Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•36 views

HP Integrated Lights-Out information leakage

No description provided...

9.3CVSS1AI score0.05091EPSS
Exploits0References1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•68 views

[security bulletin] HPSB3C02831 SSRT100661 rev.1 - HP Intelligent Management Center User Access Manager (UAM), Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03589863 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03589863 Version: 1 HPSB3C02831...

10CVSS0.6AI score0.61762EPSS
Exploits3
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•55 views

IBM Director code execution

It's possible to load DLL from any location...

6.8CVSS2.6AI score0.31595EPSS
Exploits11References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•24 views

F5 FirePass SSL VPN information leakage

CitrixAuth.php local files inclusion...

1.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•47 views

FreeSSHD / FreeFTPD authentication bypass

Authentication results are not checked then client starts ssh session...

2.9AI score
Exploits0Affected Software2
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•36 views

Nagios XI security vulnerabilities

Commands injection, SQL injection...

2.7AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•42 views

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23120 Product: TVMOBiLi media server Vendor: TVMOBiLi Vulnerable Versions: 2.1.0.3557 and probably prior version Tested Version: 2.1.0.3557 in Windows XP SP3 32 bits Vendor Notification: October 15, 2012 Vendor Patch: November 21, 2012 Public Disclosure: December 5, 2012...

5CVSS6.7AI score0.03988EPSS
Exploits4
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•27 views

n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2012.004 19-Nov-2012 Vendors: Splunk Inc., http://www.splunk.com Product: Splunk 4.0 - 4.3.4 Vulnerability: Unauthenticated remote denial of service against splunkd Tracking IDs: SPL-55521 Vendor communication: 2012/09/03 Reported the...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•30 views

TVMOBiLi media server buffer overflow

Buffer overflow while processing TCP/30888 GET request, multiple DoS conditions...

5CVSS3.6AI score0.03988EPSS
Exploits4References2Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•24 views

splunk DoS

Crash on malcrafted packet...

2.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•79 views

[security bulletin] HPSBMU02816 SSRT100949 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03507416 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03507416 Version: 1 HPSBMU02816...

10CVSS0.9AI score0.10349EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•58 views

[security bulletin] HPSBPI02807 SSRT100928 rev.1 - HP LaserJet Pro 400 Multi Function Printers, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03464042 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03464042 Version: 1 HPSBPI02807...

5CVSS0.2AI score0.0218EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•80 views

IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday)

IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely from a WebDAV share. The following exploit will loa...

6.8CVSS0.5AI score0.31595EPSS
Exploits11
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•51 views

NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection

======= Summary ======= Name: Nagios XI Network Monitor - OS Command Injection Release Date: 30 November 2012 Reference: NGS00196 Discoverer: Daniel Compton [email protected] Vendor: Nagios Vendor Reference: 0000283 Systems Affected: Nagios XI Network Monitor 2011R1.9 Risk: High Status...

7.7AI score
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•36 views

python keyring weak cryptography

Insecure cipher initializaton...

2.1CVSS2.5AI score0.0037EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•30 views

SonicWALL Continues Data Protection multiple security vulnerabilities

Multiple web interface vulnerabilities...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•44 views

Centrify Deployment Manager v2.1.0.283

Centrify Deployment Manager v2.1.0.283 While at a training session for centrify, I noticed poor handling of files in /tmp. I was able to overwrite /etc/shadow with the contents of adcheckDMoutput. I am sure there are more vulnerabilities to be exploit, maybe a local root - but being this is a...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•52 views

SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion

SEC Consult Vulnerability Lab Security Advisory 20121203-0 ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.3AI score
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•30 views

HP Network Node Manager I unauthorized access

No description provided...

10CVSS2.3AI score0.10349EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•25 views

HP LaserJet Pro 400 MFP unauthorized access

No description provided...

5CVSS2.1AI score0.0218EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•40 views

HP Intelligent Management Center User Access Manager unauthorized access

uam.exe buffer overflow...

10CVSS3.9AI score0.61762EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•47 views

[security bulletin] HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03556108 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03556108 Version: 1 HPSBPI02828...

4.3CVSS5.8AI score0.01627EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•66 views

[security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03515413 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03515413 Version: 1 HPSBHF02821...

9.3CVSS0.6AI score0.05091EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•59 views

NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection

======= Summary ======= Name: Nagios XI Network Monitor - Blind SQL Injection Release Date: 30 November 2012 Reference: NGS00194 Discoverer: Daniel Compton [email protected] Vendor: Nagios Vendor Reference: 0000282 Systems Affected: Nagios XI Network Monitor 2011R1.9 Risk: High Status:...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•55 views

xen multiple security vulnerabilities

Multiple DoS conditions...

6.9CVSS2AI score0.00443EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•73 views

[SECURITY] [DSA 2582-1] xen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2582-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 07, 2012 http://www.debian.org/security/faq -...

6.9CVSS0.2AI score0.00443EPSS
Exploits5
securityvulns
securityvulns
•added 2012/12/09 12:0 a.m.•81 views

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23120 Product: TVMOBiLi media server Vendor: TVMOBiLi Vulnerable Versions: 2.1.0.3557 and probably prior version Tested Version: 2.1.0.3557 in Windows XP SP3 32 bits Vendor Notification: October 15, 2012 Vendor Patch: November 21, 2012 Public Disclosure: December 5, 2012...

5CVSS6.7AI score0.03988EPSS
Exploits4
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•59 views

Apache Tomcat multiple security vulnerabilities

Protection bypass, DoS...

4.3CVSS2.1AI score0.11975EPSS
Exploits3References3Affected Software1
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•33 views

libtiff library DoS

Crash on malformed DOTRANGE tag...

6.8CVSS2.1AI score0.04247EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•74 views

MySQL Local/Remote FAST Account Password Cracking

FAST Cracking of MySQL account passwords locally or over the network post-auth to the maintainers: you don't need to patch this, looks alot like a minor bug, prolly documented :D I found a method to crack mysql user passwords locally or over the network pretty efficiently. During Tests it was...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•116 views

CVE-2012-4534 Apache Tomcat denial of service

CVE-2012-4534 Apache Tomcat denial of service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.27 - Tomcat 6.0.0 to 6.0.35 Description: When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading...

2.6CVSS0.2AI score0.07452EPSS
Exploits1
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•118 views

CVE-2012-3546 Apache Tomcat Bypass of security constraints

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-3546 Apache Tomcat Bypass of security constraints Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.29 - - Tomcat 6.0.0 to 6.0.35 Earlier unsupported versions may also be affected Descriptio...

4.3CVSS0.2AI score0.11975EPSS
Exploits1
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•45 views

[USN-1655-1] LibTIFF vulnerability

========================================================================== Ubuntu Security Notice USN-1655-1 December 05, 2012 tiff vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS0.8AI score0.04247EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•150 views

CUPS privilege escalation

Weak permissions for configuration files...

7.2CVSS3AI score0.02128EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•60 views

[USN-1654-1] CUPS vulnerability

========================================================================== Ubuntu Security Notice USN-1654-1 December 05, 2012 cups, cupsys vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

7.2CVSS0.5AI score0.02128EPSS
Exploits2
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•129 views

CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.31 - - Tomcat 6.0.0 to 6.0.35 Description: The CSRF prevention filter could be bypassed ...

4.3CVSS0.09146EPSS
Exploits1
securityvulns
securityvulns
•added 2012/12/07 12:0 a.m.•81 views

MySQL multiple security vulnerabilities

Buffer overflows, information leakage, privilege escalation, DoS...

6.5CVSS3.1AI score0.31664EPSS
Exploits22References1Affected Software1
securityvulns
securityvulns
•added 2012/12/06 12:0 a.m.•52 views

ISC bind DoS

Crash on malcrafted request processing if DNS64 option is enabled...

7.8CVSS2AI score0.10896EPSS
Exploits1Affected Software1
securityvulns
securityvulns
•added 2012/12/06 12:0 a.m.•53 views

CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux

-----BEGIN PGP SIGNED MESSAGE----- CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux Issued: December 5, 2012 CA Technologies Support is alerting customers to a potential risk with CA XCOM Data Transport. A vulnerability exists that can allow a remote attacker to execute...

10CVSS0.2AI score0.04039EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/06 12:0 a.m.•42 views

libxml2 buffer overflow

Heap buffer overflow in xmlParseAttValueComplex...

6.8CVSS3.5AI score0.04382EPSS
Exploits1Affected Software1
securityvulns
securityvulns
•added 2012/12/06 12:0 a.m.•25 views

CA XCOM code execution

No description provided...

10CVSS2.4AI score0.04039EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•32 views

Safend Data Protector information leakage

Private key is logged into user readable file...

2.2AI score0.00484EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•29 views

EMC Smarts Network Configuration Manager security vulnerabilities

Hardcoded ecnryption key, default unauthenticated connections...

9.3CVSS2.3AI score0.02281EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•95 views

[oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision

2012-001 multiple implementations denial-of-service via MurmurHash algorithm collision Description: A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting...

5CVSS5AI score0.02249EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•119 views

ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities

ESA-2012-057.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities EMC Identifier: ESA-2012-057 CVE Identifier: CVE-2012-4614 CVE Identifier: CVE-2012-4615 Severity Rating: CVSS v2 Base Score: See below for individual...

9.3CVSS0.6AI score0.02281EPSS
Exploits0
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•23 views

rssh security vulnerabilities

Multiple environment limitation bypass possibilities...

4.4CVSS3.1AI score0.00388EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•51 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, buffer overflows, privilege escalations and protection bypass...

10CVSS4.3AI score0.11079EPSS
Exploits17References2Affected Software5
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•73 views

Forescout NAC multiple vulnerabilities

Forescout NAC Network Access Control multiple vulnerabilities: Forescout NAC 6.3.4.1 Cross-Site Redirection Vulnerability CVE-2012-4982 The Forescout NAC device is vulnerable to cross-site redirection and could be used to redirect a targetted victim to a malicious site. The 'a' parameter is...

5.8CVSS0.8AI score0.08658EPSS
Exploits2
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•45 views

VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability

VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Mozilla Firefox is a free and open source web browser and coordinated by Mozilla Corporati...

0.7AI score
Exploits0
securityvulns
securityvulns
•added 2012/12/03 12:0 a.m.•29 views

RSA Adaptive Authentication crossite scripting

No description provided...

4.3CVSS2.9AI score0.01433EPSS
Exploits0References1
Total number of security vulnerabilities47153