Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2013/03/11 12:0 a.m.42 views

DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion

Title ----- DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion Severity -------- High Date Discovered --------------- February 14, 2013 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: 0x00string, Ryan Oliver and r@b13$ Vulnerability Description...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/11 12:0 a.m.55 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.09112EPSS
Exploits10References13Affected Software10
securityvulns
securityvulnsadded 2013/03/11 12:0 a.m.21 views

HP LaserJet Pro printers unauthorized access

No description provided...

8.8CVSS3AI score0.02037EPSS
Exploits0References1
securityvulns
securityvulnsadded 2013/03/11 12:0 a.m.29 views

rpi-update tmpfile vulnerability

Raspberry Pi Firmware Updater Vulnerability Application: https://github.com/Hexxeh/rpi-update/ Version Tested: Github source as of 10ad1e975a 10th Feb commit Vulnerability 1: A malicious user can clobber any file due to insecure tmp file handling. Example: Any unprivileged user can create the...

7.5AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/11 12:0 a.m.117 views

APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...

10CVSS0.2AI score0.91612EPSS
Exploits10
securityvulns
securityvulnsadded 2013/03/11 12:0 a.m.60 views

[IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: HP Intelligent Management Center Vendor URL: www.hp.com Type: Cross-Site Scripting CWE-79 Date found: 2012-06-08 Date published: 2013-03-04 CVSSv2 Score: CWE-79: 3,5 AV:N/AC:M/Au:S/C:N/I:P/A:...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/11 12:0 a.m.161 views

Exploit for stealing admin's account in Question2Answer

Hello! Here is exploit for stealing admin's account in Question2Answer. This exploit uses Cross-Site Request Forgery vulnerability at http://site/account and Insufficient Anti-automation vulnerabilities at http://site/forgot and http://site/reset, which I've described in the second advisory about...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.36 views

Perl memory leakage

Memory leakage on hash tables...

7.5CVSS1.1AI score0.03069EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.35 views

Wireshark multiple security vulnerabilities

Multiple vulnerabilities on CLNP, DTLS, DCP-ETSI, NTLMSSP and another protocols parsing...

6.1CVSS2.4AI score0.03616EPSS
Exploits1References2Affected Software1
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.23 views

Corel WordPerfect uninitialized pointer dereference

User-controlled pointer dereferences on WPD parsing...

3.8AI score0.00737EPSS
Exploits1References1
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.46 views

Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/05/2013 01:53 PM, [email protected] wrote: DoS loop, 100 cpu strHdrAcptLangGetItem at errorpage.cc Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.2.5, 3.2.7 This error i...

Exploits0
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.48 views

sudo protection bypass

It's possible to bypass password request by manipulating timestamps. Session id hijacking is possible under some conditions...

6.9CVSS1.5AI score0.0813EPSS
Exploits8References1Affected Software1
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.39 views

Corel Quattro Pro DoS

NULL pointer dereferences on QPW parsing...

4.3CVSS3.3AI score0.00686EPSS
Exploits2References1
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.170 views

Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption.

httpMakeVaryMark header value 'value' http.cc:603 line Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.2.5 It takes combination of a 5x requests and responses in less than 10 seconds to crash the parent: Request -- cut -- !/usr/bin/env...

7.3AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.56 views

[SECURITY] [DSA 2641-1] perl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2641-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 09, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.03069EPSS
Exploits0
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.63 views

Multiple NULL Pointer Dereference Vulnerabilities in Corel Quattro Pro X6

Advisory ID: HTB23112 Product: Corel Quattro Pro X6 Standard Edition Vendor: Corel Corporation Vulnerable Versions: 16.0.0.388, other versions may be also affected Tested Version: 16.0.0.388 on Windows 7 SP1 32 bits Vendor Notification: August 27, 2012 Public Disclosure: March 7, 2013 Vulnerabili...

4.3CVSS6.7AI score0.00686EPSS
Exploits2
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.60 views

[ MDVSA-2013:020 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:020 http://www.mandriva.com/en/support/security/ Package : wireshark Date : March 8, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and corrected in Wireshark:...

6.1CVSS6.6AI score0.03616EPSS
Exploits0
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.41 views

Squid security vulnerabilities

CPU exhaustion DoS, memory corruption...

7.8CVSS2.3AI score0.41939EPSS
Exploits0References3Affected Software1
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.35 views

Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc

DoS loop, 100 cpu strHdrAcptLangGetItem at errorpage.cc Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.2.5, 3.2.7 This error is only triggered when squid needs to generate an error page for example backend node is not responding etc...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/10 12:0 a.m.37 views

Untrusted Pointer Dereference Vulnerability in Corel WordPerfect X6

Advisory ID: HTB23114 Product: Corel WordPerfect X6 Standard Edition Vendor: Corel Corporation Vulnerable Versions: 16.0.0.388, other versions may be also affected Tested Version: 16.0.0.388 on Windows 7 SP1 32 bits Vendor Notification: September 12, 2012 Public Disclosure: March 7, 2013...

0.00737EPSS
Exploits1
securityvulns
securityvulnsadded 2013/03/05 12:0 a.m.63 views

[SE-2012-01] One more attack affecting Oracle's Java SE 7u15

Hello All, Last week, Oracle disputed our claim regarding one of the Issues reported to the company on Feb 25, 2012. This was Issue 54 that was partly responsible for a successful attack demonstrated in the environment of Java SE 7 Update 15. It turns out Oracle's attempt to deny Issue 54 turned...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.71 views

[SECURITY] [DSA 2633-1] fusionforge security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2633-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez February 26, 2013 http://www.debian.org/security/faq -...

6.9CVSS1.4AI score0.00031EPSS
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.128 views

Fileutils ruby gem possible remote command execution and insecure file handling in /tmp

Fileutils ruby gem possible remote command execution and insecure file handling in /tmp 2/23/2013 Hi list, I was looking at some gem files and noticed a few issues with fileutils-0.7 http://rubygems.org/gems/fileutils "A set of utility classes to extract meta data from different file types"...

0.8AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.45 views

[Onapsis Security Advisory 2013-002] SAP SDM Denial of Service

Onapsis Security Advisory 2013-002: SAP SDM Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new...

Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.25 views

Cisco Prime Central / Cisco Unified Communications Manager / Cisco Unified Presence Server DoS

Different DoS conditions on traffic processing...

7.8CVSS3.1AI score0.00515EPSS
Exploits0Affected Software3
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.68 views

[Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting

Onapsis Security Advisory 2013-003: SAP Enterprise Portal Cross-Site-Scripting This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories,...

6.8AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.43 views

[Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure

Onapsis Security Advisory 2013-001: SAP Portal PDC Information Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations...

6.7AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.20 views

SAP applications multiple security vulnerabilities

Code executions, filesystem access, information leakage, DoS...

2.7AI score
Exploits0References6
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.103 views

Cross-Site Scripting (XSS) in Geeklog

Advisory ID: HTB23143 Product: Geeklog Vendor: http://www.geeklog.net Vulnerable Versions: 1.8.2 and probably prior Tested Version: 1.8.2 Vendor Notification: February 6, 2013 Vendor Patch: February 20, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

4.3CVSS6.9AI score0.004EPSS
Exploits3
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.39 views

Adobe Reader / Acrobat security vulnerabilities

Buffer oveflows are exploited in-the-wild...

9.3CVSS3.3AI score0.92254EPSS
Exploits4Affected Software2
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.101 views

Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities

Title: ====== Kayako Fusion v4.51.1891 - Multiple Web Vulnerabilities Date: ===== 2013-01-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=824 ID: SWIFT-3119 URL: http://dev.kayako.com/browse/SWIFT-3119 VL-ID: ===== 824 Common Vulnerability Scoring System:...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.75 views

[KIS-2013-03] Joomla! <= 3.0.2 (highlight.php) PHP Object Injection Vulnerability

------------------------------------------------------------------- Joomla! = 3.0.2 highlight.php PHP Object Injection Vulnerability ------------------------------------------------------------------- - Software Link: http://www.joomla.org/ - Affected Versions: Version 3.0.2 and earlier 3.0.x...

7.5CVSS0.00051EPSS
Exploits6
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.53 views

[Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access

Onapsis Security Advisory 2013-004: SAP J2EE Core Service Arbitrary File Access This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories,...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.83 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.6CVSS1.6AI score0.45471EPSS
Exploits17References10Affected Software9
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.43 views

Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT Femtocell

Advisory ID: NEOCAN-2013-002 Advisory Title: Stored XSS 'cross-site scripting' in Airvana HubBub C1-600-RT router Author: Scott Behrens / [email protected] Release Date: 02/27/2013 Vendor: Airvana Application: Airrave 2.5 router administration page Platform: Web Application Severity:...

4.3CVSS5.1AI score0.00365EPSS
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.66 views

[Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection

Onapsis Security Advisory 2013-006: SAP SMD Agent Code Injection This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new...

7.5AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.407 views

[waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05

waraxe-2013-SA097 - Multiple Vulnerabilities in PHP-Fusion 7.02.05 =============================================================================== Author: Janek Vind "waraxe" Date: 27. February 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-97.html Description of vulnerable...

7.5AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.80 views

Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4

CVE-2013-0253 Apache Maven Severity: Medium Vendor: The Apache Software Foundation Versions Affected: - Apache Maven 3.0.4 - Apache Maven Wagon 2.1, 2.2, 2.3 Description: Apache Maven 3.0.4 with Apache Maven Wagon 2.1 has introduced a non-secure SSL mode by default. This mode disables all SSL...

5.8CVSS2.3AI score0.00746EPSS
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.40 views

[Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection

Onapsis Security Advisory 2013-005: SAP CCMS Agent Code Injection This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new...

8.1AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.47 views

BF, IAA and CSRF vulnerabilities in Question2Answer

Hello 3APA3A! These are Brute Force, Insufficient Anti-automation and Cross-Site Request Forgery vulnerabilities in Question2Answer. This is the first part of vulnerabilities in this web application. ------------------------- Affected products: ------------------------- Vulnerable are all version...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.77 views

[SECURITY] [DSA 2634-1] python-django security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2634-1 [email protected] http://www.debian.org/security/ Nico Golde February 27, 2013 http://www.debian.org/security/faq -...

6.4CVSS1.5AI score0.03893EPSS
Exploits2
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.29 views

Airvana HubBub routers crossite scripting

Web interface crossite scripting...

4.3CVSS1.5AI score0.00365EPSS
Exploits0References1
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.107 views

Multiple Vulnerabilities in Piwigo

Advisory ID: HTB23144 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.4.6 and probably prior Tested Version: 2.4.6 Vendor Notification: February 6, 2013 Vendor Patch: February 19, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352, Path...

7.6CVSS6.8AI score0.45471EPSS
Exploits12
securityvulns
securityvulnsadded 2013/03/03 12:0 a.m.44 views

Adobe Flash Player multiple security vulnerabilities

Multiple code execution vulnerabilities are exploited in-the-wild...

10CVSS2.3AI score0.90337EPSS
Exploits11Affected Software1
securityvulns
securityvulnsadded 2013/03/02 12:0 a.m.18 views

War FTP Daemon memory corruption

Memory corruption on logging...

1.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/03/02 12:0 a.m.57 views

Apache security vulnerabilities

modinfo, modstatus, modimagemap, modldap, modproxyftp, modproxybalancer crossite scripting...

4.3CVSS1.6AI score0.58223EPSS
Exploits3References1Affected Software1
securityvulns
securityvulnsadded 2013/03/02 12:0 a.m.34 views

openjpeg library security vulnerabilities

Vulnerabilities on JPEG encoding and decoding...

10CVSS2.3AI score0.11441EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2013/03/02 12:0 a.m.71 views

[USN-1747-1] Transmission vulnerability

========================================================================== Ubuntu Security Notice USN-1747-1 February 25, 2013 transmission vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

7.5CVSS0.4AI score0.02677EPSS
Exploits1
securityvulns
securityvulnsadded 2013/03/02 12:0 a.m.31 views

Transmission memory corruption

micro transport packets parsing memory corruption...

7.5CVSS4.3AI score0.02677EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2013/03/02 12:0 a.m.58 views

[USN-1750-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1750-1 February 26, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS7.5AI score0.15053EPSS
Exploits12
Total number of security vulnerabilities47153