Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2012/12/03 12:0 a.m.62 views

ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities

ESA-2012-054.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-054: RSA ® Adaptive Authentication On-Premise Cross-Site Scripting Vulnerabilities EMC Identifier: ESA-2012-054 CVE Identifier: CVE-2012-4611 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected...

4.3CVSS0.01433EPSS
Exploits0
securityvulns
securityvulns
added 2012/12/03 12:0 a.m.67 views

Safend Data Protector Multiple Vulnerabilities

Safend Data Protector Multiple Vulnerabilities Client software 3.4.5586.9772: Advisory Link: http://www.reactionpenetrationtesting.co.uk/safend-private-key-log-file.html Details CVE number: CVE-2012-4767 The private key data is in the securitylayer.log file in a directory called "logs.9772". This...

0.8AI score0.00484EPSS
Exploits3
securityvulns
securityvulns
added 2012/12/03 12:0 a.m.44 views

Re: rssh security announcement

All, Today I released rssh-2.3.4, which fixes an old issue, and a new issue: On Tue, May 08, 2012 at 01:14:26PM -0500, Derek Martin wrote: rssh is a shell for restricting SSH access to a machine to only scp, sftp, or a small set of similar applications. http://www.pizzashack.org/rssh/ Henrik...

4.4CVSS6AI score0.00388EPSS
Exploits2
securityvulns
securityvulns
added 2012/12/03 12:0 a.m.106 views

MurmurHash algorythm vulnerabilities

It's easy to predict collisions...

5CVSS1.9AI score0.03357EPSS
Exploits1References1Affected Software3
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.38 views

lynx security vulnerabilities

Buffer oveflow, insufficient certificate check...

6.8CVSS3.3AI score0.03663EPSS
Exploits1References1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.32 views

NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email

======= Summary ======= Name: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email Release Date: 30 November 2012 Reference: NGS00268 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway 9.5.3-3 Risk:...

Exploits0
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.20 views

TrendMicro DataArmor / DriveArmor multiple security vulnerabilities

Restriction bypass, privilege escalation, encrypted data access...

2.6AI score
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.63 views

NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator

======= Summary ======= Name: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator for example Release Date: 30 November 2012 Reference: NGS00263 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.72 views

APPLE-SA-2012-11-29-1 Apple TV 5.1.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-11-29-1 Apple TV 5.1.1 Apple TV 5.1.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: Compromised applications may be able to determine addresses in the kernel Description: ...

5.1CVSS0.2AI score0.14415EPSS
Exploits3
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.93 views

Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities

Over 90 vulnerabilities in different applications are fixed by quarterly update...

10CVSS2.4AI score0.59413EPSS
Exploits17References17Affected Software20
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.60 views

[USN-1642-1] Lynx vulnerabilities

========================================================================== Ubuntu Security Notice USN-1642-1 November 29, 2012 lynx-cur vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

6.8CVSS0.3AI score0.03663EPSS
Exploits1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.80 views

[USN-1646-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1646-1 November 30, 2012 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.9CVSS7.4AI score0.00959EPSS
Exploits2
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.52 views

Linux security vulnerabilities

Information leakage, DoS...

4.9CVSS1.7AI score0.00959EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.27 views

Symantec Messaging Gateway multiple security vulnerabilities

Information leakage, crossite scripting, crossite requests forgery...

2AI score
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.41 views

NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout

======= Summary ======= Name: DataArmor Full Disk Encryption - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption Release Date: 30 November 2012 Reference: NGS00193 Discoverer: Stuart Passe [email protected] Vendor: Mobile Armor Vendor Reference: KB 1060043...

Exploits0
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.96 views

[SECURITY] [DSA 2579-1] apache2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2579-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 30, 2012 http://www.debian.org/security/faq -...

5CVSS1.1AI score0.1747EPSS
Exploits3
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.67 views

Apache security vulnerabilities

modproxyajp DoS vulnerabilities, TLS message length information leakage...

5CVSS1.7AI score0.1747EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.50 views

perl multiple security vulnerabilities

Buffer overflow in decodexs, Digest constructor buffer veorflow, x operator buffer overflow, CGI.pm headers injection...

7.5CVSS3.4AI score0.13526EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.100 views

[USN-1643-1] Perl vulnerabilities

========================================================================== Ubuntu Security Notice USN-1643-1 November 30, 2012 perl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.7AI score0.13526EPSS
Exploits3
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.38 views

NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL

======= Summary ======= Name: Symantec Messaging Gateway - Arbitrary file download is possible with a crafted URL authenticated Release Date: 30 November 2012 Reference: NGS00266 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.42 views

VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Remote Use-After-Free Vulnerability

VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Class Remote Use-After-Free Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Mozilla Firefox is a free and open source web browser and coordinated by Mozilla Corporation...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.57 views

Apple TV security vulnerabilities

Information leakage, code execution...

5.1CVSS2.8AI score0.14415EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.28 views

libssh multiple security vulnerabilities

Multiple memory corruptions...

7.5CVSS2.1AI score0.12849EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.58 views

NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow

======= Summary ======= Name: Oracle Gridengine sgepasswd Buffer Overflow Release Date: 30 November 2012 Reference: NGS00107 Discoverer: Edward Torkington [email protected] Vendor: Oracle Vendor Reference: Systems Affected: Multiple packages - version 62u7 Risk: High Status: Publish...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.90 views

NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel

======= Summary ======= Name: Symantec Messaging Gateway - SSH with backdoor user account + privilege escalation to root due to very old Kernel Release Date: 30 November 2012 Reference: NGS00267 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affecte...

7.2CVSS0.2AI score0.14749EPSS
Exploits78
securityvulns
securityvulns
added 2012/12/02 12:0 a.m.44 views

[ MDVSA-2012:175 ] libssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:175 http://www.mandriva.com/security/ Package : libssh Date : November 29, 2012 Affected: 2011. Problem Description: Multiple double free, buffer overflow, invalid free and improper overflow checks...

7.5CVSS8AI score0.12849EPSS
Exploits0
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.39 views

FreeBSD Security Advisory FreeBSD-SA-12:08.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:08.linux Security Advisory The FreeBSD Project Topic: Linux compatibility layer input validation error Category: core Module: kernel Announced: 2012-11-22...

7.6AI score0.00419EPSS
Exploits0
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.34 views

[ MDVSA-2012:172 ] libproxy

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:172 http://www.mandriva.com/security/ Package : libproxy Date : November 19, 2012 Affected: 2011. Problem Description: A vulnerability has been discovered and corrected in libproxy: Stack-based buffer overfl...

10CVSS6.8AI score0.03476EPSS
Exploits0
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.52 views

Apache Tomcat multiple security vulnerabilities

Authentication bypass and replay attacks on Digest authentication, DoS...

5CVSS2.9AI score0.12098EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.710 views

libproxy buffer overflow

Integer overflow on Content-Length parsing leads to buffer overflow, buffer overflow on proxy.pac parsing...

10CVSS5.4AI score0.03476EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.35 views

libunity memory corruption

Memory corruption in hash tables handling...

7.5CVSS1.2AI score0.0195EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.25 views

trousers DoS

tcsd DoS...

5CVSS2.1AI score0.10509EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.43 views

Belkin wireless routers weak key

Firmware WPA2 key is generated by MAC address...

3.3CVSS3.7AI score0.04576EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.33 views

[SECURITY] [DSA 2576-1] trousers security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2576-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez November 23, 2012 http://www.debian.org/security/faq -...

5CVSS1.8AI score0.10509EPSS
Exploits2
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.51 views

TP-LINK TL-WR841N security vulnerabilities

Directory traversal and crossite scripting in web interface...

7.8CVSS2.4AI score0.68716EPSS
Exploits4References2
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.23 views

FreeBSD privilege escalation

Kernel memory overwrite via Linux compatibility subsystem...

3.5AI score0.00419EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.54 views

FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |=

=| Security Advisory - TP-LINK TL-WR841N XSS Cross Site Scripting |= Issue: TL-WR841N 300Mbps Wireless N Router by "TP-LINK" Firmware Version: 3.13.9 Build 120201 Rel.54965n and Below Discovered Date: 17/11/2012 Author: Matan Azugi [email protected] Product Vendor:...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.49 views

CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers

CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers I. Background Belkin ships many wireless routers with an encrypted wireless network configured by default. The network name ESSID and the seemingly random password is printed on a label at the bottom of the device...

3.3CVSS0.6AI score0.04576EPSS
Exploits0
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.79 views

[USN-1637-1] Tomcat vulnerabilities

========================================================================== Ubuntu Security Notice USN-1637-1 November 21, 2012 tomcat6 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

5CVSS0.2AI score0.12098EPSS
Exploits3
securityvulns
securityvulns
added 2012/11/26 12:0 a.m.51 views

[USN-1635-1] libunity-webapps vulnerability

========================================================================== Ubuntu Security Notice USN-1635-1 November 21, 2012 libunity-webapps vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

7.5CVSS0.5AI score0.0195EPSS
Exploits0
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.64 views

[SECURITY] [DSA 2574-1] typo3-src security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2574-1 [email protected] http://www.debian.org/security/ November 15, 2012 http://www.debian.org/security/faq -...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.36 views

Microsoft Internet Explorer multiple security vulnerabilities

Few different use-after-free vulnerabilities...

9.3CVSS2.1AI score0.2537EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.81 views

XSS vulnerability in web applications with swfupload: Dotclear, XenForo, InstantCMS, AionWeb, Dolphin

Hello 3APA3A! I will draw your attention to XSS vulnerability in other web applications with swfupload. Earlier I've wrote about swfupload in WordPress CVE-2012-3414 and that this hole is available in many web applications. In previous letter I've wrote the information about different versions of...

4.3CVSS0.6AI score0.09088EPSS
Exploits10
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.66 views

[CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air

Name: CVE-2012-5858 CVE-2012-5859 DoS/Authorization Bypass - Kies Air Package: com.samsung.swift.app.kiesair Affected versions: 2.1.207051, 2.1.210161 Testing Device: Samsung S3 AT&T - SAMSUNG-SGH-I747 Android Version: 4.0.4/ Build Number: IMM76D.I747UCALH9 Vendor homepage:...

5CVSS0.2AI score0.0427EPSS
Exploits6
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.41 views

Microsoft Excel multiple security vulnerabilities

Bufer overflows, memory corruptions, use-after-free...

9.3CVSS2.7AI score0.29287EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.131 views

Microsoft Internet Information Services security vulnerabilities

log files information leakage, FTP STARTTLS session command injection...

5CVSS1.4AI score0.41968EPSS
Exploits2Affected Software1
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.48 views

Microsoft Windows security vulnerabilities

Windows Briefacese integer overflows, .Net protection bypass, information leakage and code execution, kernel drivers privilege escalations...

10CVSS5.2AI score0.24755EPSS
Exploits5Affected Software1
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.23 views

Media Player Classic security vulnerabilities

Built-in web server DoS and crossite scripting...

2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.49 views

Samsung Kies Air security vulnerabilities

DoS, authentication bypass...

5CVSS2.7AI score0.0427EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.26 views

Applicure dotDefender format string vulnerability

Format specificators are not escaped on error message generation...

2.4AI score
Exploits0References1Affected Software1
Total number of security vulnerabilities47153