Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2012/10/29 12:0 a.m.51 views

Wordpress 3.4 Cross-Site Scripting Vulnerability

a bug in Wordpress 3.4 that allows to us to occur a Cross-Site Scripting on a Remote machin. Exploit Title : Wordpress 3.4 Cross-Site Scripting Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum/ Software Link : http://wordpress.org Security Risk : High Version : Al...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.19 views

IBM DB2 privilege escalation

Privilege escalation via GETWRAPCFGC and GETWRAPCFGC2 stored procedures...

3.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.77 views

Sybase ASE security vulnerabilities

Повышение привилегий, выполнение кода...

1.5AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.71 views

[USN-1565-1] OpenStack Horizon vulnerability

========================================================================== Ubuntu Security Notice USN-1565-1 September 13, 2012 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.4AI score0.02895EPSS
Exploits1
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.131 views

VaM Shop Cross-Site Scripting and Blind SQL Injection Vulnerabilities

Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details: 1. Blind SQL injection in...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.96 views

XSS Vulnerabilities in ClipBucket

Information -------------------- Name : XSS Vulnerabilities in ClipBucket Software : ClipBucket 2.6 and possibly below. Vendor Homepage : http://clip-bucket.com Vulnerability Type : Cross-Site Scripting Severity : Critical Researcher : Canberk Bolat Advisory Reference : NS-12-013 Description...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.35 views

Cisco Unified Presence / Jabber Extensible Communications Platform DoS

Crash on stream header parsing...

7.8CVSS2.2AI score0.02774EPSS
Exploits0Affected Software2
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.49 views

Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center

Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 11, 2012 Vulnerability Type= Arbitrary file upload Impact= Loss of system integrity...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.50 views

Team SHATTER Security Advisory: Java Operating System command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Java Operating System command execution. Risk Level: High Affected versions: Sybase ASE 15.0, 15.5 and 15.7 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.64 views

[DCA-2011-0013] - IBM Informix Dynamic Server 11.50 SET COLLATION Stack OverFlow

IBM Informix Dynamic Server 11.50 SET COLLATION Stack OverFlow DCA-2011-0013 Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software/Hardware - IBM Informix Vendor Product Description IBM Informix is a family of relational database management system RDBM...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.143 views

ASTPP VoIP Billing (4cf207a) - Multiple Web Vulnerabilities

Title: ====== ASTPP VoIP Billing 4cf207a - Multiple Web Vulnerabilities Date: ===== 2012-08-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=687 VL-ID: ===== 687 Common Vulnerability Scoring System: ==================================== 4 Introduction: =============...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.388 views

Knowledge Base EE v4.62.0 - SQL Injection Vulnerability

Title: ====== Knowledge Base EE v4.62.0 - SQL Injection Vulnerability Date: ===== 2012-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=702 VL-ID: ===== 702 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.30 views

Beaker information leakage

Information leakage in AES ECB mode...

4.3CVSS2.1AI score0.02447EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.55 views

[SECURITY] [DSA 2563-1] viewvc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5CVSS1.7AI score0.03085EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.68 views

Wordpress Download Monitor - Download Page Cross-Site Scripting

/----------------------------------------------------------------- | Wordpress Download Monitor - Download Page Cross-Site Scripting | -----------------------------------------------------------------/ Summary ======= Wordpress Download Monitor 3.3.5.7 is subject to a cross-site scripting...

4.3CVSS5.6AI score0.10456EPSS
Exploits2
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.93 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.10456EPSS
Exploits9References15Affected Software12
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.112 views

Smf 2.0.2 Cross-Site Scripting Vulnerability

a bug in Smf 2.0.2 that allows to us to occur a Cross-Site Scripting on a Remote machin. Exploit Title : Smf 2.0.2 Cross-Site Scripting Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum/ Software Link : http://www.simplemachines.org Security Risk : High Version : A...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.37 views

Inventory 1.0 Multiple XSS Vulnerabilities

Exploit Title: Inventory 1.0 Multiple XSS Vulnerabilities Date: 10/19/12 Author: G13 Twitter: @g13net Software Site: https://github.com/farevalod/inventory Version: 1.0 Category: webapp php dc585 ToC 0x01 Description 0x02 XSS 0x03 Vendor Notification 0x01 Description PHP + SQL Inventory tracking...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.60 views

RSA BSAFE security vulnerabilities

BEAST attacks, buffer overflows...

7.5CVSS4.7AI score0.73327EPSS
Exploits12References2Affected Software2
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.109 views

ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

4.3CVSS0.1AI score0.73327EPSS
Exploits4
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.79 views

SEC Consult SA-20121017-2 :: Multiple vulnerabilities in Oracle WebCenter Sites (former FatWire Content Server)

SEC Consult Vulnerability Lab Security Advisory 20121017-2 ======================================================================= title: Multiple vulnerabilities in Oracle WebCenter Sites product: Oracle WebCenter Sites former FatWire Content Server vulnerable version: 6.1, 6.2, 6.3.x, 7, 7.0.1,...

4.9CVSS0.4AI score0.04455EPSS
Exploits5
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.62 views

[ MDVSA-2012:168 ] hostapd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:168 http://www.mandriva.com/security/ Package : hostapd Date : October 22, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in hostapd: hostapd 0.7.3, and...

4.3CVSS6.8AI score0.0422EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.69 views

[SECURITY] [DSA 2562-1] cups-pk-helper security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2562-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5.8CVSS0.6AI score0.01221EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.307 views

HP/H3C and Huawei SNMP Weak Access to Critical Data

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP/H3C and Huawei SNMP Weak Access to Critical Data =================================================== http://grutztopia.jingojango.net/2012/10/hph3c-and-huawei-snmp-weak-access-to.html Overview - - -------- HP/H3C and Huawei networking equipment...

8.5CVSS5.9AI score0.02263EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.33 views

hostapd security vulnerabilities

Buffer overflow, weak permissions...

4.3CVSS2AI score0.0422EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.133 views

HP/H3C / Huawei equipment information leakage

Information leakage via SNMP...

8.5CVSS1.8AI score0.02263EPSS
Exploits0References2
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.35 views

RealPlayer buffer overflow

Buffer overflow on oversized filename in wathced folder...

6.8CVSS4.2AI score0.02989EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.36 views

tinyproxy proxy server DoS

Crash on request headers parsing...

5CVSS2.1AI score0.07349EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.43 views

[SECURITY] [DSA 2564-1] tinyproxy security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2564-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5CVSS2.2AI score0.07349EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.59 views

[SECURITY] [DSA 2561-1] tiff security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2561-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 21, 2012 http://www.debian.org/security/faq -...

6.8CVSS2.1AI score0.06728EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.39 views

exim buffer overflow

Buffer overflow on DKIM handling...

6.8CVSS2.6AI score0.08382EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.46 views

Realplayer Watchfolders Long Filepath Overflow

Realplayer Watchfolders Long Filepath Overflow Realplayer is vulnerable to a stack buffer overflow vulnerability in the 'Watch Folders' facility CVE-2012-4987. Details here: http://www.reactionpenetrationtesting.co.uk/realplayer-watchfolders.html Research:...

6.8CVSS1AI score0.02989EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.71 views

Team SHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Multiple SQL Injection in Oracle Enterprise Manager SQL Tunning Sets components. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.3 and previous patchsets Remote...

6.8CVSS7.4AI score0.02372EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.62 views

[SECURITY] [DSA 2566-1] exim4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2566-1 [email protected] http://www.debian.org/security/ Nico Golde October 25, 2012 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.08382EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.225 views

[security bulletin] HPSBHF02819 SSRT100920 rev.2 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03515685 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03515685 Version: 2 HPSBHF02819...

8.5CVSS6.3AI score0.02263EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.32 views

cups-pk-helper privilege escalation

Insecure CUPS functions call...

5.8CVSS3.2AI score0.01221EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/10/28 12:0 a.m.116 views

Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities

Approx. 90 of diffent vulnerabilities in different applications...

10CVSS2.6AI score0.98945EPSS
Exploits56References2Affected Software12
securityvulns
securityvulns
added 2012/10/25 12:0 a.m.37 views

Microsoft Internet Explorer memory corruption

Use-after-free vulnereability is actively used in-the-wild to install malware...

9.3CVSS2.6AI score0.81716EPSS
Exploits12References4Affected Software1
securityvulns
securityvulns
added 2012/10/25 12:0 a.m.79 views

VUPEN Security Research - Microsoft Internet Explorer "OnMove" Use-After-Free Vulnerability (MS12-063)

VUPEN Security Research - Microsoft Internet Explorer "OnMove" Use-After-Free Vulnerability MS12-063 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of t...

Exploits0
securityvulns
securityvulns
added 2012/10/25 12:0 a.m.141 views

VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability

VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Java is a programming language and computing platform released by Sun Microsystems now Oracle. ...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2012/10/25 12:0 a.m.77 views

VUPEN Security Research - Microsoft Internet Explorer "scrollIntoView" Use-After-Free Vulnerability (MS12-063)

VUPEN Security Research - Microsoft Internet Explorer "scrollIntoView" Use-After-Free Vulnerability MS12-063 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as...

8.3AI score
Exploits0
securityvulns
securityvulns
added 2012/10/25 12:0 a.m.111 views

VUPEN Security Research - Oracle Java Font Processing "maxPointCount" Heap Overflow Vulnerability

VUPEN Security Research - Oracle Java Font Processing "maxPointCount" Heap Overflow Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Java is a programming language and computing platform released by Sun Microsystems now Oracle. It...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.144 views

Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites

Title: ====== Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites Date: ===== 2012-10-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=710 VL-ID: ===== 710 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.54 views

SilverStripe CMS 2.4.7 <= Persistent Cross Site Scripting Vulnerability

OVERVIEW SilverStripe 2.4.7 and lower versions are vulnerable to Persistent Cross Site Scripting. 2. BACKGROUND SilverStripe CMS is easy for both developers and content authors to work with. The SilverStripe Framework keeps the code tucked away neatly so that it can be accessed easily by...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.53 views

Multiple vulnerabilities in Template CMS

Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...

6.8CVSS0.2AI score0.02046EPSS
Exploits6
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.28 views

Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities

Title: ====== Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities Date: ===== 2012-09-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=700 VL-ID: ===== 700 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: =============...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.154 views

Omnistar Document Manager v8.0 - Multiple Vulnerabilities

Title: ====== Omnistar Document Manager v8.0 - Multiple Vulnerabilities Date: ===== 2012-10-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=712 VL-ID: ===== 712 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.24 views

CA ARCserve Backup security vulnerabilities

Security vulnerabilities in RPC requests handling...

7.5CVSS1.4AI score0.04053EPSS
Exploits4References1
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.41 views

IBM Lotus Notes Traveler security vulnerabilities

Crossite scripting, crossite request forgery, URL redirection...

5.8CVSS1.4AI score0.01126EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.26 views

modsecurity for Apache protection bypass

It's possible to bypass filtering with double 'r' in boundary identifier...

2.4AI score
Exploits0References1Affected Software1
Total number of security vulnerabilities47153