Securityvulns - Page 111 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2013/02/18 12:0 a.m.•37 views

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities

Title: ====== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Date: ===== 2013-02-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=786 VL-ID: ===== 786 Common Vulnerability Scoring System: ==================================== 5.2 Introduction: ============...

securityvulns•added 2013/02/18 12:0 a.m.•69 views

Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg

Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware Version Rev. A Runtime Code Version 1.21 Runtime Code Version 1....

securityvulns•added 2013/02/18 12:0 a.m.•117 views

Multiple Vulnerabilities in Linksys WAG200G

Device Name: Linksys WAG200G Vendor: Linksys/Cisco ============ Device Description: ============ The WAG200G is a Linksys Wireless-G ADSL Home Gateway which has a high-speed ADSL2+ modem that gives you a fast connection to the Internet. Source:...

securityvulns•added 2013/02/18 12:0 a.m.•111 views

[SECURITY] [DSA 2620-1] rails security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2620-1 [email protected] http://www.debian.org/security/ Florian Weimer February 12, 2013 http://www.debian.org/security/faq -...

10CVSS1.2AI score0.06742EPSS

securityvulns•added 2013/02/18 12:0 a.m.•52 views

[USN-1716-1] gnome-screensaver vulnerability

========================================================================== Ubuntu Security Notice USN-1716-1 February 12, 2013 gnome-screensaver vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

7.2CVSS0.1AI score0.00051EPSS

securityvulns•added 2013/02/14 12:0 a.m.•81 views

[USN-1720-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1720-1 February 12, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.9CVSS0.00078EPSS

securityvulns•added 2013/02/14 12:0 a.m.•55 views

Microsoft Internet Explorer multiple security vulnerabilities

Information leakage, multiple use-after-free vulnerabilities, VML memory corruption...

9.3CVSS1.8AI score0.86052EPSS

Exploits17Affected Software1

securityvulns•added 2013/02/14 12:0 a.m.•37 views

Microsoft Windows Server NFS server DoS

NULL pointer dereference...

7.1CVSS2.1AI score0.68543EPSS

securityvulns•added 2013/02/14 12:0 a.m.•46 views

Microsoft Exchange / FAST Search Server code execution

Code execution on Outlook Web Access document viewing / Advanced Filter Pack because of Oracle Outside In technology vulnerability...

6.8CVSS2.2AI score0.20464EPSS

Exploits0Affected Software2

securityvulns•added 2013/02/14 12:0 a.m.•61 views

[SECURITY] [DSA 2622-1] polarssl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2622-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 13, 2013 http://www.debian.org/security/faq -...

4.3CVSS3.7AI score0.00943EPSS

securityvulns•added 2013/02/14 12:0 a.m.•37 views

Adobe Shockwave Player code execution

Few code execution possibilities...

10CVSS3.1AI score0.26062EPSS

Exploits0Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•110 views

Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B)

Device Name: DIR-600 / DIR 300 - HW rev B1 Vendor: D-Link ============ Vulnerable Firmware Releases - DIR-300: ============ Firmware Version : 2.12 - 18.01.2012 Firmware Version : 2.13 - 07.11.2012 ============ Vulnerable Firmware Releases - DIR-600: ============ Firmware-Version : 2.12b02 -...

securityvulns•added 2013/02/11 12:0 a.m.•31 views

HP LeftHand Virtual SAN Appliance code execution

No description provided...

10CVSS2.2AI score0.35052EPSS

Exploits4References1

securityvulns•added 2013/02/11 12:0 a.m.•68 views

Broadcom chipset routers format string vulnerability

UPnP stack implementation format string vulnerability...

10CVSS3.2AI score0.87949EPSS

Exploits13References2Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•208 views

CVE-2012-6451 Authentication Bypass in LOREX IP Cameras

Product: Lorex LNC116 and LNC104 IP Cameras Vendor: LOREX Technology Inc. Vulnerability Type: Authentication Bypass Vulnerable Firmware Versions: 030312 and earlier Tested Firmware Version: 030312 Fixed Firmware Version: 030405 Solution Status: Fixed by Vendor Vendor Notification: December 22, 20...

1.1AI score0.018EPSS

securityvulns•added 2013/02/11 12:0 a.m.•90 views

[SECURITY] [DSA 2616-1] nagios3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2616-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire February 03, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.799EPSS

securityvulns•added 2013/02/11 12:0 a.m.•60 views

[security bulletin] HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 UPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03652323 Version: 1 HPSBMU02842 SSRT100909 rev.1 - HP Network Node Manager i NNMi for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting XSS NOTICE: The information in this Security...

4.3CVSS0.4AI score0.00623EPSS

securityvulns•added 2013/02/11 12:0 a.m.•35 views

NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation

Medium Risk Vulnerability in Symantec Enterprise Security Management 04 February 2013 Gavin Jones of NCC Group has discovered a Medium risk vulnerability in Symantec Enterprise Security Management 9.0.1 Agent version 9.0.1153.20001 Impact: Privilege escalation Versions affected: Symantec Enterpri...

securityvulns•added 2013/02/11 12:0 a.m.•98 views

0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities

Title: ====== Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Date: ===== 2013-02-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=851 VL-ID: ===== 851 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...

securityvulns•added 2013/02/11 12:0 a.m.•34 views

IRCD-Hybrid DoS

No description provided...

5CVSS0.7AI score0.39225EPSS

Exploits5References1Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•90 views

[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability

------------------------------------------------------------------------- CubeCart = 5.2.0 cubecart.class.php PHP Object Injection Vulnerability ------------------------------------------------------------------------- - Software Link: http://www.cubecart.com/ - Affected Versions: All versions fr...

7.5CVSS0.5AI score0.3101EPSS

securityvulns•added 2013/02/11 12:0 a.m.•144 views

SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin

Advisory ID: HTB23140 Product: Wysija Newsletters WordPress plugin Vendor: Wysija Vulnerable Versions: 2.2 and probably prior Tested Version: 2.2 Vendor Notification: January 16, 2013 Vendor Patch: January 18, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: SQL Injection CWE-89 CVE...

6.5CVSS0.3AI score0.01418EPSS

securityvulns•added 2013/02/11 12:0 a.m.•109 views

Multiple Vulnerabilities in Linksys E1500/E2500

Device Name: Linksys E1500 / E2500 Vendor: Linksys ============ Device Description: ============ The Linksys E1500 is a Wireless-N Router with SpeedBoost. It lets you access the Internet via a wireless connection or through one of its four switched ports. You can also use the Linksys E1500 to sha...

securityvulns•added 2013/02/11 12:0 a.m.•97 views

DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up

A few weeks ago, we have announced remote preauth root access exploit for Cisco Linksys http://www.youtube.com/watch?v=cv-MbL7KFKE. Vulnerability details were disclosed here: http://www.defensecode.com/public/DefenseCodeBroadcomSecurityAdvisory.pdf During further research, we have discovered that...

securityvulns•added 2013/02/11 12:0 a.m.•37 views

Lorex IP cameras authenticaiton bypass

It's possible to access camera without authentication...

3.3AI score0.018EPSS

Exploits2References1

securityvulns•added 2013/02/11 12:0 a.m.•83 views

[PT-2012-53] Privilege Gaining in DataLife Engine

----------------------------------------------------------- PT-2012-53 Positive Technologies Security Advisory Privilege Gaining in DataLife Engine ----------------------------------------------------------- --- Vulnerable software DataLife Engine Version: 9.7 and earlier Application link:...

securityvulns•added 2013/02/11 12:0 a.m.•44 views

[USN-1714-1] QXL graphics driver vulnerability

========================================================================== Ubuntu Security Notice USN-1714-1 February 05, 2013 xserver-xorg-video-qxl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

2.1CVSS0.3AI score0.00059EPSS

securityvulns•added 2013/02/11 12:0 a.m.•52 views

QXL driver DoS

Crash on connection termination...

2.1CVSS1.8AI score0.00059EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•48 views

cURL buffer overflow

Buffer overflow in SASL DIGEST-MD5 implementation...

7.5CVSS3.2AI score0.44202EPSS

Exploits6References1Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•87 views

Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin

Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Versions: 2.92.3 and probably prior Tested Version: 2.92.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: February 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS6.2AI score0.03377EPSS

securityvulns•added 2013/02/11 12:0 a.m.•60 views

[USN-1715-1] OpenStack Keystone vulnerability

========================================================================== Ubuntu Security Notice USN-1715-1 February 05, 2013 keystone vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS0.2AI score0.0296EPSS

securityvulns•added 2013/02/11 12:0 a.m.•62 views

Sony Playstation Vita addressbar spoofing

Adress bar spoofing via window.open...

Exploits0References1

securityvulns•added 2013/02/11 12:0 a.m.•29 views

Symantec Enterprise Security Manager privilege escalation

Privilege escalation via executable planting...

7.2CVSS4.3AI score0.00073EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•88 views

[CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏

Exploit Title: Wordpress Audio Player Plugin XSS in SWF Release Date: 31/01/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/audio-player.2.0.4.6.zip Vendor Homepage: http://wpaudioplayer.com/ Tested...

4.3CVSS0.2AI score0.0352EPSS

securityvulns•added 2013/02/11 12:0 a.m.•118 views

ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities

ESA-2013-002.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities EMC Identifier: ESA-2013-002 CVE Identifier: CVE-2012-2293, CVE-2012-2292, CVE-2012-1064, CVE-2012-2294 Severity Rating: See below for scores for individual issues Affected...

7.5CVSS6.4AI score0.01321EPSS

securityvulns•added 2013/02/11 12:0 a.m.•33 views

HP Network Node Manager I crossite scripting

No description provided...

4.3CVSS1.1AI score0.00623EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•40 views

RSA Archer GRC multiple security vulnerabilities

Directory traversal, clickjacking, crossite access, crossite scripting...

7.5CVSS2.4AI score0.01321EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•231 views

[MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing

MajorSecurity-SA-2013-014Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing Details ============= Product: Sony Playstation Vita Browser - firmware 2.05 CVE-ID: CVE-2013-XXXX Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://de.playstation.com/psvita/ Advisory-Status...

securityvulns•added 2013/02/11 12:0 a.m.•74 views

Cisco ATA 187 unauthorized access

Unauthorized access via TCP/7870 port...

9CVSS4.1AI score0.00523EPSS

Exploits0Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•27 views

Symantec Endpoint Protection Management security vulnerabilities

Executable planting, remote PHP code execution...

7.2CVSS3.3AI score0.02467EPSS

Exploits0References1Affected Software2

securityvulns•added 2013/02/11 12:0 a.m.•41 views

Oracle Automated Service Manager 1.3 & Auto Service Request 4.3 local root during install

Oracle Automated Service Manager 1.3 local root during install Larry W. Cashdollar 1/29/2013 @larry0 SUNWsasm-1.3.1-20110815093723 https://updates.oracle.com/Orion/Services/download?type=readme&aru=15864534 From the README: "Oracle Automated Service Manager 1.3.1 Oracle Automated Service Manager ...

securityvulns•added 2013/02/11 12:0 a.m.•14 views

Oracle Automated Service Manager symbolic links vulnerability

Symbolic links vulnerability during installation process...

Exploits0References1Affected Software1

securityvulns•added 2013/02/11 12:0 a.m.•66 views

[security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03661318 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03661318 Version: 1 HPSBST02846...

10CVSS0.4AI score0.35052EPSS

securityvulns•added 2013/02/11 12:0 a.m.•94 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.799EPSS

Exploits25References9Affected Software10

securityvulns•added 2013/02/11 12:0 a.m.•91 views

[slackware-security] curl (SSA:2013-038-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security curl SSA:2013-038-01 New curl packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

7.5CVSS8.3AI score0.44202EPSS

securityvulns•added 2013/02/11 12:0 a.m.•64 views

Directory Traversal - EasyITSP <= 2.0.7

Directory Traversal - EasyITSP = 2.0.7 EasyITSP - Telephone System VoIP http://blaszczakm.blogspot.com Michal Blaszczak Search/Read/Delete filetype .txt Search/Play/Delete filetype .wav - Voicemail file: voicemail.php line: 220 foreach glob"$vmdir/$SESSIONphone/$vmfolder/.txt" as $filename file:...

securityvulns•added 2013/02/11 12:0 a.m.•72 views

NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation

Medium Risk Vulnerability in Symantec Network Access Control 04 February 2013 Gavin Jones of NCC Group has discovered a Medium risk vulnerability in Symantec Endpoint Protection Version 12.1.1000.157.105 Impact: Privilege escalation Versions affected: Symantec Network Access Control v12.1 and...

securityvulns•added 2013/02/11 12:0 a.m.•41 views

Mathematica9.0.1 on Linux /tmp/MathLink vulnerability

The problem reported for Mathematica is present still at version 9.0.1, both for the GUI and for the command-line interface. Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia ---...

securityvulns•added 2013/02/11 12:0 a.m.•105 views

FreeBSD 9.1 ftpd Remote Denial of Service

FreeBSD 9.1 ftpd Remote Denial of Service Maksymilian Arciemowicz http://cxsecurity.org/ http://cxsec.org/ Public Date: 01.02.2013 URL: http://cxsecurity.com/issue/WLB-2013020003 Affected servers: - ftp.uk.freebsd.org, - ftp.ua.freebsd.org, - ftp5.freebsd.org, - ftp5.us.freebsd.org, -...

7.8CVSS6.7AI score0.12281EPSS

securityvulns•added 2013/02/11 12:0 a.m.•116 views

[SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU

Hello All, Below, we are providing you with technical details regarding security issues reported by us to Oracle and addressed by the company in a recent Feb 2013 Java SE CPU 1. Issue 29 This issue allows for the creation of arbitrary Proxy objects for interfaces defined in restricted packages...

10CVSS0.2AI score0.0155EPSS

Total number of security vulnerabilities47153