Securityvulns - Page 114 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2013/01/14 12:0 a.m.•59 views

ProFTPd symbolic links vulnerability

No description provided...

1.2CVSS1.3AI score0.00057EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/01/14 12:0 a.m.•63 views

CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash

CVE-2012-5649 JSONP arbitrary code execution with Adobe Flash Severity: Moderate Vendor: The Apache Software Foundation Affected Versions: JSONP is supported but disabled by default in all currently supported releases of Apache CouchDB. Administrator access is required to enable it. Releases up t...

6.8CVSS2.4AI score0.01836EPSS

securityvulns•added 2013/01/14 12:0 a.m.•66 views

DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit

DefenseCode Security Advisory UPCOMING: Cisco Linksys Remote Preauth 0day Root Exploit Story behind the vulnerability... Months ago, we've contacted Cisco about a remote preauth root access vulnerability in default installation of their Linksys routers that we've discovered. We gave them detailed...

securityvulns•added 2013/01/14 12:0 a.m.•127 views

Adobe ColdFusion multiple security vulnerabilities

Authentication bypass, privilege escalation, information leakage...

10CVSS3.1AI score0.92679EPSS

Exploits12Affected Software1

securityvulns•added 2013/01/14 12:0 a.m.•42 views

HP ServiceGuard DoS

No description provided...

7.8CVSS0.7AI score0.01441EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/01/14 12:0 a.m.•64 views

[security bulletin] HPSBMU02838 SSRT100789 rev.1 - HP Serviceguard on Linux, Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03621178 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03621178 Version: 1 HPSBMU02838...

7.8CVSS0.5AI score0.01441EPSS

securityvulns•added 2013/01/14 12:0 a.m.•26 views

Cisco Linksys router unauthorized access

No description provided...

Exploits0References1

securityvulns•added 2013/01/14 12:0 a.m.•102 views

Adobe Flash Player memory corruption

Memory corruption on SWF parsing...

10CVSS3.7AI score0.07171EPSS

Exploits0References1Affected Software2

securityvulns•added 2013/01/14 12:0 a.m.•57 views

[SE-2012-01] 'Fix' for Issue 32 exploited by new Java 0-day code

Hello All, We were notified today of ongoing attacks with the use of a new Java vulnerability affecting latest version 7 Update 10 of the software 12. Due to the unpatched status of Issue 50 3 and some inquiries received regarding whether the attack code found exploited this bug, we had a quick...

securityvulns•added 2013/01/10 12:0 a.m.•32 views

X.Org / XFree86 xfs DoS

Invalid SendErrToClient function use...

3.6CVSS1.6AI score0.00075EPSS

Exploits0Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•105 views

Chrome for Android - Bypassing SOP for Local Files By Symlinks

CVE Number: CVE-2012-4908 Title: Chrome for Android - Bypassing SOP for Local Files By Symlinks Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: Chrome for Android's Same-Origi...

7.5CVSS5.8AI score0.03629EPSS

securityvulns•added 2013/01/10 12:0 a.m.•109 views

Chrome for Android - UXSS via com.android.browser.application_id Intent extra

CVE Number: CVE-2012-4905 Title: Chrome for Android - UXSS via com.android.browser.applicationid Intent extra Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: By sending a...

4.3CVSS0.5AI score0.00598EPSS

securityvulns•added 2013/01/10 12:0 a.m.•54 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, buffer overflows, privilege escalations, address spoofing, misissued certificate...

10CVSS3.2AI score0.87365EPSS

Exploits30Affected Software3

securityvulns•added 2013/01/10 12:0 a.m.•71 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.10931EPSS

Exploits8References5Affected Software6

securityvulns•added 2013/01/10 12:0 a.m.•37 views

Samsung Kies ActiveX multiple security vulnerabilities

Code execution, files modification...

10CVSS3.1AI score0.49934EPSS

Exploits6References2Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•35 views

Google Chrome for Android multiple security vulnerabilities

Multiple protection bypass and privilege escalation vulnerabilities...

9.3CVSS3.3AI score0.06965EPSS

Exploits5References5Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•71 views

[SECURITY] [DSA 2602-1] zendframework security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2602-1 [email protected] http://www.debian.org/security/ Florian Weimer January 08, 2013 http://www.debian.org/security/faq -...

5CVSS1.4AI score0.00719EPSS

securityvulns•added 2013/01/10 12:0 a.m.•72 views

Nero MediaHome Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper Handling of Length Parameter Inconsistency...

5CVSS0.3AI score0.20693EPSS

securityvulns•added 2013/01/10 12:0 a.m.•28 views

Cisco Unified IP Phones 7900 privilege escalation

Insufficient syscall arguments check...

6.8CVSS3AI score0.00362EPSS

Exploits0Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•58 views

New vulnerabilities in MODx Revolution

Hello 3APA3A! I want to warn you about two new vulnerabilities in MODx Revolution. This is addition to previous publication about vulnerabilities in MODx Revolution http://securityvulns.ru/docs28923.html. These are Abuse of Functionality vulnerabilities in MODx related to earlier mentioned Brute...

securityvulns•added 2013/01/10 12:0 a.m.•66 views

Chrome for Android - Download Function Information Disclosure

CVE Number: CVE-2012-4906 Title: Chrome for Android - Download Function Information Disclosure Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: Rogue Android apps can steal...

5CVSS5.9AI score0.06965EPSS

securityvulns•added 2013/01/10 12:0 a.m.•80 views

Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart

Advisory ID: HTB23135 Product: Quick.Cms, Quick.Cart Vendor: OpenSolution team Vulnerable Versions: Quick.Cms 5.0, Quick.Cart 6.0 and probably prior Tested Version: Quick.Cms 5.0, Quick.Cart 6.0 Vendor Notification: December 19, 2012 Vendor Patch: December 20, 2012 Public Disclosure: January 9,...

4.3CVSS6.1AI score0.10931EPSS

securityvulns•added 2013/01/10 12:0 a.m.•34 views

Nero MediaHome DoS

Different vulnerabilities on TCP/54444 requests parsing...

5CVSS4.2AI score0.20693EPSS

Exploits6References1Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•33 views

Microsoft System Center Operations Manager crossite scripting

Crossite scripting in Web console...

4.3CVSS1.5AI score0.24926EPSS

Exploits0Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•29 views

Cisco Prime LAN Management Solution code execution

Insufficient network traffic validation...

10CVSS2.9AI score0.04287EPSS

Exploits4Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•18 views

Facebook for Android information leakage

Malicious app can steal private files...

Exploits0References1

securityvulns•added 2013/01/10 12:0 a.m.•84 views

TomatoCart 1.x | Cross Site Request Forgery Protection Bypass via JavaScript Hijacking

OVERVIEW TomatoCart 1.x versions are vulnerable to Cross Site Request Forgery Protection Bypass. 2. BACKGROUND TomatoCart is an innovative Open Source shopping cart solution developed by Wuxi Elootec Technology Co., Ltd. It is forked from osCommerce 3 as a separate project and is released under...

securityvulns•added 2013/01/10 12:0 a.m.•79 views

Chrome for Android - Cookie theft from Chrome by malicious Android app

CVE Number: CVE-2012-4909 Title: Chrome for Android - Cookie theft from Chrome by malicious Android app Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: Symbolic links can be...

4.3CVSS0.1AI score0.03937EPSS

securityvulns•added 2013/01/10 12:0 a.m.•64 views

Remote Buffer Overflow Vulnerability in Samsung Kies

Advisory ID: HTB23136 Product: Samsung Kies Vendor: Samsung Electronics Vulnerable Versions: 2.5.0.121141 Tested Version: 2.5.0.121141 on Windows 7 SP1 and Internet Explorer 9.0 Vendor Notification: December 19, 2012 Vendor Patch: December 27, 2012 Public Disclosure: January 9, 2013 Vulnerability...

10CVSS0.1AI score0.49934EPSS

securityvulns•added 2013/01/10 12:0 a.m.•53 views

Facebook for Android - Information Diclosure Vulnerability

Title: Facebook for Android - Information Diclosure Vulnerability Affected Software: Facebook Application 1.8.1 for Android Confirmed on Android 2.2 Credit: Takeshi Terada Issue Status: v1.8.2 was released which fixes this vulnerability Overview: The LoginActivity of Facebook app has improper...

securityvulns•added 2013/01/10 12:0 a.m.•38 views

EMC Networker buffer overflow

Buffer overflow in nsrindexd RPC based service...

9.3CVSS4.2AI score0.08413EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•60 views

Microsoft Windows multiple security vulnerabilities

Print spooler service code execution, XML library integer overflow and memory corruption, multiple .Net vulnerabilities, Win32K privilege escalation SSL/TLS library protection bypass, Open Data Protocol DoS...

10CVSS3.9AI score0.68285EPSS

Exploits19Affected Software1

securityvulns•added 2013/01/10 12:0 a.m.•101 views

Chrome for Android - Android APIs exposed to JavaScript

CVE Number: CVE-2012-4907 Title: Chrome for Android - Android APIs exposed to JavaScript Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: By abusing Java objects exposed to...

9.3CVSS0.4AI score0.00438EPSS

securityvulns•added 2013/01/10 12:0 a.m.•64 views

ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability. EMC Identifier: ESA-2013-001 EMC CQ Identifier: NW145612 EMC CQ Identifier: NW145894 CVE Identifier: CVE-2012-4607 Severity Rating: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected Products: EMC...

9.3CVSS1.2AI score0.08413EPSS

securityvulns•added 2013/01/10 12:0 a.m.•92 views

TomatoCart 1.x | Unrestricted File Creation

OVERVIEW TomatoCart 1.x versions are vulnerable to Unrestricted File Creation. 2. BACKGROUND TomatoCart is an innovative Open Source shopping cart solution developed by Wuxi Elootec Technology Co., Ltd. It is forked from osCommerce 3 as a separate project and is released under the GNU General...

securityvulns•added 2013/01/05 12:0 a.m.•29 views

Rapid7 Nexpose security vulnerabilities

Crossite scripting and request forgery...

6.8CVSS1.7AI score0.00385EPSS

Exploits6References2Affected Software1

securityvulns•added 2013/01/05 12:0 a.m.•47 views

AST-2012-014: Crashes due to large stack allocations when using TCP

Asterisk Project Security Advisory - AST-2012-014 Product Asterisk Summary Crashes due to large stack allocations when using TCP Nature of Advisory Stack Overflow Susceptibility Remote Unauthenticated Sessions SIP Remote Authenticated Sessions XMPP, HTTP Severity Critical Exploits Known No Report...

5CVSS0.2AI score0.29742EPSS

securityvulns•added 2013/01/05 12:0 a.m.•39 views

Asterisk security vulnerabilities

DoS conditions caused by resources exhaustion...

5CVSS2.1AI score0.29742EPSS

Exploits0References2Affected Software1

securityvulns•added 2013/01/05 12:0 a.m.•41 views

DoS vulnerability in Flash player (access violation)

Hello 3APA3A! I want to warn you about Denial of Service vulnerability in Flash player plugin for browsers. I've found this vulnerability in June 11.06.2011. That time I've wrote about this built-in DoS in new version of Flash player as a "surprise" from Adobe for owners of old browser, because i...

securityvulns•added 2013/01/05 12:0 a.m.•61 views

CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF)

Product: Nexpose Security Console Vendor: Rapid7 Version: 5.5.3 Tested Version: 5.5.1 Vendor Notified Date: December 19, 2012 Release Date: January 2, 2013 Risk: High Authentication: None required Remote: Yes Description: Multiple Cross-Site Request Forgery CSRF vulnerabilities in Nexpose Securit...

6.8CVSS6.8AI score0.00385EPSS

securityvulns•added 2013/01/05 12:0 a.m.•50 views

CVE-2012-6494 - Nexpose Security Console - Session Hijacking

Product: Nexpose Security Console Vendor: Rapid7 Version: 5.5.3 Tested Version: 5.5.1 Vendor Notified Date: December 19, 2012 Release Date: January 2, 2013 Risk: Medium Authentication: Access to logs required. Remote: Yes Description: Due to a flaw in the way the Nexpose Security Console logs...

0.4AI score0.00369EPSS

securityvulns•added 2013/01/05 12:0 a.m.•21 views

PMSoftware Simple Webserver directory traversal

Request with relative path allows file retrieval...

Exploits0References1Affected Software1

securityvulns•added 2013/01/05 12:0 a.m.•50 views

AST-2012-015: Denial of Service Through Exploitation of Device State Caching

Asterisk Project Security Advisory - AST-2012-015 Product Asterisk Summary Denial of Service Through Exploitation of Device State Caching Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known None Reported On 26 July, 2012 Reported By...

4.3CVSS0.7AI score0.01103EPSS

securityvulns•added 2013/01/05 12:0 a.m.•87 views

Aastra IP Telephone encrypted .tuz configuration file leakage

Aastra IP telephone encrypted .tuz configuration file leakage ------------------------------------------------------------- Affected products ================= Aastra 6753i IP Telephone Firmware Version 3.2.2.56 Firmware Release Code SIP Boot Version 2.5.2.1010 Background ========== "The 6753i fr...

securityvulns•added 2013/01/05 12:0 a.m.•24 views

Слабая криптография в IP-телефонах Aastra

Configuration file encryption is vulnerable to replay attacks...

Exploits0References1

securityvulns•added 2013/01/05 12:0 a.m.•33 views

Simple Webserver 2.3-rc1 Directory Traversal

Exploit Title: Simple Webserver 2.3-rc1 Directory Traversal Date: 01/02/2013 Exploit Author: CwG GeNiuS Vendor Homepage: http://www.pmx.it Software Link: http://www.pmx.it/download/sws-2.3-rc1-i686.exe Version: 2.3-rc1 and earlier Tested on: Windows 7 Enterprise SP1 Vulnerability: When removing t...

securityvulns•added 2013/01/02 12:0 a.m.•44 views

AppArmor protection bypass

It's possible to bypass protection...

Exploits0References2

securityvulns•added 2013/01/02 12:0 a.m.•49 views

VMWare vCSA/ESXi multiple security vulnerabilities

Directory traversal, information leakage...

4CVSS2.8AI score0.00144EPSS

Exploits2References1Affected Software2

securityvulns•added 2013/01/02 12:0 a.m.•43 views

[USN-1668-1] Apport update

========================================================================== Ubuntu Security Notice USN-1668-1 December 17, 2012 apport update ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

securityvulns•added 2013/01/02 12:0 a.m.•40 views

Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability

----------------------------------------------------------------------- Microsoft Internet Explorer 9.x = Remote Stack Overflow Vulnerability ----------------------------------------------------------------------- Author: Jean Pascal Pereira [email protected] Vendor: Microsoft Internet Explorer 9...

Total number of security vulnerabilities47153