Securityvulns - Page 122 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2012/10/29 12:0 a.m.•66 views

Wordpress Download Monitor - Download Page Cross-Site Scripting

/----------------------------------------------------------------- | Wordpress Download Monitor - Download Page Cross-Site Scripting | -----------------------------------------------------------------/ Summary ======= Wordpress Download Monitor 3.3.5.7 is subject to a cross-site scripting...

4.3CVSS5.6AI score0.01936EPSS

securityvulns•added 2012/10/29 12:0 a.m.•60 views

[SECURITY] [DSA 2541-1] beaker security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2541-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 07, 2012 http://www.debian.org/security/faq -...

4.3CVSS0.8AI score0.00603EPSS

securityvulns•added 2012/10/29 12:0 a.m.•130 views

VaM Shop Cross-Site Scripting and Blind SQL Injection Vulnerabilities

Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details: 1. Blind SQL injection in...

securityvulns•added 2012/10/29 12:0 a.m.•34 views

XSS Vulnerabilities in CMSMini

Information -------------------- Name : XSS Vulnerabilities in CMSMini Software : CMSMini 0.2.2 and possibly below. Vendor Homepage : http://sourceforge.net/projects/cmsmini/ Vulnerability Type : Cross-Site Scripting Severity : Critical Researcher : Canberk Bolat Advisory Reference : NS-12-012...

securityvulns•added 2012/10/29 12:0 a.m.•111 views

ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities

ESA-2012-029.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities EMC Identifier: ESA-2012-029 CVE Identifier: CVE-2011-3389, CVE-2012-2110, CVE-2012-2131 Severity Rating: See below for scores for individual issues Affected Products: All versio...

7.5CVSS0.5AI score0.08744EPSS

securityvulns•added 2012/10/29 12:0 a.m.•60 views

RSA BSAFE security vulnerabilities

BEAST attacks, buffer overflows...

7.5CVSS4.7AI score0.08744EPSS

Exploits12References2Affected Software2

securityvulns•added 2012/10/29 12:0 a.m.•110 views

Smf 2.0.2 Cross-Site Scripting Vulnerability

a bug in Smf 2.0.2 that allows to us to occur a Cross-Site Scripting on a Remote machin. Exploit Title : Smf 2.0.2 Cross-Site Scripting Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum/ Software Link : http://www.simplemachines.org Security Risk : High Version : A...

securityvulns•added 2012/10/29 12:0 a.m.•47 views

Team SHATTER Security Advisory: Java Operating System command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Java Operating System command execution. Risk Level: High Affected versions: Sybase ASE 15.0, 15.5 and 15.7 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez...

securityvulns•added 2012/10/29 12:0 a.m.•76 views

Sybase ASE security vulnerabilities

Повышение привилегий, выполнение кода...

Exploits0References2Affected Software1

securityvulns•added 2012/10/29 12:0 a.m.•51 views

Team SHATTER Security Advisory: XML file disclosure vulnerability via GET_WRAP_CFG_C and GET_WRAP_CFG_C2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory XML file disclosure vulnerability via GETWRAPCFGC and GETWRAPCFGC2 system stored procedures. Risk Level: Medium Affected versions: IBM DB2 LUW 9.1, 9.5, 9.7, 10.1 Remote exploitable: No Credits: This...

5CVSS0.4AI score0.00619EPSS

securityvulns•added 2012/10/29 12:0 a.m.•94 views

XSS Vulnerabilities in ClipBucket

Information -------------------- Name : XSS Vulnerabilities in ClipBucket Software : ClipBucket 2.6 and possibly below. Vendor Homepage : http://clip-bucket.com Vulnerability Type : Cross-Site Scripting Severity : Critical Researcher : Canberk Bolat Advisory Reference : NS-12-013 Description...

securityvulns•added 2012/10/29 12:0 a.m.•53 views

[SECURITY] [DSA 2563-1] viewvc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2563-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5CVSS1.7AI score0.00907EPSS

securityvulns•added 2012/10/29 12:0 a.m.•46 views

Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center

Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 11, 2012 Vulnerability Type= Arbitrary file upload Impact= Loss of system integrity...

securityvulns•added 2012/10/29 12:0 a.m.•385 views

Knowledge Base EE v4.62.0 - SQL Injection Vulnerability

Title: ====== Knowledge Base EE v4.62.0 - SQL Injection Vulnerability Date: ===== 2012-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=702 VL-ID: ===== 702 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...

securityvulns•added 2012/10/29 12:0 a.m.•47 views

Wordpress 3.4 Cross-Site Scripting Vulnerability

a bug in Wordpress 3.4 that allows to us to occur a Cross-Site Scripting on a Remote machin. Exploit Title : Wordpress 3.4 Cross-Site Scripting Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum/ Software Link : http://wordpress.org Security Risk : High Version : Al...

securityvulns•added 2012/10/29 12:0 a.m.•62 views

[DCA-2011-0013] - IBM Informix Dynamic Server 11.50 SET COLLATION Stack OverFlow

IBM Informix Dynamic Server 11.50 SET COLLATION Stack OverFlow DCA-2011-0013 Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software/Hardware - IBM Informix Vendor Product Description IBM Informix is a family of relational database management system RDBM...

securityvulns•added 2012/10/29 12:0 a.m.•34 views

Cisco Unified Presence / Jabber Extensible Communications Platform DoS

Crash on stream header parsing...

7.8CVSS2.2AI score0.00798EPSS

Exploits0Affected Software2

securityvulns•added 2012/10/29 12:0 a.m.•28 views

Beaker information leakage

Information leakage in AES ECB mode...

4.3CVSS2.1AI score0.00603EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/10/29 12:0 a.m.•71 views

[USN-1565-1] OpenStack Horizon vulnerability

========================================================================== Ubuntu Security Notice USN-1565-1 September 13, 2012 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.4AI score0.01906EPSS

securityvulns•added 2012/10/29 12:0 a.m.•103 views

ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

4.3CVSS0.1AI score0.03832EPSS

securityvulns•added 2012/10/28 12:0 a.m.•35 views

RealPlayer buffer overflow

Buffer overflow on oversized filename in wathced folder...

6.8CVSS4.2AI score0.04009EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/10/28 12:0 a.m.•43 views

[SECURITY] [DSA 2564-1] tinyproxy security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2564-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5CVSS2.2AI score0.05172EPSS

securityvulns•added 2012/10/28 12:0 a.m.•58 views

[SECURITY] [DSA 2561-1] tiff security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2561-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 21, 2012 http://www.debian.org/security/faq -...

6.8CVSS2.1AI score0.01189EPSS

securityvulns•added 2012/10/28 12:0 a.m.•222 views

[security bulletin] HPSBHF02819 SSRT100920 rev.2 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03515685 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03515685 Version: 2 HPSBHF02819...

8.5CVSS6.3AI score0.01794EPSS

securityvulns•added 2012/10/28 12:0 a.m.•69 views

Team SHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Multiple SQL Injection in Oracle Enterprise Manager SQL Tunning Sets components. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.3 and previous patchsets Remote...

6.8CVSS7.4AI score0.01203EPSS

securityvulns•added 2012/10/28 12:0 a.m.•133 views

HP/H3C / Huawei equipment information leakage

Information leakage via SNMP...

8.5CVSS1.8AI score0.01794EPSS

Exploits0References2

securityvulns•added 2012/10/28 12:0 a.m.•60 views

[ MDVSA-2012:168 ] hostapd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:168 http://www.mandriva.com/security/ Package : hostapd Date : October 22, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in hostapd: hostapd 0.7.3, and...

4.3CVSS6.8AI score0.05318EPSS

securityvulns•added 2012/10/28 12:0 a.m.•28 views

cups-pk-helper privilege escalation

Insecure CUPS functions call...

5.8CVSS3.2AI score0.00361EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/10/28 12:0 a.m.•301 views

HP/H3C and Huawei SNMP Weak Access to Critical Data

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP/H3C and Huawei SNMP Weak Access to Critical Data =================================================== http://grutztopia.jingojango.net/2012/10/hph3c-and-huawei-snmp-weak-access-to.html Overview - - -------- HP/H3C and Huawei networking equipment...

8.5CVSS5.9AI score0.01794EPSS

securityvulns•added 2012/10/28 12:0 a.m.•74 views

SEC Consult SA-20121017-2 :: Multiple vulnerabilities in Oracle WebCenter Sites (former FatWire Content Server)

SEC Consult Vulnerability Lab Security Advisory 20121017-2 ======================================================================= title: Multiple vulnerabilities in Oracle WebCenter Sites product: Oracle WebCenter Sites former FatWire Content Server vulnerable version: 6.1, 6.2, 6.3.x, 7, 7.0.1,...

4.9CVSS0.4AI score0.17316EPSS

securityvulns•added 2012/10/28 12:0 a.m.•68 views

[SECURITY] [DSA 2562-1] cups-pk-helper security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2562-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 23, 2012 http://www.debian.org/security/faq -...

5.8CVSS0.6AI score0.00361EPSS

securityvulns•added 2012/10/28 12:0 a.m.•115 views

Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities

Approx. 90 of diffent vulnerabilities in different applications...

10CVSS2.6AI score0.90456EPSS

Exploits56References2Affected Software12

securityvulns•added 2012/10/28 12:0 a.m.•36 views

tinyproxy proxy server DoS

Crash on request headers parsing...

5CVSS2.1AI score0.05172EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/10/28 12:0 a.m.•45 views

Realplayer Watchfolders Long Filepath Overflow

Realplayer Watchfolders Long Filepath Overflow Realplayer is vulnerable to a stack buffer overflow vulnerability in the 'Watch Folders' facility CVE-2012-4987. Details here: http://www.reactionpenetrationtesting.co.uk/realplayer-watchfolders.html Research:...

6.8CVSS1AI score0.04009EPSS

securityvulns•added 2012/10/28 12:0 a.m.•30 views

hostapd security vulnerabilities

Buffer overflow, weak permissions...

4.3CVSS2AI score0.05318EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/10/28 12:0 a.m.•61 views

[SECURITY] [DSA 2566-1] exim4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2566-1 [email protected] http://www.debian.org/security/ Nico Golde October 25, 2012 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.31639EPSS

securityvulns•added 2012/10/28 12:0 a.m.•37 views

exim buffer overflow

Buffer overflow on DKIM handling...

6.8CVSS2.6AI score0.31639EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/10/25 12:0 a.m.•73 views

VUPEN Security Research - Microsoft Internet Explorer "OnMove" Use-After-Free Vulnerability (MS12-063)

VUPEN Security Research - Microsoft Internet Explorer "OnMove" Use-After-Free Vulnerability MS12-063 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of t...

securityvulns•added 2012/10/25 12:0 a.m.•75 views

VUPEN Security Research - Microsoft Internet Explorer "scrollIntoView" Use-After-Free Vulnerability (MS12-063)

VUPEN Security Research - Microsoft Internet Explorer "scrollIntoView" Use-After-Free Vulnerability MS12-063 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as...

securityvulns•added 2012/10/25 12:0 a.m.•110 views

VUPEN Security Research - Oracle Java Font Processing "maxPointCount" Heap Overflow Vulnerability

VUPEN Security Research - Oracle Java Font Processing "maxPointCount" Heap Overflow Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Java is a programming language and computing platform released by Sun Microsystems now Oracle. It...

securityvulns•added 2012/10/25 12:0 a.m.•140 views

VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability

VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Java is a programming language and computing platform released by Sun Microsystems now Oracle. ...

securityvulns•added 2012/10/25 12:0 a.m.•36 views

Microsoft Internet Explorer memory corruption

Use-after-free vulnereability is actively used in-the-wild to install malware...

9.3CVSS2.6AI score0.91777EPSS

Exploits12References4Affected Software1

securityvulns•added 2012/10/22 12:0 a.m.•31 views

BF, XSS, CSRF and Redirector vulnerabilities in IBM Lotus Notes Traveler

Hello 3APA3A! I want to warn you about Brute Force, Cross-Site Scripting, Cross-Site Request Forgery and Redirector vulnerabilities in IBM Lotus Notes Traveler. IBM are planning to release their advisory soon concerning these vulnerabilities. ------------------------- Affected products:...

securityvulns•added 2012/10/22 12:0 a.m.•42 views

CA20121018-01: Security Notice for CA ARCserve Backup

-----BEGIN PGP SIGNED MESSAGE----- CA20121018-01: Security Notice for CA ARCserve Backup Issued: October 18, 2012 CA Technologies support is alerting customers to multiple risks with certain CA ARCserve Backup RPC services. Two vulnerabilities exist that can allow a remote attacker to execute...

7.5CVSS1.7AI score0.02908EPSS

securityvulns•added 2012/10/22 12:0 a.m.•221 views

[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability

------------------------------- INTREST SEC | Security Advisory ------------------------------- Product: Confluence Wiki Vendor: Atlassian www.atlassian.com Vulnerability Type: Cross Site Scripting XSS Risk Level: High classified by vendor Discovered by: INTREST SEC - NID Public Diclosure:...

securityvulns•added 2012/10/22 12:0 a.m.•217 views

F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection

OVERVIEW F5 FirePass SSL VPN is vulnerable to Open URL Redirection. 2. BACKGROUND F5 FirePass SSL VPN provides secure remote access to enterprise applications and data for users over any device or network while protecting your corporate. See http://www.f5.com/pdf/products/firepass-overview.pdf...

securityvulns•added 2012/10/22 12:0 a.m.•152 views

Omnistar Document Manager v8.0 - Multiple Vulnerabilities

Title: ====== Omnistar Document Manager v8.0 - Multiple Vulnerabilities Date: ===== 2012-10-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=712 VL-ID: ===== 712 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

securityvulns•added 2012/10/22 12:0 a.m.•113 views

Better WP Security v3.4.3 Wordpress - Web Vulnerabilities

Title: ====== Better WP Security v3.4.3 Wordpress - Web Vulnerabilities Date: ===== 2012-08-20 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=691 VL-ID: ===== 691 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...

securityvulns•added 2012/10/22 12:0 a.m.•110 views

[waraxe-2012-SA#092] - Multiple Vulnerabilities in Wordpress Slideshow Plugin

waraxe-2012-SA092 - Multiple Vulnerabilities in Wordpress Slideshow Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-92.html Description of vulnerab...

securityvulns•added 2012/10/22 12:0 a.m.•51 views

Multiple vulnerabilities in Template CMS

Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...

6.8CVSS0.2AI score0.04848EPSS

Total number of security vulnerabilities47153