Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/02/18 12:0 a.m.58 views

[slackware-security] pidgin (SSA:2013-044-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security pidgin SSA:2013-044-01 New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

6.8CVSS6.3AI score0.03121EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.70 views

[SECURITY] [DSA 2623-1] openconnect security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2623-1 [email protected] http://www.debian.org/security/ Florian Weimer February 14, 2013 http://www.debian.org/security/faq -...

5CVSS2.4AI score0.02648EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.71 views

Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg

Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware Version Rev. A Runtime Code Version 1.21 Runtime Code Version 1....

Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.127 views

[USN-1722-1] jQuery vulnerability

========================================================================== Ubuntu Security Notice USN-1722-1 February 13, 2013 jquery vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.3CVSS0.2AI score0.19191EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.57 views

Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability

Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation of our DBI shim to error on semi-col...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/02/14 12:0 a.m.46 views

Microsoft Exchange / FAST Search Server code execution

Code execution on Outlook Web Access document viewing / Advanced Filter Pack because of Oracle Outside In technology vulnerability...

6.8CVSS2.2AI score0.08347EPSS
Exploits0Affected Software2
securityvulns
securityvulns
added 2013/02/14 12:0 a.m.87 views

[USN-1720-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1720-1 February 12, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.9CVSS0.00407EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/14 12:0 a.m.38 views

Microsoft Windows Server NFS server DoS

NULL pointer dereference...

7.1CVSS2.1AI score0.23857EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/14 12:0 a.m.59 views

Microsoft Internet Explorer multiple security vulnerabilities

Information leakage, multiple use-after-free vulnerabilities, VML memory corruption...

9.3CVSS1.8AI score0.55765EPSS
Exploits17Affected Software1
securityvulns
securityvulns
added 2013/02/14 12:0 a.m.38 views

Adobe Shockwave Player code execution

Few code execution possibilities...

10CVSS3.1AI score0.09275EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2013/02/14 12:0 a.m.62 views

[SECURITY] [DSA 2622-1] polarssl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2622-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 13, 2013 http://www.debian.org/security/faq -...

4.3CVSS3.7AI score0.35584EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.93 views

[SECURITY] [DSA 2616-1] nagios3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2616-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire February 03, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.6645EPSS
Exploits15
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.41 views

Mathematica9.0.1 on Linux /tmp/MathLink vulnerability

The problem reported for Mathematica is present still at version 9.0.1, both for the GUI and for the command-line interface. Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia ---...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.95 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.6645EPSS
Exploits25References9Affected Software10
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.123 views

ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities

ESA-2013-002.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities EMC Identifier: ESA-2013-002 CVE Identifier: CVE-2012-2293, CVE-2012-2292, CVE-2012-1064, CVE-2012-2294 Severity Rating: See below for scores for individual issues Affected...

7.5CVSS6.4AI score0.0214EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.101 views

0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities

Title: ====== Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Date: ===== 2013-02-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=851 VL-ID: ===== 851 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.49 views

cURL buffer overflow

Buffer overflow in SASL DIGEST-MD5 implementation...

7.5CVSS3.2AI score0.22913EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.146 views

SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin

Advisory ID: HTB23140 Product: Wysija Newsletters WordPress plugin Vendor: Wysija Vulnerable Versions: 2.2 and probably prior Tested Version: 2.2 Vendor Notification: January 16, 2013 Vendor Patch: January 18, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: SQL Injection CWE-89 CVE...

6.5CVSS0.3AI score0.04314EPSS
Exploits4
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.49 views

[USN-1714-1] QXL graphics driver vulnerability

========================================================================== Ubuntu Security Notice USN-1714-1 February 05, 2013 xserver-xorg-video-qxl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

2.1CVSS0.3AI score0.00385EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.30 views

Symantec Enterprise Security Manager privilege escalation

Privilege escalation via executable planting...

7.2CVSS4.3AI score0.00483EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.37 views

Lorex IP cameras authenticaiton bypass

It's possible to access camera without authentication...

3.3AI score0.02609EPSS
Exploits2References1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.62 views

Sony Playstation Vita addressbar spoofing

Adress bar spoofing via window.open...

3AI score
Exploits0References1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.75 views

Cisco ATA 187 unauthorized access

Unauthorized access via TCP/7870 port...

9CVSS4.1AI score0.01427EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.68 views

Broadcom chipset routers format string vulnerability

UPnP stack implementation format string vulnerability...

10CVSS3.2AI score0.82807EPSS
Exploits13References2Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.31 views

HP LeftHand Virtual SAN Appliance code execution

No description provided...

10CVSS2.2AI score0.16865EPSS
Exploits4References1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.14 views

Oracle Automated Service Manager symbolic links vulnerability

Symbolic links vulnerability during installation process...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.60 views

[USN-1715-1] OpenStack Keystone vulnerability

========================================================================== Ubuntu Security Notice USN-1715-1 February 05, 2013 keystone vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS0.2AI score0.03243EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.65 views

Directory Traversal - EasyITSP <= 2.0.7

Directory Traversal - EasyITSP = 2.0.7 EasyITSP - Telephone System VoIP http://blaszczakm.blogspot.com Michal Blaszczak Search/Read/Delete filetype .txt Search/Play/Delete filetype .wav - Voicemail file: voicemail.php line: 220 foreach glob"$vmdir/$SESSIONphone/$vmfolder/.txt" as $filename file:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.36 views

NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation

Medium Risk Vulnerability in Symantec Enterprise Security Management 04 February 2013 Gavin Jones of NCC Group has discovered a Medium risk vulnerability in Symantec Enterprise Security Management 9.0.1 Agent version 9.0.1153.20001 Impact: Privilege escalation Versions affected: Symantec Enterpri...

1AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.92 views

[slackware-security] curl (SSA:2013-038-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security curl SSA:2013-038-01 New curl packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

7.5CVSS8.3AI score0.22913EPSS
Exploits6
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.40 views

RSA Archer GRC multiple security vulnerabilities

Directory traversal, clickjacking, crossite access, crossite scripting...

7.5CVSS2.4AI score0.0214EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.76 views

NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation

Medium Risk Vulnerability in Symantec Network Access Control 04 February 2013 Gavin Jones of NCC Group has discovered a Medium risk vulnerability in Symantec Endpoint Protection Version 12.1.1000.157.105 Impact: Privilege escalation Versions affected: Symantec Network Access Control v12.1 and...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.91 views

[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability

------------------------------------------------------------------------- CubeCart = 5.2.0 cubecart.class.php PHP Object Injection Vulnerability ------------------------------------------------------------------------- - Software Link: http://www.cubecart.com/ - Affected Versions: All versions fr...

7.5CVSS0.5AI score0.07086EPSS
Exploits6
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.83 views

[CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF

Exploit Title: Wordpress wp-table-reloaded plugin XSS in SWF Release Date: 24/01/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/wp-table-reloaded.latest-stable.zip Vendor Homepage:...

4.3CVSS5.4AI score0.0635EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.91 views

[CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏

Exploit Title: Wordpress Audio Player Plugin XSS in SWF Release Date: 31/01/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/audio-player.2.0.4.6.zip Vendor Homepage: http://wpaudioplayer.com/ Tested...

4.3CVSS0.2AI score0.06414EPSS
Exploits1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.50 views

[SECURITY] [DSA 2618-1] ircd-hybrid security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2618-1 [email protected] http://www.debian.org/security/ Luciano Bello February 07, 2013 http://www.debian.org/security/faq -...

5CVSS2AI score0.09962EPSS
Exploits5
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.44 views

Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install

Oracle Automated Service Manager 1.3 local root during install Larry W. Cashdollar 1/29/2013 @larry0 SUNWsasm-1.3.1-20110815093723 https://updates.oracle.com/Orion/Services/download?type=readme&aru=15864534 From the README: "Oracle Automated Service Manager 1.3.1 Oracle Automated Service Manager ...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.99 views

DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up

A few weeks ago, we have announced remote preauth root access exploit for Cisco Linksys http://www.youtube.com/watch?v=cv-MbL7KFKE. Vulnerability details were disclosed here: http://www.defensecode.com/public/DefenseCodeBroadcomSecurityAdvisory.pdf During further research, we have discovered that...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.84 views

[PT-2012-53] Privilege Gaining in DataLife Engine

----------------------------------------------------------- PT-2012-53 Positive Technologies Security Advisory Privilege Gaining in DataLife Engine ----------------------------------------------------------- --- Vulnerable software DataLife Engine Version: 9.7 and earlier Application link:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.67 views

[security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03661318 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03661318 Version: 1 HPSBST02846...

10CVSS0.4AI score0.16865EPSS
Exploits4
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.63 views

[security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 UPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03652323 Version: 1 HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i NNMi for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting XSS NOTICE: The information in this Security...

4.3CVSS0.4AI score0.0163EPSS
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.52 views

QXL driver DoS

Crash on connection termination...

2.1CVSS1.8AI score0.00385EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.36 views

IRCD-Hybrid DoS

No description provided...

5CVSS0.7AI score0.09962EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.114 views

Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B)

Device Name: DIR-600 / DIR 300 - HW rev B1 Vendor: D-Link ============ Vulnerable Firmware Releases - DIR-300: ============ Firmware Version : 2.12 - 18.01.2012 Firmware Version : 2.13 - 07.11.2012 ============ Vulnerable Firmware Releases - DIR-600: ============ Firmware-Version : 2.12b02 -...

Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.35 views

HP Network Node Manager I crossite scripting

No description provided...

4.3CVSS1.1AI score0.0163EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.237 views

[MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing

MajorSecurity-SA-2013-014Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing Details ============= Product: Sony Playstation Vita Browser - firmware 2.05 CVE-ID: CVE-2013-XXXX Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://de.playstation.com/psvita/ Advisory-Status...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.210 views

CVE-2012-6451 Authentication Bypass in LOREX IP Cameras

Product: Lorex LNC116 and LNC104 IP Cameras Vendor: LOREX Technology Inc. Vulnerability Type: Authentication Bypass Vulnerable Firmware Versions: 030312 and earlier Tested Firmware Version: 030312 Fixed Firmware Version: 030405 Solution Status: Fixed by Vendor Vendor Notification: December 22, 20...

1.1AI score0.02609EPSS
Exploits2
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.112 views

Multiple Vulnerabilities in Linksys E1500/E2500

Device Name: Linksys E1500 / E2500 Vendor: Linksys ============ Device Description: ============ The Linksys E1500 is a Wireless-N Router with SpeedBoost. It lets you access the Internet via a wireless connection or through one of its four switched ports. You can also use the Linksys E1500 to sha...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.88 views

Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin

Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS6.2AI score0.04546EPSS
Exploits3
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.30 views

Symantec Endpoint Protection Management security vulnerabilities

Executable planting, remote PHP code execution...

7.2CVSS3.3AI score0.01161EPSS
Exploits0References1Affected Software2
Total number of security vulnerabilities47153