Securityvulns - Page 121 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2012/11/06 12:0 a.m.•20 views

Checkpoint SofaWare firewalls security vulnerabilities

Crossite scripting, information leakage, crossite reqiests forgery, request redirections...

Exploits0References1

securityvulns•added 2012/11/06 12:0 a.m.•49 views

PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls

ProCheckUp Research http://procheckup.com/procheckup-labs/pr11-07.aspx PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls Vulnerability found: 3rd May 2011 Vendor informed: 20th July 2011 Vulnerability fixed: 16th...

securityvulns•added 2012/11/05 12:0 a.m.•45 views

Apple iOS 6.0 multiple security vulnerabilities

Information leakage, protection bypass, memory corruption, race conditions...

10CVSS2.1AI score0.11812EPSS

Exploits3References1Affected Software1

securityvulns•added 2012/11/05 12:0 a.m.•83 views

APPLE-SA-2012-11-01-1 iOS 6.0.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-11-01-1 iOS 6.0.1 iOS 6.0.1 is now available and addresses the following: Kernel Available for: iPhone 3GS and later, iPod touch 4th generation and later, iPad 2 and later Impact: Maliciously crafted or compromised iOS applications may b...

10CVSS0.4AI score0.11812EPSS

securityvulns•added 2012/11/05 12:0 a.m.•30 views

HP Performance Insight with Sybase DoS

No description provided...

10CVSS0.03308EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/11/05 12:0 a.m.•45 views

[security bulletin] HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase, Remote Denial of Service (DoS) and Loss of Data

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03555488 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03555488 Version: 1 HPSBMU02827...

10CVSS0.4AI score0.03308EPSS

securityvulns•added 2012/11/05 12:0 a.m.•81 views

APPLE-SA-2012-11-01-2 Safari 6.0.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-11-01-2 Safari 6.0.2 Safari 6.0.2 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2 Impact: Visiting a maliciously crafted website may lead to an...

10CVSS0.4AI score0.11812EPSS

securityvulns•added 2012/11/02 12:0 a.m.•125 views

PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities

Title: ====== PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Date: ===== 2012-10-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=736 VL-ID: ===== 736 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...

securityvulns•added 2012/11/02 12:0 a.m.•22 views

Cisco Unified MeetingPlace Web Conferencing security vulnerabilities

Buffer overflow, SQL injection...

7.8CVSS3.4AI score0.00605EPSS

Exploits0Affected Software1

securityvulns•added 2012/11/02 12:0 a.m.•164 views

NetCat CMS v5.0.1 - Multiple Web Vulnerabilities

Title: ====== NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Date: ===== 2012-10-31 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=738 VL-ID: ===== 738 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: ============= Vendor...

securityvulns•added 2012/11/02 12:0 a.m.•85 views

Nth Dimension Security Advisory (NDSA20121010)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20121010 Date: 10th October 2012 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: Konqueror 4.7.3 http://konqueror.kde.org/ Vendor: KDE...

9.3CVSS8.8AI score0.15124EPSS

securityvulns•added 2012/11/02 12:0 a.m.•65 views

Multiple Vulnerabilities in LibreOffice

Advisory ID: HTB23106 Product: LibreOffice Suite Vendor: LibreOffice Vulnerable Versions: 3.5.5.3 and probably prior Tested Version: 3.5.5.3 Vendor Notification: July 26, 2012 Public Disclosure: October 31, 2012 Vulnerability Type: NULL Pointer Dereference CWE-476 CVE Reference: CVE-2012-4233...

4.3CVSS7.8AI score0.02511EPSS

securityvulns•added 2012/11/02 12:0 a.m.•84 views

PrestaShop <= 1.5.1 Persistent XSS

PrestaShop = 1.5.1 Persistent XSS Tested under: Firefox, Chrome and Safari latest versions Discover Credits: David Sopas - [email protected] | @dsopas | davidsopas.com/labs Original link: http://davidsopas.com/labs/prestashopxss.txt Description: PrestaShop is the most reliable and flexible...

securityvulns•added 2012/11/02 12:0 a.m.•180 views

VaM Shop v1.69 - Multiple Web Vulnerabilities

Title: ====== VaM Shop v1.69 - Multiple Web Vulnerabilities Date: ===== 2012-10-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=730 VL-ID: ===== 730 Common Vulnerability Scoring System: ==================================== 8.1 Introduction: ============= Vendor...

securityvulns•added 2012/11/02 12:0 a.m.•121 views

XSS in dokeos 2.1.1

Exploit Title : Dokeos 2.1.1 Multiple Cross-Site Scripting Vulnerabilities Author:Marcela Benetrix home:www.girlinthemiddle.net Date: 10/17/12 version: 2.1.1 software link:www.dokeos.com Dokeos description Dokeos is an open source e-learning platform programmed in PHP, Javascript and HTML which...

securityvulns•added 2012/11/02 12:0 a.m.•31 views

Konqueror memory corruptions

Few different memory corruptions...

6.8CVSS2.1AI score0.15124EPSS

Exploits9References1Affected Software1

securityvulns•added 2012/11/02 12:0 a.m.•25 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Exploits0References6Affected Software6

securityvulns•added 2012/11/02 12:0 a.m.•62 views

[CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability

------------------------------------------------------------------------------ Invision Power Board = 3.3.4 "unserialize" PHP Code Execution Vulnerability ------------------------------------------------------------------------------ author..............: Egidio Romano aka EgiX...

10CVSS0.4AI score0.83034EPSS

securityvulns•added 2012/11/02 12:0 a.m.•39 views

OpenOffice / LibreOffice DoS

NULL pointer dereference on different formats parsing...

4.3CVSS2.9AI score0.02511EPSS

Exploits0References1Affected Software2

securityvulns•added 2012/11/01 12:0 a.m.•133 views

Content Spoofing and Cross-Site Scripting vulnerabilities in Bitrix Site Manager

Hello 3APA3A! I want to warn you about security vulnerabilities in Bitrix Site Manager. It is commercial CMS. These are Content Spoofing and Cross-Site Scripting vulnerabilities. These holes bypass built-in WAF and all other protections of Bitrix. ------------------------- Affected products:...

securityvulns•added 2012/11/01 12:0 a.m.•56 views

[waraxe-2012-SA#095] - Multiple Vulnerabilities in Wordpress FoxyPress Plugin

waraxe-2012-SA095 - Multiple Vulnerabilities in Wordpress FoxyPress Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 30. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-95.html Description of vulnerab...

securityvulns•added 2012/11/01 12:0 a.m.•92 views

SQL Injection Vulnerability in OrangeHRM

Advisory ID: HTB23119 Product: OrangeHRM Vendor: OrangeHRM Inc. Vulnerable Versions: 2.7.1-rc.1 and probably prior Tested Version: 2.7.1-rc.1 Vendor Notification: October 10, 2012 Public Disclosure: October 31, 2012 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2012-5367 CVSSv2 Base...

6CVSS0.1AI score0.01464EPSS

securityvulns•added 2012/11/01 12:0 a.m.•29 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6CVSS1.6AI score0.01464EPSS

Exploits3References3Affected Software3

securityvulns•added 2012/11/01 12:0 a.m.•97 views

[BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]

=| Security Advisory - TP-LINK TL-WR841N LFI |= Issue: TL-WR841N 300Mbps Wireless N Router by "TP-LINK" Firmware Version: 3.13.9 Build 120201 Rel.54965n And Below versions Discovered Date: 24/10/2012 CVE-ID: CVE-2012-5687 Author: Matan Azugi [email protected] Product Vendor:...

7.8CVSS6.2AI score0.6748EPSS

securityvulns•added 2012/10/30 12:0 a.m.•61 views

PIAF H.M.S - SQL Injection

Exploit Title: PIAF H.M.S - SQL Injection Date: 28/10/2012 Author: Michal Blaszczak Website: http://blaszczakm.blogspot.com Vendor Homepage: http://code.google.com/p/piafhms/ file: bills.php line: 86-87 $query = $query . " ORDER BY ID DESC"; printf$query; query: SELECT FROM Users WHERE Room =...

securityvulns•added 2012/10/30 12:0 a.m.•57 views

[SECURITY] [DSA 2568-1] rtfm security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2568-1 [email protected] http://www.debian.org/security/ Florian Weimer October 26, 2012 http://www.debian.org/security/faq -...

4CVSS1.2AI score0.00306EPSS

securityvulns•added 2012/10/30 12:0 a.m.•22 views

Cross-Site Scripting vulnerability in CorePlayer

Hello 3APA3A! I want to warn you about Cross-Site Scripting vulnerability in CorePlayer. This is the same flash video player, which was used at online voting translations - today, 28.10.2012, on parliamentary elections in Ukraine and earlier this year on presidential elections in Russia. Concerni...

securityvulns•added 2012/10/30 12:0 a.m.•28 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.00306EPSS

Exploits0References4Affected Software3

securityvulns•added 2012/10/30 12:0 a.m.•45 views

[SECURITY] [DSA 2567-1] request-tracker3.8 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2567-1 [email protected] http://www.debian.org/security/ Florian Weimer October 26, 2012 http://www.debian.org/security/faq -...

6.8CVSS2.1AI score0.00245EPSS

securityvulns•added 2012/10/30 12:0 a.m.•28 views

EMC Avamar Client for VMware weak encryption

Server access password is stored locally in cleartext...

3.3CVSS2.4AI score0.0018EPSS

Exploits1References1Affected Software1

securityvulns•added 2012/10/30 12:0 a.m.•62 views

Oracle Java / OpenJDK multiple security vulnerabilities

30 of different vulnerabilities...

10CVSS2.2AI score0.91441EPSS

Exploits30References3Affected Software2

securityvulns•added 2012/10/30 12:0 a.m.•116 views

Exploit - EasyITSP by Lemens Telephone Systems 2.0.2

?php errorreporting0; $arguments = getopt"a:b:c:"; $url = $arguments'a'; $idpod =$arguments'b'; $idend =$arguments'c'; ifcount$arguments!=3 echo ' Exploit - EasyITSP by Lemens Telephone Systems 2.0.2 '."n"; echo ' Discovery users with passwords '."n"; echo ' '."n"; echo ' Author: Michal Blaszczak...

securityvulns•added 2012/10/30 12:0 a.m.•125 views

[security bulletin] HPSBUX02825 SSRT100974 rev.1 - HP-UX Running Java, Remote Indirect Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03538957 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03538957 Version: 1 HPSBUX02825...

0.5AI score0.08542EPSS

securityvulns•added 2012/10/30 12:0 a.m.•21 views

CorePlayer flash video player crossite scripting

Crossite scripting via callback parameter...

Exploits0References1Affected Software1

securityvulns•added 2012/10/30 12:0 a.m.•45 views

EMC Avamar Client for VMware Sensitive Information Disclosure Vulnerability

ESA-2012-053.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-053: EMC Avamar Client for VMware Sensitive Information Disclosure Vulnerability EMC Identifier: ESA-2012-053 CVE Identifier: CVE-2012-4610 Severity Rating: CVSS v2 Base Score: 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C Affected Products...

3.3CVSS1.3AI score0.0018EPSS

securityvulns•added 2012/10/29 12:0 a.m.•80 views

[waraxe-2012-SA#094] - Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery Plugin

waraxe-2012-SA094 - Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery Plugin ============================================================================================= Author: Janek Vind "waraxe" Date: 24. October 2012 Location: Estonia, Tartu Web:...

securityvulns•added 2012/10/29 12:0 a.m.•22 views

IBM Informix Dynamic Server buffer overflow

SET COLLATION buffer overflow...

Exploits0References1Affected Software1

securityvulns•added 2012/10/29 12:0 a.m.•44 views

Inventory 1.0 Multiple SQL Vulnerabilities

Exploit Title: Inventory 1.0 Multiple SQL Vulnerabilities Date: 10/19/12 Author: G13 Twitter: @g13net Software Site: https://github.com/farevalod/inventory Version: 1.0 Category: webapp php dc585 ToC 0x01 Description 0x02 SQL Injection 0x03 Vendor Notification 0x01 Description PHP + SQL Inventory...

securityvulns•added 2012/10/29 12:0 a.m.•178 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Information leakage, multiple memory corruptions, crossite scripting, etc...

10CVSS1.7AI score0.8084EPSS

Exploits11Affected Software3

securityvulns•added 2012/10/29 12:0 a.m.•59 views

XSS Vulnerabilities in TaskFreak

Information -------------------- Name : XSS Vulnerabilities in TaskFreak Software : TaskFreak 0.6.4 and possibly below. Vendor Homepage : http://www.taskfreak.com Vulnerability Type : Cross-Site Scripting Severity : Critical Researcher : Canberk Bolat Advisory Reference : NS-12-011 Description...

securityvulns•added 2012/10/29 12:0 a.m.•64 views

Multiple vulnerabilities in Ezylog photovoltaic management server

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...

securityvulns•added 2012/10/29 12:0 a.m.•29 views

Cisco ASA-CX Context-Aware Security appliance / Cisco Prime Security Manager DoS

File resources exhaustion...

7.8CVSS2.4AI score0.00427EPSS

Exploits0Affected Software2

securityvulns•added 2012/10/29 12:0 a.m.•40 views

Team SHATTER Security Advisory: Elevated roles through DBCC

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Elevated roles through DBCC Risk Level: High Affected versions: Sybase ASE 15.0, 15.5, 15.7 Remote exploitable: No Credits: This vulnerability was discovered and researched by Martin Rakhmanov of Application...

securityvulns•added 2012/10/29 12:0 a.m.•36 views

Inventory 1.0 Multiple XSS Vulnerabilities

Exploit Title: Inventory 1.0 Multiple XSS Vulnerabilities Date: 10/19/12 Author: G13 Twitter: @g13net Software Site: https://github.com/farevalod/inventory Version: 1.0 Category: webapp php dc585 ToC 0x01 Description 0x02 XSS 0x03 Vendor Notification 0x01 Description PHP + SQL Inventory tracking...

securityvulns•added 2012/10/29 12:0 a.m.•85 views

Layton Helpbox 4.4.0 Multiple Security Issues

Layton Helpbox 4.4.0 Multiple Security Issues: Layton Helpbox 4.4.0 Multiple SQL Injection Points CVE-2012-4971 http://www.reactionpenetrationtesting.co.uk/helpbox-sql-injection.html Layton Helpbox 4.4.0 Authorisation Bypass Vulnerability CVE-2012-4975...

7.5CVSS6.9AI score0.00391EPSS

securityvulns•added 2012/10/29 12:0 a.m.•139 views

ASTPP VoIP Billing (4cf207a) - Multiple Web Vulnerabilities

Title: ====== ASTPP VoIP Billing 4cf207a - Multiple Web Vulnerabilities Date: ===== 2012-08-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=687 VL-ID: ===== 687 Common Vulnerability Scoring System: ==================================== 4 Introduction: =============...

securityvulns•added 2012/10/29 12:0 a.m.•19 views

IBM DB2 privilege escalation

Privilege escalation via GETWRAPCFGC and GETWRAPCFGC2 stored procedures...

Exploits0References1Affected Software1

securityvulns•added 2012/10/29 12:0 a.m.•92 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.01936EPSS

Exploits9References15Affected Software12

securityvulns•added 2012/10/29 12:0 a.m.•52 views

Security Advisory AA-007: Command Injection Vulnerability in Sitecom Home Storage Center

Security Advisory AA-007: Command Injection Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 12, 2012 Vulnerability Type= Command injection Impact= System access Severity= Alcyon rates th...

securityvulns•added 2012/10/29 12:0 a.m.•32 views

Sitecom Home Storage Center security vulnerabilities

SQL injection, XSS...

Exploits0References2

Total number of security vulnerabilities47153