Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/02/24 12:0 a.m.62 views

Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability

========================================================================================== Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability ========================================================================================== Software: Alt-N MDaemon v13.0.3...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.31 views

NetGear DGN2200 multiple security vulnerabilities

XSS, code execution, information leakage...

2.3AI score
Exploits0References1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.54 views

Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability

================================================================== Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability ================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: Remote Code...

2.2AI score
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.80 views

FreeBSD Security Advisory FreeBSD-SA-13:02.libc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:02.libc Security Advisory The FreeBSD Project Topic: glob3 related resource exhaustion Category: core Module: libc Announced: 2013-02-19 Affects: All supported...

7.8CVSS6.4AI score0.32357EPSS
Exploits10
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.79 views

Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability

====================================================================== Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability ====================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.76 views

OSEC-2013-01: nagios metacharacter filtering omission

Exploit Title: Wordpress pretty-link plugin XSS in SWF Release Date: 20/02/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/pretty-link.1.6.3.zip Vendor Homepage: http://prettylinkpro.com/ Tested on:...

4.3CVSS0.06314EPSS
Exploits3
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.32 views

Samsung Galaxy S3 screenlock bypass

Voice commands are available in locked state...

2.2AI score
Exploits0References1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.25 views

Alt-N MDaemon multiple security vulnerabilities

Multiple web interface vulnerabilities...

2.2AI score
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.44 views

[IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2013-02-16 Date published: 2013-02-16 CVSSv2 Score: 6,8 AV:N/AC:M/Au:N/C:P/I:P/A:P...

Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.53 views

Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability

===================================================================================== Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability ===================================================================================== Software: Alt-N MDaemon v13.0.3 and prior...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.58 views

TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory SQL Injection in Oracle Enterprise Manager Resource Manager February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 Remot...

4.3CVSS0.2AI score0.00985EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.61 views

TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory SQL Injection in Oracle Enterprise Manager dBClone February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote...

4.3CVSS0.5AI score0.00985EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.59 views

TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Enterprise Manager Cross Site Scripting in XDBResource cancelURL parameter February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4; 10.2.0.5, 11.1.0.7,...

4.3CVSS5.8AI score0.01228EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.61 views

TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory SQL Injection in Oracle Enterprise Manager streams queue February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote...

4.3CVSS0.2AI score0.00985EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.47 views

Samsung Galaxy S3 partial screen-lock bypass

MTI Technology – Vulnerability Research Team www.mti.com ukpentestinfo"at"mti.com Samsung Galaxy S3 – partial screen-lock bypass Date found: 17th Feb 2012 Vendor Notified: 20th Feb 2012 Vendor Affected: Samsung Device: Galaxy S3 Model: GT-19300 OS: Android 4.1.2 Kernel Version: 3.0.31-742798...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.72 views

[CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏

Exploit Title: Wordpress pretty-link plugin XSS in SWF Release Date: 20/02/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/pretty-link.1.6.3.zip Vendor Homepage: http://prettylinkpro.com/ Tested on:...

4.3CVSS0.2AI score0.06314EPSS
Exploits3
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.38 views

Multiple Vulnerabilities in Netgear DGN2200B

Device Name: DGN2200B Vendor: Netgear ============ Vulnerable Firmware Releases: ============ Hardwareversion DGN2200B Firmwareversion V1.0.0.367.0.36 - 04/01/2011 ============ Device Description: ============ Infos: http://www.netgear.com/home/products/wirelessrouters/work-and-play/dgn2200.aspx...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.53 views

[USN-1727-1] Boost vulnerability

========================================================================== Ubuntu Security Notice USN-1727-1 February 18, 2013 boost1.49 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

5CVSS0.3AI score0.0287EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.68 views

Multiple Cross-Site Scripting (XSS) in glFusion

Advisory ID: HTB23142 Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure: February 20, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CV...

4.3CVSS0.03775EPSS
Exploits5
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.58 views

Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability

Exploit Title : Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/marekkis-watermark/ CVE Assigned - CVE-2013-1758 Marekkis...

4.3CVSS0.02053EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.68 views

Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability

Exploit Title : Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/responsive-logo-slideshow/ CVE Assigned - CVE-2013-1759...

4.3CVSS5.3AI score0.02023EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.36 views

SAP Netweaver Message Server multiple security vulnerabilities

Code execution, DoS...

2.5AI score0.22612EPSS
Exploits7References1Affected Software1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.39 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, https response spoofing, information leakage, protection bypass, DoS...

10CVSS1AI score0.05364EPSS
Exploits4Affected Software4
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.106 views

[USN-1733-1] Ruby vulnerabilities

========================================================================== Ubuntu Security Notice USN-1733-1 February 21, 2013 ruby1.9.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

7.5CVSS0.7AI score0.13911EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.53 views

Ruby multiple security vulnerabilities

Crossite scripting, protection bypass...

7.5CVSS1.5AI score0.13911EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.66 views

[USN-1739-1] Linux kernel vulnerability

========================================================================== Ubuntu Security Notice USN-1739-1 February 22, 2013 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.9CVSS0.2AI score0.01434EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.73 views

TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory SQL Injection in Oracle Enterprise Manager advReplicationAdmin February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Yes Credits:...

4.3CVSS0.2AI score0.01895EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.42 views

[IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119 Date found: 2013-02-14 Date published: 2013-02-14...

Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.29 views

Atmel crypto co-processors information leakage

Keys may be leaked via JTAG interface...

3.2AI score
Exploits0References1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.41 views

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities

Title: ====== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Date: ===== 2013-02-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=786 VL-ID: ===== 786 Common Vulnerability Scoring System: ==================================== 5.2 Introduction: ============...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.70 views

Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg

Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware Version Rev. A Runtime Code Version 1.21 Runtime Code Version 1....

Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.105 views

[USN-1723-1] Qt vulnerabilities

========================================================================== Ubuntu Security Notice USN-1723-1 February 14, 2013 qt4-x11 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

4.3CVSS0.1AI score0.01939EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.119 views

Multiple Vulnerabilities in Linksys WAG200G

Device Name: Linksys WAG200G Vendor: Linksys/Cisco ============ Device Description: ============ The WAG200G is a Linksys Wireless-G ADSL Home Gateway which has a high-speed ADSL2+ modem that gives you a fast connection to the Internet. Source:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.40 views

gnome screensaver protection bypass

Screensaver doesn't start automatically...

7.2CVSS2.6AI score0.00376EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.97 views

Multiple Vulnerabilities in Linksys WRT160Nv2

Device Name: Linksys WRT160Nv2 Vendor: Linksys/Cisco ============ Device Description: ============ Best For: Delivers plenty of speed and coverage, so large groups of users can go online, transfer large files, print, and stream stored media Features: Fast Wireless-N connectivity frees you to do...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.57 views

[slackware-security] pidgin (SSA:2013-044-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security pidgin SSA:2013-044-01 New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

6.8CVSS6.3AI score0.03121EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.35 views

Pidgin multiple security vulnerabilities

Different vulnerabilities in MXit and IPnP implementations...

6.8CVSS2.3AI score0.03121EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.146 views

CSRF, XSS and Redirector vulnerabilities in IBM Lotus Domino

Hello 3APA3A! These are Cross-Site Request Forgery, Cross-Site Scripting and Redirector vulnerabilities in IBM Lotus Domino. At 30th of November IBM released the advisory concerning these vulnerabilities. CVE ID: CVE-2012-4842, CVE-2012-4844. SecurityVulns ID: 12789. IBM Security Bulletin for Ope...

5.8CVSS0.2AI score0.01045EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.55 views

[USN-1716-1] gnome-screensaver vulnerability

========================================================================== Ubuntu Security Notice USN-1716-1 February 12, 2013 gnome-screensaver vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

7.2CVSS0.1AI score0.00376EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.56 views

Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability

Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation of our DBI shim to error on semi-col...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.40 views

Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack

The Atmel AT91SAM7XC series of microprocessors contain a crypto co-processor which is DES and AES capable. They include a write-only memory for key storage and multiple physical security measures to prevent decapping etc. However, due to poor memory management, in certain circumstances it is...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.126 views

[USN-1722-1] jQuery vulnerability

========================================================================== Ubuntu Security Notice USN-1722-1 February 13, 2013 jquery vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.3CVSS0.2AI score0.19191EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.28 views

Cisco Linksys routers multiple security vulnerabilities

Directory traversals, code execution, etc...

3.4AI score
Exploits0References3
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.69 views

[SECURITY] [DSA 2623-1] openconnect security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2623-1 [email protected] http://www.debian.org/security/ Florian Weimer February 14, 2013 http://www.debian.org/security/faq -...

5CVSS2.4AI score0.02648EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.19 views

Edimax access points multiple security vulnerabilities

Multiple web interface vulnerabilities...

2.5AI score
Exploits0References1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.26 views

TP-Link access points multiple security vulnereabilities

Multiple web interface vulnerabilities...

2.6AI score
Exploits0References1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.24 views

Dell Sonicwall Scrutinizer multiple security vulnerabilities

Multiple web interface vulnerabilities...

1.9AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.45 views

IBM Lotus Domino crossite scripting and open redirect

IBM Lotus Domino Web Server crossite scripting and open redirection...

5.8CVSS1.4AI score0.01045EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.71 views

I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution

A vulnerability exists in IRIS citations management tool which allows a low privileged attacker to execute arbitrary commands. Details can be found on my blog: https://infosecabsurdity.wordpress.com/2013/02/09/iris-citations-management-tool-post-auth-remote-command-execution/ PoC:...

2.9AI score
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.41 views

Qt multiple security vulnerabilities

Information leakage, incalid SSL error messages...

4.3CVSS2.1AI score0.01939EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities47153