Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2015/02/02 12:0 a.m.89 views

[USN-2476-1] Oxide vulnerabilities

========================================================================== Ubuntu Security Notice USN-2476-1 January 26, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

7.5CVSS1.9AI score0.04339EPSS
Exploits0
securityvulns
securityvulns
added 2015/01/25 12:0 a.m.89 views

REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability

================================================================================ REWTERZ-20140102 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk Plus User Enumeration Vulnerability Product: ServiceDesk...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2015/01/13 12:0 a.m.89 views

[ MDVSA-2015:020 ] libssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:020 http://www.mandriva.com/en/support/security/ Package : libssh Date : January 12, 2015 Affected: Business Server 1.0 Problem Description: Updated libssh packages fix security vulnerability: Double free...

5CVSS6.1AI score0.05145EPSS
Exploits0
securityvulns
securityvulns
added 2015/01/02 12:0 a.m.89 views

[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability

------------------------------------------------------------------- Osclass = 3.4.2 Search::setJsonAlert SQL Injection Vulnerability ------------------------------------------------------------------- - Software Link: http://osclass.org/ - Affected Versions: Version 3.4.2 and probably prior...

7.5CVSS0.1AI score0.02356EPSS
Exploits2
securityvulns
securityvulns
added 2014/12/23 12:0 a.m.89 views

PHP security vulnerabilities

Use-after-free in unserialize...

10CVSS2.5AI score0.53166EPSS
Exploits8References1Affected Software1
securityvulns
securityvulns
added 2014/12/11 12:0 a.m.89 views

[SECURITY] [DSA 3093-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3093-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 08, 2014 http://www.debian.org/security/faq -...

6.1CVSS0.9AI score0.0523EPSS
Exploits2
securityvulns
securityvulns
added 2014/10/27 12:0 a.m.89 views

OpenBSD <= 5.5 Local Kernel Panic

OpenBSD = 5.5 All architectures is prone to a local DoS condition by triggering a kernel panic through a malformed ELF executable. A patch has been released to address this issue. See "013 Reliability Fix" at: http://www.openbsd.org/errata55.html013kernexec More details and PoC code:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2014/10/14 12:0 a.m.89 views

[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2014-033: SAP Business Warehouse Missing Authorization Check 1. Impact on Business ===================== By exploiting this vulnerability an authenticated attacker will be able to abuse of functionality that should be...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2014/10/05 12:0 a.m.89 views

[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468121 Version: 1 HPSBMU03118 rev....

6.5CVSS0.9AI score0.03133EPSS
Exploits1
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.89 views

Barracuda Networks Firewall / Web Firewall / Spam&Virus Firewall security vulnerabilities

XSS, restrictions bypass...

2.1AI score0.16868EPSS
Exploits2References8Affected Software3
securityvulns
securityvulns
added 2014/08/24 12:0 a.m.89 views

CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3524 OpenOffice Calc Command Injection Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 4.1.0 and older on Windows. OpenOffice.org versions may also be affected. Description: The...

9.3CVSS1.3AI score0.14596EPSS
Exploits0
securityvulns
securityvulns
added 2014/07/22 12:0 a.m.89 views

CVE-2014-4980 Parameter Tampering in Nessus Web UI - Remote Information Disclosure

Product: Nessus Vendor: Tenable Network Security? Version: Nessus 5.2.3-5.2.7 - Web UI 2.3.4 potentially lower Vendor Notified Date: June 24, 2014 Vendor Resolved Date: June 25, 2014 Release Date: July 18, 2014 Risk: Medium Authentication: Not Required Remote: Yes Description: A parameter tamperi...

5CVSS0.4AI score0.017EPSS
Exploits2
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.89 views

FCKedtior 2.6.10 Reflected Cross-Site Scripting (XSS)

Class Cross-Site Scripting Remote Yes Published 2nd June 2014 Credit Robin Bailey of Dionach [email protected] Vulnerable FCKeditor = 2.6.10 FCKeditor is prone to a reflected cross-site scripting XSS vulnerability due to inadequately sanitised user input. An attacker may leverage this issue to ru...

4.3CVSS0.4AI score0.04251EPSS
Exploits2
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.89 views

LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts GmbH - Security Advisory 2014-05-22 === FEX Frams' Fast File EXchange - Multiple Issues - - --------------------------------------------------------------------- Affected Versions ================= FEX Frams' Fast File...

4.3CVSS6.2AI score0.01914EPSS
Exploits5
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.89 views

Public disclosure of Buffer Overflow Dassault Systems

''' Exploit Title: Dassault Systemes Catia V5-6R2013 "CATV5AllApplications" Stack Buffer Overflow Date: 2-18-2014 Exploit Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 &...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2014/03/27 12:0 a.m.89 views

[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2885-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.8AI score0.09264EPSS
Exploits2
securityvulns
securityvulns
added 2014/01/19 12:0 a.m.89 views

Open-Xchange Security Advisory 2014-01-17

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30357 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: 7.4.1 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev29, 7.4.0-rev24,...

4.3CVSS0.4AI score0.01792EPSS
Exploits0
securityvulns
securityvulns
added 2014/01/14 12:0 a.m.89 views

Updated [CVE-2013-6398] CloudStack Virtual Router stop/start modifies firewall rules allowing additional access

Issued: November 27, 2013 Updated: January 10, 2014 CVE-2013-6398 CloudStack Virtual Router stop/start modifies firewall rules allowing additional access Product: Apache CloudStack Vendor: Apache Software Foundation Vulnerability type: Bypass Vulnerable Versions: Apache CloudStack 4.1.0, 4.1.1,...

4.3CVSS1AI score0.04051EPSS
Exploits1
securityvulns
securityvulns
added 2013/11/18 12:0 a.m.89 views

wireshark multiple security vulnerabilities

Vulnerabilities in different protocols dissectors...

5CVSS2.9AI score0.0284EPSS
Exploits2References2Affected Software1
securityvulns
securityvulns
added 2013/11/05 12:0 a.m.89 views

[ MDVSA-2013:258 ] icu

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:258 http://www.mandriva.com/en/support/security/ Package : icu Date : October 28, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated icu packages fix security...

7.5CVSS9.7AI score0.02531EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/28 12:0 a.m.89 views

[USN-2001-1] Swift vulnerability

========================================================================== Ubuntu Security Notice USN-2001-1 October 23, 2013 swift vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4CVSS0.9AI score0.01661EPSS
Exploits1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.89 views

HP ProCurve Manager, HP Identity Driven Manager multiple security vulnerabilities

Code execution, session reusage, SQL injection...

10CVSS2.1AI score0.79003EPSS
Exploits21References1Affected Software2
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.89 views

Update: Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials

Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware 1.05.12 N900C Firmware 1.06.18 N900C Firmware 1.06.28 CVE...

4.3CVSS6.7AI score0.04555EPSS
Exploits5
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.89 views

Voice Logger astTECS - bypass login & arbitrary file download

Author: Michal Blaszczak Website: http://blaszczakm.blogspot.com Project: hack voip - http://blaszczakm.blogspot.com/search/label/hack20voip Date: 16.07.2013 Voice Logger - VoIP software for Call Center 1 bypass login login: admin' or 1='1 password: admin line: 168 file: managerlogin.server.php 2...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/06/17 12:0 a.m.89 views

[slackware-security] php (SSA:2013-161-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security php SSA:2013-161-01 New php packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

5CVSS6.8AI score0.06748EPSS
Exploits1
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.89 views

[ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9

============================================= INTERNET SECURITY AUDITORS ALERT 2013-012 - Original release date: March 19th, 2013 - Last revised: April 6th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 5/10 CVSS Base Score - CVE-ID: CVE-2013-2631...

5.4AI score0.01755EPSS
Exploits2
securityvulns
securityvulns
added 2013/04/15 12:0 a.m.89 views

[SECURITY] [DSA 2659-1] libapache-mod-security security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2659-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 09, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.8AI score0.04208EPSS
Exploits1
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.89 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.06977EPSS
Exploits10References13Affected Software10
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.89 views

Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin

Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS6.2AI score0.04546EPSS
Exploits3
securityvulns
securityvulns
added 2013/01/21 12:0 a.m.89 views

0-day vulnerability in Oracle Java is used to install maliscious software

Applet can grant permissions to itself...

10CVSS2.1AI score0.97612EPSS
Exploits38References3Affected Software2
securityvulns
securityvulns
added 2013/01/10 12:0 a.m.89 views

Chrome for Android - Cookie theft from Chrome by malicious Android app

CVE Number: CVE-2012-4909 Title: Chrome for Android - Cookie theft from Chrome by malicious Android app Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: Symbolic links can be...

4.3CVSS0.1AI score0.02147EPSS
Exploits1
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.89 views

SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass

SEC Consult Vulnerability Lab Security Advisory 20121017-0 ======================================================================= title: ModSecurity multipart/invalid part ruleset bypass product: ModSecurity vulnerable version: = 2.6.8 fixed version: 2.7.0 CVE number: - impact: Depends what you...

7AI score
Exploits0
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.89 views

[USN-1552-1] OpenStack Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-1552-1 September 03, 2012 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

4.9CVSS0.9AI score0.0248EPSS
Exploits1
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.90 views

Dr. Web Control Center Admin UI Remote Script Code Injection

Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300 Product/Company Information...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/08/13 12:0 a.m.89 views

Dir2web3 Mutiple Vulnerabilities

Title: ====== Dir2web3 Multiple Vulnerabilities Date: ===== 05/08/2012 Author: ======= Daniel Correa http://www.sinfocol.org/ Vulnerable software: ==================== Dir2web v3.0 http://www.dir2web.it/ CVE: ==== CVE-2012-4069 CVE-2012-4070 Details: ======== There are two vulnerabilities...

7.5CVSS0.7AI score0.01186EPSS
Exploits2
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.89 views

Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability

Title: ====== Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Date: ===== 2012-05-29 References: =========== http://www.blackboard.com/Platforms/Learn/Overview.aspx VL-ID: ===== 580 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/07/11 12:0 a.m.89 views

[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability

CVE-2012-2138 : Apache Sling denial of service vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: org.apache.sling.servlets.post bundle up to 2.1.0 Description: The @CopyFrom operation of the Sling POST servlet allows for copying a parent node to one of it...

5CVSS0.7AI score0.14122EPSS
Exploits3
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.89 views

[DCA-2011-0016] - Tufin SecureTrack Cross Site Script

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Tufin SecureTrack Vendor Product Description - Features powerful tools to track changes, analyze device configurations, optimize rule bases, and more on leading vendor firewalls, routers, switches...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2012/04/02 12:0 a.m.89 views

[SECURITY] [DSA 2443-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2443-1 [email protected] http://www.debian.org/security/ Dann Frazier March 26, 2012 http://www.debian.org/security/faq -...

7.2CVSS1.3AI score0.03431EPSS
Exploits8
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.89 views

Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities

Title: ====== Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities Date: ===== 2012-03-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=228 VL-ID: ===== 228 Introduction: ============= Einfach, schnell und zukunftssicher! Die ideale Losung, um Ihre...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.89 views

Kongreg8 1.7.3 Mutiple XSS

Exploit Title: Kongreg8 1.7.3 Mutiple XSS Date: 02/24/12 Author: G13 Software Link: https://sourceforge.net/projects/kongreg8/ Version: 1.7.3 Category: webapps php Vulnerability Kongreg8 1.7.3 has multiple XSS vulnerabilites. These vulnerabilities are in the Add Member and Add Group functions...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.89 views

CSRF (Cross-Site Request Forgery) in DClassifieds

Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...

Exploits0
securityvulns
securityvulns
added 2011/12/04 12:0 a.m.89 views

[ MDVSA-2011:178 ] glibc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:178 http://www.mandriva.com/security/ Package : glibc Date : November 25, 2011 Affected: 2010.1, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was discovered and fixed in glibc: Multipl...

10CVSS9.2AI score0.14323EPSS
Exploits25
securityvulns
securityvulns
added 2011/10/24 12:0 a.m.89 views

[security bulletin] HPSBMU02716 SSRT100651 rev.1 - HP Data Protector Notebook Extension, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03058866Version: 1 HPSBMU02716 SSRT100651 rev.1 - HP Data Protector Notebook Extension, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon a...

10CVSS1AI score0.1169EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/20 12:0 a.m.89 views

[Onapsis Security Advisory 2011-016] SAP WebAS Malicious SAP Shortcut Generation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-016: SAP WebAS Malicious SAP Shortcut Generation This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforeha...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.89 views

ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability

ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-276 August 23, 2011 -- CVE ID: CVE-2011-2140 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Flash...

10CVSS0.7AI score0.82258EPSS
Exploits15
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.89 views

APPLE-SA-2011-08-03-1 QuickTime 7.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-08-03-1 QuickTime 7.7 QuickTime 7.7 is now available and addresses the following: QuickTime Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted pict file may...

9.3CVSS1.1AI score0.05084EPSS
Exploits2
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.89 views

WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability WOC Consulting searchresult.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.woc-consulting.com/ Persian Gulf 4 Ever! Dork : "Powered by WOC Consulting Canada"...

3.3AI score
Exploits0
securityvulns
securityvulns
added 2011/07/26 12:0 a.m.89 views

PHP-Barcode 0.3pl1 Remote Code Execution

PHP-Barcode 0.3pl1 Remote Code Execution ================================= The input passed to the code parameter is not sanitized and is used on a popen function. This allows remote command execution and also allows to see environment vars: Windows...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2011/07/11 12:0 a.m.89 views

Arbitrary files deletion in HP OpenView Communication Broker

Luigi Auriemma Application: HP OpenView Communication Broker http://www8.hp.com/us/en/software/enterprise-software.html Versions: ovbbccb.exe = 11.0.43.0 Platforms: Windows, Linux, Solaris, HP-UX, AIX Bug: arbitrary files deletion Exploitation: remote, versus server Date: 27 Jun 2011 found 01 Jun...

1.7AI score
Exploits0
Total number of security vulnerabilities5000