Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
•added 2015/06/13 12:0 a.m.•88 views

PHP multiple security vulnerabilities

NULL character injection, DoS, integer overflow, memory corruption...

7.5CVSS2.9AI score0.50129EPSS
Exploits4References2Affected Software1
securityvulns
securityvulns
•added 2015/06/01 12:0 a.m.•88 views

[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04594015 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04594015 Version: 1 HPSBGN03286 rev....

10CVSS0.3AI score0.10867EPSS
Exploits0
securityvulns
securityvulns
•added 2015/05/12 12:0 a.m.•88 views

Reflected Cross-Site Scripting vulnerability in asdoc generated documentation

------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in asdoc generated documentation ------------------------------------------------------------------------ Radjnies Bhansingh, March 2014...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2015/01/13 12:0 a.m.•88 views

[ MDVSA-2015:002 ] pcre

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:002 http://www.mandriva.com/en/support/security/ Package : pcre Date : January 5, 2015 Affected: Business Server 1.0 Problem Description: Updated pcre packages fix security vulnerability: A flaw was found in...

5CVSS8.5AI score0.06505EPSS
Exploits0
securityvulns
securityvulns
•added 2014/12/01 12:0 a.m.•88 views

[Appcheck-NG] Unpatched Vulnerabilities in Magento E-Commerce Platform

On April 8th 2014, AppCheck reported several Cross Site Scripting Vulnerabilities in the Magento e-commerce platform via the eBay bug bounty program. eBay responded to inform us that the vulnerabilities had already been reported. However, since more than 6 months have passed and no fix is yet...

Exploits0
securityvulns
securityvulns
•added 2014/12/01 12:0 a.m.•88 views

CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go...

7.5CVSS7.1AI score0.33391EPSS
Exploits5
securityvulns
securityvulns
•added 2014/10/27 12:0 a.m.•88 views

OpenBSD <= 5.5 Local Kernel Panic

OpenBSD = 5.5 All architectures is prone to a local DoS condition by triggering a kernel panic through a malformed ELF executable. A patch has been released to address this issue. See "013 Reliability Fix" at: http://www.openbsd.org/errata55.html013kernexec More details and PoC code:...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2014/10/15 12:0 a.m.•88 views

[ MDVSA-2014:145 ] php-ZendFramework

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:145 http://www.mandriva.com/en/support/security/ Package : php-ZendFramework Date : July 31, 2014 Affected: Business Server 1.0 Problem Description: A vulnerability has been found and corrected in...

7.5CVSS9.8AI score0.02313EPSS
Exploits0
securityvulns
securityvulns
•added 2014/10/15 12:0 a.m.•88 views

Improper Access Control in ArticleFR

Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...

0.7AI score0.14484EPSS
Exploits5
securityvulns
securityvulns
•added 2014/10/05 12:0 a.m.•88 views

[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468121 Version: 1 HPSBMU03118 rev....

6.5CVSS0.9AI score0.03133EPSS
Exploits1
securityvulns
securityvulns
•added 2014/08/04 12:0 a.m.•88 views

[SECURITY] [DSA 2993-1] tor security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2993-1 [email protected] http://www.debian.org/security/ Peter Palfrader July 31, 2014 http://www.debian.org/security/faq -...

5.8CVSS0.2AI score0.02094EPSS
Exploits0
securityvulns
securityvulns
•added 2014/04/07 12:0 a.m.•88 views

Public disclosure of Buffer Overflow Dassault Systems

''' Exploit Title: Dassault Systemes Catia V5-6R2013 "CATV5AllApplications" Stack Buffer Overflow Date: 2-18-2014 Exploit Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 &...

8.1AI score
Exploits0
securityvulns
securityvulns
•added 2014/04/01 12:0 a.m.•88 views

PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I. Advisory Summary Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft Phone Date Published: March 30, 2014 Vendors contacted: Heiko Sommerfeldt, PhonerLite author Discovered by: Jason Ostrom Severity: Medium II. Vulnerability...

7.1AI score0.01684EPSS
Exploits6
securityvulns
securityvulns
•added 2014/03/27 12:0 a.m.•88 views

[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2885-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 26, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.8AI score0.09264EPSS
Exploits2
securityvulns
securityvulns
•added 2014/03/27 12:0 a.m.•88 views

HP Rapid Deployment Pack / HP Insight Control Server Deployment multiple security vulnerabilities

Multiple different vulnerabilities...

10CVSS1AI score0.07533EPSS
Exploits15References1
securityvulns
securityvulns
•added 2014/02/28 12:0 a.m.•88 views

Apple Mac OS X multiple security vulnerabilities

Multiple vulnerabilities in Network and Graphics subsystems, SSL bypass, multiple libraries and applications vulnerabilities...

10CVSS1.9AI score0.73327EPSS
Exploits26References1Affected Software1
securityvulns
securityvulns
•added 2014/02/11 12:0 a.m.•88 views

Security advisory, LedgerSMB 1.3.0-1.3.36

Security Advisory: LedgerSMB 1.3.36, Improper Logout on Some Browsers Severity: Low cvssv2 base score: 3.6, total 0.5 Remotely Exploitable: No Complexity of Attack: High Impact: Relatively low. Prerequisite for Attack: Physical Access to Previously Logged In Browser, so high complexity in most...

7.2AI score
Exploits0
securityvulns
securityvulns
•added 2014/02/11 12:0 a.m.•88 views

AlienVault OSSIM SQL Injection vulnerability

INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products 4. Vulnerability 5. Solution 6. Credit 7. Disclosure Timeline 1. BACKGROUND --------------------------------------- OSSIM by AlienVault is an Open Source Security Information and Event Management SIEM...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2014/01/13 12:0 a.m.•88 views

[CVE-2013-7204] CSRF in Conceptronic IP Camera (CIPCAMPTIWL)

Hello List, Here I inform you about an easily exploitable CSRF discovered in Conceptronic cameras CIPCAMPTIWL. General Details Affected Product: Conceptronic camera CIPCAMPTIWL Tested Firmware: 21.37.2.49 Tested Web UI Firmware: 0.61.4.18 Assigned CVE: CVE-2013-7204 CVSSv2 Base Score: 5.8...

6.8CVSS0.10595EPSS
Exploits5
securityvulns
securityvulns
•added 2014/01/09 12:0 a.m.•88 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.56255EPSS
Exploits60References33Affected Software24
securityvulns
securityvulns
•added 2013/12/23 12:0 a.m.•88 views

[SECURITY] [DSA 2822-1] xorg-server security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2822-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 18, 2013 http://www.debian.org/security/faq -...

5CVSS2.8AI score0.02879EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/28 12:0 a.m.•88 views

[USN-2001-1] Swift vulnerability

========================================================================== Ubuntu Security Notice USN-2001-1 October 23, 2013 swift vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4CVSS0.9AI score0.01661EPSS
Exploits1
securityvulns
securityvulns
•added 2013/10/28 12:0 a.m.•88 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.12169EPSS
Exploits14References13Affected Software10
securityvulns
securityvulns
•added 2013/09/09 12:0 a.m.•88 views

CakePHP AssetDispatcher Local File Inclusion Vulnerability

CVE Number: N/A not assigned Title: CakePHP AssetDispatcher Local File Inclusion Vulnerability Affected Software: Confirmed on CakePHP v2.3.7, v2.2.8 prior versions may also be affected Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.8 & 2.2.9 was released which...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2013/08/12 12:0 a.m.•88 views

Update: Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials

Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware 1.05.12 N900C Firmware 1.06.18 N900C Firmware 1.06.28 CVE...

4.3CVSS6.7AI score0.04555EPSS
Exploits5
securityvulns
securityvulns
•added 2013/05/09 12:0 a.m.•88 views

[ MDVSA-2013:163 ] glibc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:163 http://www.mandriva.com/en/support/security/ Package : glibc Date : May 7, 2013 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in glibc:...

5CVSS8.3AI score0.04113EPSS
Exploits2
securityvulns
securityvulns
•added 2013/05/06 12:0 a.m.•88 views

[ MDVSA-2013:160 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:160 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : May 3, 2013 Affected: Business Server 1.0 Problem Description: Updated phpmyadmin package fixes security vulnerabilities: In some...

6CVSS6.3AI score0.28851EPSS
Exploits16
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•88 views

[ MDVSA-2013:022 ] openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:022 http://www.mandriva.com/en/support/security/ Package : openssh Date : March 13, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in openssh:...

5CVSS6.7AI score0.1651EPSS
Exploits1
securityvulns
securityvulns
•added 2013/02/24 12:0 a.m.•88 views

Alt-N MDaemon Email Body HTML/JS Injection Vulnerability

============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: HTML/JS Injection Remot...

1.4AI score
Exploits0
securityvulns
securityvulns
•added 2013/01/21 12:0 a.m.•88 views

0-day vulnerability in Oracle Java is used to install maliscious software

Applet can grant permissions to itself...

10CVSS2.1AI score0.97612EPSS
Exploits38References3Affected Software2
securityvulns
securityvulns
•added 2013/01/10 12:0 a.m.•88 views

Chrome for Android - Cookie theft from Chrome by malicious Android app

CVE Number: CVE-2012-4909 Title: Chrome for Android - Cookie theft from Chrome by malicious Android app Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: Symbolic links can be...

4.3CVSS0.1AI score0.02147EPSS
Exploits1
securityvulns
securityvulns
•added 2012/11/18 12:0 a.m.•88 views

[USN-1632-1] Django vulnerability

========================================================================== Ubuntu Security Notice USN-1632-1 November 15, 2012 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

6.4CVSS0.4AI score0.03635EPSS
Exploits1
securityvulns
securityvulns
•added 2012/11/02 12:0 a.m.•88 views

Nth Dimension Security Advisory (NDSA20121010)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20121010 Date: 10th October 2012 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Konqueror 4.7.3 http://konqueror.kde.org/ Vendor: KDE...

9.3CVSS8.8AI score0.12599EPSS
Exploits10
securityvulns
securityvulns
•added 2012/09/03 12:0 a.m.•89 views

Dr. Web Control Center Admin UI Remote Script Code Injection

Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300 Product/Company Information...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2012/09/03 12:0 a.m.•88 views

Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities

Title: ====== Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities Date: ===== 2012-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=659 VL-ID: ===== 659 Common Vulnerability Scoring System: ==================================== 8.3 Introduction:...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2012/09/03 12:0 a.m.•88 views

[USN-1552-1] OpenStack Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-1552-1 September 03, 2012 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

4.9CVSS0.9AI score0.0248EPSS
Exploits1
securityvulns
securityvulns
•added 2012/08/27 12:0 a.m.•88 views

[USN-1545-1] Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1545-1 August 22, 2012 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

5.5CVSS0.9AI score0.02582EPSS
Exploits2
securityvulns
securityvulns
•added 2012/07/23 12:0 a.m.•88 views

Google Chrome 19 metro_driver.dll mishandling

Security Advisory - Google Chrome 19 metrodriver.dll mishandling ======================================================================== Summary : Google Chrome 19 is prone to unqualified DLL loading Date : 28 June 2012 Affected versions : Google Chrome v19.0.1084.21 up-to v20.0.1132.23 ID :...

7.2CVSS6.8AI score0.00442EPSS
Exploits1
securityvulns
securityvulns
•added 2012/07/11 12:0 a.m.•88 views

BookNux 0.2 <= Multiple Vulnerabilities

BookNux 0.2 = Multiple Vulnerabilities Discovered by: Jean Pascal Pereira [email protected] Vendor information: "Commentics is a free, advanced PHP comment script with many features. Professionally written and with open source code, its main aims are to be integrable, customizable and secure."...

1AI score
Exploits0
securityvulns
securityvulns
•added 2012/07/11 12:0 a.m.•88 views

[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability

CVE-2012-2138 : Apache Sling denial of service vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: org.apache.sling.servlets.post bundle up to 2.1.0 Description: The @CopyFrom operation of the Sling POST servlet allows for copying a parent node to one of it...

5CVSS0.7AI score0.14122EPSS
Exploits3
securityvulns
securityvulns
•added 2012/03/19 12:0 a.m.•88 views

[SECURITY] [DSA 2414-1] fex security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2413-1 [email protected] http://www.debian.org/security/ Nico Golde February 21, 2012 http://www.debian.org/security/faq -...

4.3CVSS1.9AI score0.04852EPSS
Exploits0
securityvulns
securityvulns
•added 2012/02/13 12:0 a.m.•88 views

CSRF (Cross-Site Request Forgery) in DClassifieds

Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...

Exploits0
securityvulns
securityvulns
•added 2012/02/12 12:0 a.m.•88 views

[SECURITY] [DSA 2407-1] cvs security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2407-1 [email protected] http://www.debian.org/security/ Florian Weimer February 09, 2012 http://www.debian.org/security/faq -...

10CVSS3.5AI score0.08396EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/09 12:0 a.m.•88 views

OpenKM 5.1.7 Privilege Escalation

COMPASS SECURITY ADVISORY http://www.csnc.ch/ ID: COMPASS-2012-001 Product: OpenKM Document Management System 5.1.7 1 Vendor: OpenKM http://www.openkm.com/ Subject: Privilege Escalation, Improper Access Control Risk: High Effect: Remotely exploitable Author: Cyrill Brunschwiler...

0.9AI score
Exploits0
securityvulns
securityvulns
•added 2011/12/05 12:0 a.m.•88 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.03056EPSS
Exploits12References15Affected Software10
securityvulns
securityvulns
•added 2011/11/27 12:0 a.m.•88 views

AdaptCMS 2.x SQL Injection Vulnerability

========================================================================= AdaptCMS 2.x SQL Injection Vulnerability =========================================================================...

8.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/11/21 12:0 a.m.•88 views

[ GLSA 201111-04 ] phpDocumentor: Function call injection

Gentoo Linux Security Advisory GLSA 201111-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

7.5CVSS0.4AI score0.01954EPSS
Exploits0
securityvulns
securityvulns
•added 2011/10/24 12:0 a.m.•88 views

TeamSHATTER Security Advisory: Buffer Overflow in Oracle Database (CTXSYS.DRVDISP.TABLEFUNC_ASOWN function)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory October 20, 2011 Risk Level: Medium Affected versions: Oracle Database Server version 10gR1, 10gR2 and 11gR1 Remote exploitable: Yes Authentication to Database Server is needed Credits: This vulnerability was discovered a...

8.5CVSS0.3AI score0.0224EPSS
Exploits0
securityvulns
securityvulns
•added 2011/10/02 12:0 a.m.•88 views

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20110928-nat Revision 1.0 For Public Release 2011 Sep 28 1600 UTC GMT +--------------------------------------------------------------------...

7.8CVSS0.3AI score0.02556EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/25 12:0 a.m.•88 views

Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009

Sense of Security - Security Advisory - SOS-11-009 Release Date. 19-Jul-2011 Last Update. - Vendor Notification Date. 23-Mar-2011 Product. Oracle Sun GlassFish Enterprise Server Platform. Java EE Affected versions. 2.1.1 v2.1 Patch069.102 Patch12 build b31g-fcs verified and possibly others Severi...

5.8CVSS5.6AI score0.03294EPSS
Exploits6
Total number of security vulnerabilities5000