Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•49 views

D-Link IP cameras multiple security vulnerabilities

Code execution, authentication bypass, hardcoded credentials, information leakage...

2.5AI score0.91897EPSS
Exploits10References1
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•30 views

EMC Networker privilege escalation

Weak file permissions...

7.2CVSS3.2AI score0.00032EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•30 views

SRPLab Personal File Share buffer overflow

Buffer overflow on oversized request in HTTP server...

2.4AI score
Exploits0References1
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•67 views

NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth)

High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Null Pointer Dereference Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...

0.1AI score
Exploits0
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•39 views

MIT Kerberos 5 security vulnereabilities

Few NULL pointer dereferences...

7.1CVSS2.6AI score0.02274EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•70 views

NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection

High Risk Vulnerability in Oracle Retail Central Office 1 May 2013 Andrew Davies of NCC Group has discovered a High risk vulnerability in Oracle Retail Central Office Impact: SQL Injection Versions affected: Oracle Retail Central Office, versions 13.1, 13.2, 13.3, 13.4 Security patch information...

7.1AI score
Exploits0
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•55 views

VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028)

VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free MS13-028 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as par...

7.7AI score
Exploits0
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•40 views

FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:05.nfsserver Security Advisory The FreeBSD Project Topic: Insufficient input validation in the NFS server Category: core Module: nfsserver Announced: 2013-04-2...

7.5CVSS6.4AI score0.02313EPSS
Exploits0
securityvulns
securityvulns•added 2013/05/04 12:0 a.m.•71 views

Cisco/Linksys E1200 N300 Reflected XSS

Summary -------------------- Software : Cisco/Linksys Router OS Hardware : E1200 N300 others currently untested Version : 2.0.04 others currently untested Website : http://www.linksys.com Issue : Reflected XSS Severity : Medium Researcher: Carl Benedict theinfinitenigma Product Description...

0.8AI score
Exploits0
securityvulns
securityvulns•added 2013/04/29 12:0 a.m.•36 views

tinc buffer overflow

Buffer overflow with oversized TCP packet...

6.5CVSS5AI score0.65516EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns•added 2013/04/29 12:0 a.m.•70 views

[SECURITY] [DSA 2663-1] tinc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2663-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez April 22, 2013 http://www.debian.org/security/faq -...

6.5CVSS2.1AI score0.65516EPSS
Exploits4
securityvulns
securityvulns•added 2013/04/29 12:0 a.m.•43 views

[security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03727435 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03727435 Version: 1 HPSBHF02865...

7.2CVSS0.4AI score0.00057EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/29 12:0 a.m.•26 views

HP ElitePad 900 Protection bypass

It's possible to bypass secure boot protection...

7.2CVSS0.7AI score0.00057EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•39 views

Multiple Vulnerabilities in D'Link DIR-635

Device Name: DIR-635 Vendor: D-Link ============ Vulnerable Firmware Releases: ============ Firmwareversion: 2.34EU Hardware-Version: B1 Produktseite: DIR-635 ============ Vulnerability Overview: ============ Stored XSS - Status - WLAN - SSID Injecting scripts into the parameter...

6.3AI score
Exploits0
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•60 views

Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution

Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution ActiveX Settings: Binary path: C:Program FilesSilkShared Filesteechart.ocx CLSID: 008BBE7E-C096-11D0-B4E3-00A0C901D681 ProgID: TeeChart.TChart Version: 4.0.0.7 Safe for Scripting IObjectSafety: True Safe for...

2AI score
Exploits0
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•31 views

HP Data Protector privilege escalation

No description provided...

7.2CVSS1.7AI score0.00057EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•25 views

D-Link DIR-635 router multiple security vulnerabilities

XSS, CSRF...

2.2AI score
Exploits0References1
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•173 views

BF and IA vulnerabilities in IBM Lotus Domino

Hello 3APA3A! I want to warn you about Brute Force and Insufficient Authentication vulnerabilities in IBM Lotus Domino. These are vulnerabilities in Domino, which I've found at 03.05.2012 together with other holes. Last year I've announced multiple vulnerabilities in IBM software and after IBM...

Exploits0
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•26 views

D-Link DIR-615 / DIR-600 / DIR-300 multiple security vulnerabilities

Code execution, information leakage, XSS, etc...

2.1AI score
Exploits0References2
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•166 views

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows ActiveX settings: Binary path: C:Program Files x86BorlandCaliberRMemsmtp.dll Version: 5.0.0.11 ProgID: EasyMail.SMTP.5 CLSID: 4610E7BF-710F-11D3-813D-00C04F6B92D0 Safe for Scripting: True Safe for Initialization: True...

9.3CVSS3.6AI score0.80073EPSS
Exploits6
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•58 views

Nginx ngx_http_close_connection function integer overflow

Website: http://safe3.com.cn I. BACKGROUND --------------------- Nginx is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VKontakte, and Rambler. Accordin...

0.5AI score
Exploits0
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•42 views

[security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03570121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03570121 Version: 2 HPSBMU02830...

7.2CVSS0.4AI score0.00057EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•34 views

IBM Lotus Domino information leakage

Unprivileged user can access system information...

3.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•37 views

Borland ActiveX security vulnerabilities

Buffer overflows, unsafe method...

9.3CVSS3.7AI score0.80073EPSS
Exploits6References2Affected Software2
securityvulns
securityvulns•added 2013/04/28 12:0 a.m.•75 views

Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•50 views

X.Org X server information leakage

It's possible to retrieve keystrokes...

2.1CVSS2.3AI score0.00079EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•60 views

VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013)

VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow Pwn2Own 2013 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Java is the foundation for virtually every type of networked application and is the global...

0.3AI score
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•32 views

Samba limitations bypass

It's possible o bypass share attributes limitations...

4CVSS2AI score0.01878EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•68 views

SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server

SEC Consult Vulnerability Lab Security Advisory 20130417-2 ======================================================================= title: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server product: Oracle WebCenter Sites Satellite Server former FatWire Satellite Serv...

4CVSS5.7AI score0.16013EPSS
Exploits5
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•91 views

[USN-1801-1] curl vulnerability

========================================================================== Ubuntu Security Notice USN-1801-1 April 16, 2013 curl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

5CVSS0.4AI score0.02482EPSS
Exploits1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•29 views

IcedTea-Web security vulnerabilities

Crossdomain access, code execution...

6.8CVSS3.3AI score0.0249EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•58 views

Adobe ColdFusion security vulnerabilities

Information leakage, unauthorized access...

7.5CVSS3.5AI score0.01848EPSS
Exploits0Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•31 views

SAP applications multiple security vulnerabilities

Privilege escalation, code execution...

6.5CVSS3.4AI score0.00493EPSS
Exploits0References3
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•61 views

[SECURITY] [DSA 2662-1] xen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2662-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 18, 2013 http://www.debian.org/security/faq -...

4.7CVSS0.5AI score0.00096EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•88 views

SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption

SEC Consult Vulnerability Lab Security Advisory 20130417-1 ======================================================================= title: Java ActiveX Control Memory Corruption product: JavaTM Web Start Launcher vulnerable version: Sun Java Version 7 Update 17 and before Sun Java Version 6 Update...

5CVSS0.1AI score0.12809EPSS
Exploits5
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•49 views

[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution

ESNC-2013-001 Privilege Escalation in SAP Healthcare Industry Solution Please refer to www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...

6.5CVSS0.5AI score0.00228EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•107 views

APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...

10CVSS0.2AI score0.19623EPSS
Exploits6
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•65 views

[SE-2012-01] Details of issues fixed by Java SE 7 Update 21

Hello All, Today, Oracle released Java SE 7 Update 21, which among other things addresses six security vulnerabilities that were reported to the company earlier this year Issues 51, 55 and 57-60. Our original vulnerability reports and Proof of Concept codes for these and some previously disclosed...

Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•66 views

[USN-1803-1] X.Org X server vulnerability

========================================================================== Ubuntu Security Notice USN-1803-1 April 17, 2013 xorg-server, xorg-server-lts-quantal vulnerability ========================================================================== A security issue affects these releases of Ubun...

2.1CVSS0.00079EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•57 views

Oracle Java / OpenJDK multiple security vulnerabilities

42 different vulnerabilities...

10CVSS2.2AI score0.93397EPSS
Exploits22References6Affected Software2
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•24 views

Apple Safari / WebKit memory corruption

Memory corruption via SVG...

3.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•58 views

TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation

Trustwave SpiderLabs Security Advisory TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation https://www.trustwave.com/spiderlabs/advisories/TWSL2013-004.txt Published: 04/18/13 Version: 1.0 Vendor: Cisco www.cisco.com Product: ASA Adaptive Security Appliance Versions...

5CVSS6.2AI score0.00375EPSS
Exploits1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•81 views

[USN-1804-1] IcedTea-Web vulnerabilities

========================================================================== Ubuntu Security Notice USN-1804-1 April 18, 2013 icedtea-web vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

6.8CVSS0.2AI score0.0249EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•42 views

Xen security vulnerabilities

Few DoS conditions...

4.7CVSS2.4AI score0.00096EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•62 views

[ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services

ESNC-2013-003 Remote OS Command Execution in SAP BASIS Communication Services Please refer to www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...

6CVSS1.3AI score0.00493EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•141 views

Sitecom WLM-3500 backdoor accounts

Sitecom WLM-3500 backdoor accounts ================================== ADVISORY INFORMATION Title: Sitecom WLM-3500 backdoor accounts Discovery date: 24/03/2013 Release date: 16/04/2013 Credits: Roberto Paleari [email protected], @rpaleari Advisory URL:...

0.9AI score
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•31 views

Cisco Network Admission Control Manager SQL injection

No description provided...

7.5CVSS2.9AI score0.00366EPSS
Exploits0Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•38 views

cURL / libcurl information leak

Crossdomain cooke access...

5CVSS2.4AI score0.02482EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•86 views

Re: [SE-2012-01] Details of issues fixed by Java SE 7 Update 21

Hello All, We wanted to add the following information to our yesterday post. We've learned that RedHat's Bugzilla associates CVE-2013-1537 1 with the RMI issue allowing for a remote loading and execution of arbitrary Java code on servers 2. It looks that Oracle has finally patched RMI vulnerabili...

10CVSS0.1AI score0.10177EPSS
Exploits0
securityvulns
securityvulns•added 2013/04/22 12:0 a.m.•61 views

[ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control

ESNC-2013-002 Privilege Escalation in SAP Production Planning and Control Please refer to www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...

6.5CVSS0.5AI score0.00392EPSS
Exploits0
Total number of security vulnerabilities47153