 Fixed version: 1.1.8 Reported by: Ibйria Medeiros Vulnerability Details: ===================== It...

7.5CVSS1.9AI score0.02433EPSS
Exploits1
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.88 views

[SECURITY] [DSA 3373-1] owncloud security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3373-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 18, 2015 https://www.debian.org/security/faq...

10CVSS3.2AI score0.2482EPSS
Exploits0
securityvulns
securityvulns
added 2015/06/13 12:0 a.m.88 views

PHP multiple security vulnerabilities

NULL character injection, DoS, integer overflow, memory corruption...

7.5CVSS2.9AI score0.50129EPSS
Exploits4References2Affected Software1
securityvulns
securityvulns
added 2015/06/01 12:0 a.m.88 views

[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04594015 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04594015 Version: 1 HPSBGN03286 rev....

10CVSS0.3AI score0.10867EPSS
Exploits0
securityvulns
securityvulns
added 2015/05/25 12:0 a.m.88 views

[SECURITY] [DSA 3270-1] postgresql-9.4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3270-1 [email protected] http://www.debian.org/security/ Christoph Berg May 22, 2015 http://www.debian.org/security/faq -...

4.3CVSS0.4AI score0.08565EPSS
Exploits0
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.88 views

Reflected Cross-Site Scripting vulnerability in asdoc generated documentation

------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in asdoc generated documentation ------------------------------------------------------------------------ Radjnies Bhansingh, March 2014...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2015/01/13 12:0 a.m.88 views

[ MDVSA-2015:002 ] pcre

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:002 http://www.mandriva.com/en/support/security/ Package : pcre Date : January 5, 2015 Affected: Business Server 1.0 Problem Description: Updated pcre packages fix security vulnerability: A flaw was found in...

5CVSS8.5AI score0.06505EPSS
Exploits0
securityvulns
securityvulns
added 2015/01/13 12:0 a.m.88 views

[ MDVSA-2015:020 ] libssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:020 http://www.mandriva.com/en/support/security/ Package : libssh Date : January 12, 2015 Affected: Business Server 1.0 Problem Description: Updated libssh packages fix security vulnerability: Double free...

5CVSS6.1AI score0.05145EPSS
Exploits0
securityvulns
securityvulns
added 2014/12/22 12:0 a.m.88 views

Cross-Site Scripting (XSS) in Revive Adserver

Advisory ID: HTB23242 Product: Revive Adserver Vendor: http://www.revive-adserver.com/ Vulnerable Versions: 3.0.5 and probably prior Tested Version: 3.0.5 Advisory Publication: November 12, 2014 without technical details Vendor Notification: November 12, 2014 Vendor Patch: December 17, 2014 Publi...

4.3CVSS0.1AI score0.02309EPSS
Exploits3
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.88 views

[Appcheck-NG] Unpatched Vulnerabilities in Magento E-Commerce Platform

On April 8th 2014, AppCheck reported several Cross Site Scripting Vulnerabilities in the Magento e-commerce platform via the eBay bug bounty program. eBay responded to inform us that the vulnerabilities had already been reported. However, since more than 6 months have passed and no fix is yet...

Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.88 views

CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go...

7.5CVSS7.1AI score0.33391EPSS
Exploits5
securityvulns
securityvulns
added 2014/10/27 12:0 a.m.88 views

OpenBSD <= 5.5 Local Kernel Panic

OpenBSD = 5.5 All architectures is prone to a local DoS condition by triggering a kernel panic through a malformed ELF executable. A patch has been released to address this issue. See "013 Reliability Fix" at: http://www.openbsd.org/errata55.html013kernexec More details and PoC code:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.88 views

[ MDVSA-2014:145 ] php-ZendFramework

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:145 http://www.mandriva.com/en/support/security/ Package : php-ZendFramework Date : July 31, 2014 Affected: Business Server 1.0 Problem Description: A vulnerability has been found and corrected in...

7.5CVSS9.8AI score0.02313EPSS
Exploits0
securityvulns
securityvulns
added 2014/10/05 12:0 a.m.88 views

[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468121 Version: 1 HPSBMU03118 rev....

6.5CVSS0.9AI score0.03133EPSS
Exploits1
securityvulns
securityvulns
added 2014/07/21 12:0 a.m.88 views

VUPEN Security Research - Microsoft Internet Explorer "ShowSaveFileDialog()" Sandbox Bypass (Pwn2Own 2014)

VUPEN Security Research - Microsoft Internet Explorer "ShowSaveFileDialog" Protected Mode Sandbox Bypass Pwn2Own 2014 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and...

7.5CVSS6.2AI score0.22996EPSS
Exploits0
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.88 views

Public disclosure of Buffer Overflow Dassault Systems

''' Exploit Title: Dassault Systemes Catia V5-6R2013 "CATV5AllApplications" Stack Buffer Overflow Date: 2-18-2014 Exploit Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 &...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2014/04/01 12:0 a.m.88 views

PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I. Advisory Summary Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft Phone Date Published: March 30, 2014 Vendors contacted: Heiko Sommerfeldt, PhonerLite author Discovered by: Jason Ostrom Severity: Medium II. Vulnerability...

7.1AI score0.01684EPSS
Exploits6
securityvulns
securityvulns
added 2014/03/27 12:0 a.m.88 views

[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2885-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.8AI score0.09264EPSS
Exploits2
securityvulns
securityvulns
added 2014/03/24 12:0 a.m.88 views

[ MDVSA-2014:066 ] nss

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:066 http://www.mandriva.com/en/support/security/ Package : nss Date : March 20, 2014 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in mozilla NSS: In a...

4.3CVSS7.8AI score0.01767EPSS
Exploits2
securityvulns
securityvulns
added 2014/02/11 12:0 a.m.88 views

Security advisory, LedgerSMB 1.3.0-1.3.36

Security Advisory: LedgerSMB 1.3.36, Improper Logout on Some Browsers Severity: Low cvssv2 base score: 3.6, total 0.5 Remotely Exploitable: No Complexity of Attack: High Impact: Relatively low. Prerequisite for Attack: Physical Access to Previously Logged In Browser, so high complexity in most...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2014/02/11 12:0 a.m.88 views

AlienVault OSSIM SQL Injection vulnerability

INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products 4. Vulnerability 5. Solution 6. Credit 7. Disclosure Timeline 1. BACKGROUND --------------------------------------- OSSIM by AlienVault is an Open Source Security Information and Event Management SIEM...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2014/01/19 12:0 a.m.88 views

Open-Xchange Security Advisory 2014-01-17

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30357 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: 7.4.1 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev29, 7.4.0-rev24,...

4.3CVSS0.4AI score0.01792EPSS
Exploits0
securityvulns
securityvulns
added 2014/01/13 12:0 a.m.88 views

[CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)

Hello List, Here I inform you about an easily exploitable CSRF discovered in Conceptronic cameras CIPCAMPTIWL. General Details Affected Product: Conceptronic camera CIPCAMPTIWL Tested Firmware: 21.37.2.49 Tested Web UI Firmware: 0.61.4.18 Assigned CVE: CVE-2013-7204 CVSSv2 Base Score: 5.8...

6.8CVSS0.10595EPSS
Exploits5
securityvulns
securityvulns
added 2014/01/09 12:0 a.m.88 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.56255EPSS
Exploits60References33Affected Software24
securityvulns
securityvulns
added 2013/12/23 12:0 a.m.88 views

[SECURITY] [DSA 2822-1] xorg-server security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2822-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 18, 2013 http://www.debian.org/security/faq -...

5CVSS2.8AI score0.02879EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/28 12:0 a.m.88 views

[USN-2001-1] Swift vulnerability

========================================================================== Ubuntu Security Notice USN-2001-1 October 23, 2013 swift vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4CVSS0.9AI score0.01661EPSS
Exploits1
securityvulns
securityvulns
added 2013/10/28 12:0 a.m.88 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.12169EPSS
Exploits14References13Affected Software10
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.88 views

CakePHP AssetDispatcher Local File Inclusion Vulnerability

CVE Number: N/A not assigned Title: CakePHP AssetDispatcher Local File Inclusion Vulnerability Affected Software: Confirmed on CakePHP v2.3.7, v2.2.8 prior versions may also be affected Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.8 & 2.2.9 was released which...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.88 views

Update: Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials

Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware 1.05.12 N900C Firmware 1.06.18 N900C Firmware 1.06.28 CVE...

4.3CVSS6.7AI score0.04555EPSS
Exploits5
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.88 views

[ MDVSA-2013:160 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:160 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : May 3, 2013 Affected: Business Server 1.0 Problem Description: Updated phpmyadmin package fixes security vulnerabilities: In some...

6CVSS6.3AI score0.28851EPSS
Exploits16
securityvulns
securityvulns
added 2013/03/24 12:0 a.m.88 views

[ MDVSA-2013:022 ] openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:022 http://www.mandriva.com/en/support/security/ Package : openssh Date : March 13, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in openssh:...

5CVSS6.7AI score0.1651EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.88 views

Alt-N MDaemon Email Body HTML/JS Injection Vulnerability

============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: HTML/JS Injection Remot...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.88 views

Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin

Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS6.2AI score0.04546EPSS
Exploits3
securityvulns
securityvulns
added 2013/01/21 12:0 a.m.88 views

0-day vulnerability in Oracle Java is used to install maliscious software

Applet can grant permissions to itself...

10CVSS2.1AI score0.97612EPSS
Exploits38References3Affected Software2
securityvulns
securityvulns
added 2013/01/10 12:0 a.m.88 views

Chrome for Android - Cookie theft from Chrome by malicious Android app

CVE Number: CVE-2012-4909 Title: Chrome for Android - Cookie theft from Chrome by malicious Android app Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: Symbolic links can be...

4.3CVSS0.1AI score0.02147EPSS
Exploits1
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.88 views

[USN-1632-1] Django vulnerability

========================================================================== Ubuntu Security Notice USN-1632-1 November 15, 2012 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

6.4CVSS0.4AI score0.03635EPSS
Exploits1
securityvulns
securityvulns
added 2012/11/02 12:0 a.m.88 views

Nth Dimension Security Advisory (NDSA20121010)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20121010 Date: 10th October 2012 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Konqueror 4.7.3 http://konqueror.kde.org/ Vendor: KDE...

9.3CVSS8.8AI score0.12599EPSS
Exploits10
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.88 views

[USN-1552-1] OpenStack Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-1552-1 September 03, 2012 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

4.9CVSS0.9AI score0.0248EPSS
Exploits1
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.89 views

Dr. Web Control Center Admin UI Remote Script Code Injection

Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300 Product/Company Information...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.88 views

Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities

Title: ====== Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities Date: ===== 2012-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=659 VL-ID: ===== 659 Common Vulnerability Scoring System: ==================================== 8.3 Introduction:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.88 views

Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability

Title: ====== Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Date: ===== 2012-05-29 References: =========== http://www.blackboard.com/Platforms/Learn/Overview.aspx VL-ID: ===== 580 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/07/11 12:0 a.m.88 views

BookNux 0.2 <= Multiple Vulnerabilities

BookNux 0.2 = Multiple Vulnerabilities Discovered by: Jean Pascal Pereira [email protected] Vendor information: "Commentics is a free, advanced PHP comment script with many features. Professionally written and with open source code, its main aims are to be integrable, customizable and secure."...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/07/11 12:0 a.m.88 views

[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability

CVE-2012-2138 : Apache Sling denial of service vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: org.apache.sling.servlets.post bundle up to 2.1.0 Description: The @CopyFrom operation of the Sling POST servlet allows for copying a parent node to one of it...

5CVSS0.7AI score0.14122EPSS
Exploits3
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.88 views

ZDI-12-093 : (Pwn2Own) Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-093 : Pwn2Own Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-093 June 12, 2012 - -- CVE ID: CVE-2012-1876 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - --...

9.3CVSS0.3AI score0.64962EPSS
Exploits27
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.88 views

[SECURITY] [DSA 2414-1] fex security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2413-1 [email protected] http://www.debian.org/security/ Nico Golde February 21, 2012 http://www.debian.org/security/faq -...

4.3CVSS1.9AI score0.04852EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.88 views

CSRF (Cross-Site Request Forgery) in DClassifieds

Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...

Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.88 views

[SECURITY] [DSA 2407-1] cvs security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2407-1 [email protected] http://www.debian.org/security/ Florian Weimer February 09, 2012 http://www.debian.org/security/faq -...

10CVSS3.5AI score0.08396EPSS
Exploits0
securityvulns
securityvulns
added 2012/01/09 12:0 a.m.88 views

OpenKM 5.1.7 Privilege Escalation

COMPASS SECURITY ADVISORY http://www.csnc.ch/ ID: COMPASS-2012-001 Product: OpenKM Document Management System 5.1.7 1 Vendor: OpenKM http://www.openkm.com/ Subject: Privilege Escalation, Improper Access Control Risk: High Effect: Remotely exploitable Author: Cyrill Brunschwiler...

0.9AI score
Exploits0
Total number of security vulnerabilities5000