Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•35 views

Photodex ProShow Producer multiple security vulnerabilities

Buffer overflow on .pxs / .pxt files parsing. Privilege escalations via weak executable permissions and incorrect DLL paths...

6.2AI score
Exploits0References4Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•47 views

Apple iOS multiple security vulnerabilities

Protection bypass, privilege escalation, code execution...

7.5CVSS3.7AI score0.04267EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•29 views

CA SiteMinder privilege escalation

Invalid SAML signature verification...

7.5CVSS3.5AI score0.01527EPSS
Exploits0References1Affected Software3
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•105 views

OpenSSH security vulnerabilities

DoS, information leakage...

5CVSS2AI score0.1651EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•86 views

[ MDVSA-2013:022 ] openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:022 http://www.mandriva.com/en/support/security/ Package : openssh Date : March 13, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in openssh:...

5CVSS6.7AI score0.1651EPSS
Exploits1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•47 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple use-after-free vulnerabilities...

9.3CVSS1.9AI score0.38223EPSS
Exploits3References2Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•51 views

OpenStack security vulnerabilities

Nova and Glances information leakages, Keystone resources exhaustion...

6.8CVSS2.7AI score0.04863EPSS
Exploits3References9Affected Software4
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•45 views

Mozilla NSS library TLS timing attacks

"Lucky Thirteen" attacks are possible...

4.3CVSS2.5AI score0.03723EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•44 views

Apple TV multiple security vulnerabilities

Protection bypass, information leakage...

7.2CVSS1.9AI score0.00361EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•47 views

Safari / WebKit multiple security vulnerabilities

Crossite scripting...

7.5CVSS1.4AI score0.02195EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•60 views

[USN-1762-1] APT vulnerability

========================================================================== Ubuntu Security Notice USN-1762-1 March 14, 2013 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.3CVSS0.2AI score0.01343EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•25 views

LibreOffice update spoofing

Updates are checked via insecure connection, digital signature is not validated...

3.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•41 views

[USN-1773-1] ClamAV vulnerabilities

========================================================================== Ubuntu Security Notice USN-1773-1 March 21, 2013 clamav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•37 views

apt protection bypass

Man-in-the middle attack is possible against repository if InRelease files are used...

4.3CVSS1.9AI score0.01343EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•35 views

[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2

waraxe-2013-SA099 - Update Spoofing Vulnerability in LibreOffice 4.0.1.2 =============================================================================== Author: Janek Vind "waraxe" Date: 21. March 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-99.html Description of vulnerable...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•43 views

CA20130319-01: Security Notice for SiteMinder products using SAML

-----BEGIN PGP SIGNED MESSAGE----- CA20130319-01: Security Notice for SiteMinder products using SAML Issued: March 19, 2013 CA Technologies support is alerting customers to a potential risk with certain CA SiteMinder products that implement Security Assertion Markup Language SAML. Multiple...

7.5CVSS6.6AI score0.01527EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•56 views

[USN-1763-1] NSS vulnerability

========================================================================== Ubuntu Security Notice USN-1763-1 March 14, 2013 nss vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.3CVSS6.1AI score0.03723EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•51 views

DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal

Title ----- DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal Severity -------- High Date Discovered --------------- January 22, 2013 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description ------------------------- The...

Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•87 views

APPLE-SA-2013-03-14-2 Safari 6.0.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-14-2 Safari 6.0.3 Safari 6.0.3 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2 Impact: Visiting a maliciously crafted website may lead to an...

7.5CVSS0.02195EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•34 views

EverFocus EPARA264-16X1 directory traversal

Directory traversal in embedded http server...

0.9AI score
Exploits0References1
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•85 views

VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnMove" Use-after-free (MS13-021 / CVE-2013-0087)

VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnMove" Use-after-free MS13-021 / CVE-2013-0087 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included...

9.3CVSS6.8AI score0.18477EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•28 views

Mozilla Firefox / Thunderbird / Seamonkey use-after-free vulnerability

HTML editor use-after-free...

9.3CVSS1.5AI score0.06398EPSS
Exploits0References1Affected Software4
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•57 views

VUPEN Security Research - Mozilla Firefox "nsHTMLEditRules" Use-After-Free (MFSA-2013-29 / CVE-2013-0787)

VUPEN Security Research - Mozilla Firefox "nsHTMLEditRules" Use-After-Free MFSA-2013-29 / CVE-2013-0787 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Mozilla Firefox is a free and open source web browser coordinated by Mozilla Corporation an...

9.3CVSS0.3AI score0.06398EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•141 views

APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001 OS X Mountain Lion v10.8.3 and Security Update 2013-001 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lio...

9.3CVSS0.6AI score0.99449EPSS
Exploits39
securityvulns
securityvulns
•added 2013/03/24 12:0 a.m.•88 views

Apple Mac OS X multiple security vulnerabilities

Crossite scripting, authentication bypass, buffer overflows and memory corruptions in graphics libraries, information leakage, protection bypass, PDF parsing memory corruptions, different packages security vulnerabilities...

9.3CVSS4.5AI score0.99449EPSS
Exploits39References1Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•66 views

[SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54)

Hello All, We decided to release technical details of Issue 54 that was reported to Oracle on Feb 25, 2013 and that was evaluated by the company as the "allowed behavior". As of Mar 18, 2013 we have no information that Oracle treats Issue 54 as a security vulnerability. We believe that 3 weeks fr...

0.7AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•57 views

n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.001 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom Command Shell Grants System-Level Access Risk: LOW Overview: The Polycom Command Shell ...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•31 views

lighthttpd symbolic links vulnerabilities

Unix socket with fixed name is created in world-writable directory...

1.9CVSS1.1AI score0.00349EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•124 views

[SECURITY] [DSA 2649-1] lighttpd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2649-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez March 15, 2013 http://www.debian.org/security/faq -...

1.9CVSS1.2AI score0.00349EPSS
Exploits1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•63 views

[SECURITY] [DSA 2648-1] firebird2.5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2648-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2013 http://www.debian.org/security/faq -...

6.8CVSS1.5AI score0.42166EPSS
Exploits6
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•346 views

Skype privilege escalation

Skype Click to Call Update Service weak executable files permission...

3.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•24 views

Cisco IOS cryptography vulnerability

Invalid hash algorithm implementation for type 4 passwords...

1.6AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•64 views

Oracle Java multiple security vulnerabilities

50 of different vulnerabilities are fixed with CPU...

10CVSS2.3AI score0.89987EPSS
Exploits11References7Affected Software2
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•79 views

Microsoft Windows USB devices privilege escalation

Few different vulnerabilities on USB device plugging with ability of code execution...

7.2CVSS4.2AI score0.01455EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•48 views

[USN-1766-1] pam-xdg-support vulnerability

========================================================================== Ubuntu Security Notice USN-1766-1 March 18, 2013 pam-xdg-support vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

7.2CVSS0.3AI score0.00452EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•53 views

NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow

High Risk Vulnerability in Microsoft Windows 18 March 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Microsoft Windows Impact: Windows USB RNDIS driver kernel pool overflow. Exploitation would result in local privilege escalation Versions affected: Microsoft Windows all...

Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•23 views

Polycom HDX multiple security vulnerabilities

Format string vulnerability, SQL injection, code execution, privilege escalation...

2.6AI score
Exploits0References4
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•59 views

[SECURITY] [DSA 2650-1] libvirt-bin security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2650-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez March 15, 2013 http://www.debian.org/security/faq -...

3.6CVSS1.7AI score0.00382EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•75 views

[USN-1764-1] OpenStack Glance vulnerability

========================================================================== Ubuntu Security Notice USN-1764-1 March 14, 2013 glance vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

3.5CVSS0.5AI score0.01356EPSS
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•35 views

Firebird security vulnerabilities

Buffer overflow, DoS...

6.8CVSS2.9AI score0.42166EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•47 views

n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.003 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom H.323 CDR Database SQL Injection Risk: HIGH Overview: For every received H.323 SETUP...

Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•38 views

pam-xdg-support privilege escalation

Invalid PATH processing...

7.2CVSS3.5AI score0.00452EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•38 views

Skype Click to Call Update Service local privilege escalation

Vuln Title: Skype Click to Call Update Service local privilege escalation Date: 10.12.2012 Author: otr Software Link: http://www.skype.com Vendor: Microsoft Corporation Version: = 6.2.0.106 Tested on: Windows 7, Windows XP Type: Privilege Escalation, DLL Hijacking CVE : MS does not assign CVE for...

0.7AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•51 views

n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.002 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom Firmware Update Command Injection Risk: MEDIUM Overview: Polycom HDX systems can be...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•75 views

n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.004 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom H.323 Format String Vulnerability Risk: HIGH Overview: For every received H.323 SETUP...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•32 views

libvirt weak permissions

libvirtd sets weak permissions for devices...

3.6CVSS1.9AI score0.00382EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•52 views

Linux kernel multiple security vulnerabilities

DoS, privilege escalation, information leakage...

6.8CVSS2.5AI score0.01557EPSS
Exploits6References2Affected Software1
securityvulns
securityvulns
•added 2013/03/19 12:0 a.m.•78 views

[USN-1767-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1767-1 March 18, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.5CVSS0.4AI score0.01557EPSS
Exploits5
securityvulns
securityvulns
•added 2013/03/13 12:0 a.m.•108 views

Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

5.8CVSS7.5AI score0.04632EPSS
Exploits2
securityvulns
securityvulns
•added 2013/03/13 12:0 a.m.•51 views

Microsoft Silverlight code execution

Memory corruption...

9.3CVSS2.4AI score0.81868EPSS
Exploits8Affected Software1
Total number of security vulnerabilities47153