Securityvulns - Page 13 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/07/05 12:0 a.m.•46 views

ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities EMC Identifier: ESA-2015-108 CVE Identifier: CVE-2015-0547, CVE-2015-0548 Severity Rating: CVSSv2 Base Score: See below for CVSSv2 score for individual CVEs Affected products: • EM...

4CVSS0.6AI score0.00156EPSS

securityvulns•added 2015/07/05 12:0 a.m.•40 views

GeniXCMS XSS Vulnerabilities

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-GENIXCMS0621.txt Vendor: ============================================= genixcms.org Product: ===================================================== GeniXCMS v0.0.3 is a PHP...

securityvulns•added 2015/07/05 12:0 a.m.•42 views

IBM Domino Web Server Cross-site Scripting Vulnerability (CVE-2015-1981)

Hello 3APA3A! Earlier I wrote about XSS vulnerability in IBM Domino http://seclists.org/fulldisclosure/2015/May/128. I informed IBM in May about it and at 17.06.2015 they fixed it and released security bulletin. Security Bulletin: IBM Domino Web Server Cross-site Scripting Vulnerability...

2.1CVSS1AI score0.00295EPSS

securityvulns•added 2015/07/05 12:0 a.m.•53 views

Multiple vulnerabilities in Vulcan theme for WordPress + WAF bypass

Hello 3APA3A! Let's back to vulnerabilities, which I disclosed in April 2011, which can be used for DDoS attacks on other sites, e.g. with my DAVOSET http://seclists.org/fulldisclosure/2015/Jun/111. In addition to hundreds of themes, which I wrote about in previous years, here is another theme fo...

securityvulns•added 2015/07/05 12:0 a.m.•75 views

Apple iOS multiple security vulnerabilities

DoS, certificate trust vulnerabilities, multiple memory corruptions, information disclosure, weak cyphers, code execution...

7.8CVSS3AI score0.92346EPSS

Exploits5References1Affected Software1

securityvulns•added 2015/07/05 12:0 a.m.•83 views

APPLE-SA-2015-06-30-1 iOS 8.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-06-30-1 iOS 8.4 iOS 8.4 is now available and addresses the following: Application Store Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A malicious universal provisioning profile app ma...

7.8CVSS0.4AI score0.92346EPSS

securityvulns•added 2015/06/29 12:0 a.m.•60 views

CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

CVEID: CVE-2015-4464 SUBJECT: Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders DESCRIPTION: A deficiency in handling authentication and authorization has been found with Kguard 104/108/v2 models. While password-based authentication...

7.5CVSS1.4AI score0.00533EPSS

securityvulns•added 2015/06/29 12:0 a.m.•64 views

[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

ERPSCAN Research Advisory ERPSCAN-15-003 SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS Application: SAP NetWeaver Dispatcher Versions Affected: SAP NetWeaver Dispatcher, probably others Vendor URL: http://SAP.com Bugs: RCE Sent: 25.08.14 Reported: 25.08.14 Vendor response: 25.08.14 Date of...

6.5CVSS7.7AI score0.03458EPSS

securityvulns•added 2015/06/29 12:0 a.m.•38 views

SAP Afaria security vulnerabilities

DoS, authentication bypass...

7.5CVSS3.6AI score0.03869EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•56 views

SAP NetWeather multiple security vulnerabilities

Information disclosure, XXE injection, code execution, DoS...

6.5CVSS1.8AI score0.03458EPSS

Exploits0References4Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•41 views

[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE

ERPSCAN Research Advisory ERPSCAN-15-011 SAP Mobile Platform 3.0 - XXE Application: SAP Mobile Platform 3.0 Versions Affected: SAP Mobile Platform 3.0, probably others Vendor URL: http://SAP.com Bugs: XML eXternal Entity Sent: 29.12.2014 Reported: 29.12.2014 Vendor response: 30.12.2014 Date of...

securityvulns•added 2015/06/29 12:0 a.m.•35 views

ESA-2015-109: EMC Documentum D2 Cross-Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-109: EMC Documentum D2 Cross-Site Scripting Vulnerability EMC Identifier: ESA-2015-109 CVE Identifier: CVE-2015-0549 Severity Rating: CVSS v2 Base Score: 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P Affected products: EMC Documentum D2 version 4.1 EMC...

3.5CVSS0.2AI score0.00159EPSS

securityvulns•added 2015/06/29 12:0 a.m.•55 views

[ERPSCAN-15-005] SAP Mobile Platform - XXE

ERPSCAN Research Advisory ERPSCAN-15-005 SAP Mobile Platform - XXE Application: SAP Mobile Platform 2.3 Versions Affected: SAP Mobile Platform 2.3, probably others Vendor URL: http://SAP.com Bugs: XML eXternal Entity Sent: 06.11.14 Reported: 06.11.14 Vendor response: 07.11.14 Date of Public...

5CVSS7.1AI score0.0054EPSS

securityvulns•added 2015/06/29 12:0 a.m.•38 views

Kguard Digital Video Recorders security vulnerabilities

Authentication bypass, commands injection, DoS...

7.5CVSS4.5AI score0.00533EPSS

Exploits3References2

securityvulns•added 2015/06/29 12:0 a.m.•45 views

[oCERT-2015-008] FreeRADIUS insufficent CRL application

2015-008 FreeRADIUS insufficent CRL application Description: The FreeRADIUS server is an open source project that provides a RADIUS implementation. The FreeRADIUS server relies on OpenSSL to perform certificate validation, including Certificate Revocation List CRL checks. The FreeRADIUS usage of...

5CVSS7.3AI score0.0038EPSS

securityvulns•added 2015/06/29 12:0 a.m.•53 views

[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE

ERPSCAN Research Advisory ERPSCAN-15-004 SAP NetWeaver Portal XMLValidationComponent - XXE Application: SAP NetWeaver Portal 7.31 Versions Affected: SAP NetWeaver Portal 7.31, probably others Vendor URL: http://SAP.com Bugs: XML eXternal Entity Sent: 06.11.2014 Reported: 06.11.2014 Vendor respons...

5CVSS6.7AI score0.0057EPSS

securityvulns•added 2015/06/29 12:0 a.m.•54 views

wireshark multiple security vulnerabilities

Multiple memory corruptions in different dissectors...

7.8CVSS2.8AI score0.00783EPSS

Exploits0References2Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•53 views

[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE

ERPSCAN Research Advisory ERPSCAN-15-006 SAP NetWeaver Portal ReportXmlViewer - XXE Application: SAP NetWeaver Portal 7.31 Versions Affected: SAP NetWeaver Portal 7.31, probably others Vendor URL: http://SAP.com Bugs: XXE Sent: 09.12.2014 Reported: 09.12.2014 Vendor response: 10.12.2014 Date of...

5CVSS6.8AI score0.00657EPSS

securityvulns•added 2015/06/29 12:0 a.m.•37 views

SAP SYBASE SQL Anywhere DoS

DoS on request processing...

5CVSS1.9AI score0.03285EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•39 views

GNU patch security vulnerabilities

DoS, directory traversal...

7.8CVSS3.3AI score0.04141EPSS

Exploits1References2Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•65 views

[SECURITY] [DSA 3294-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3294-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 23, 2015 https://www.debian.org/security/faq -...

5CVSS1.6AI score0.00555EPSS

securityvulns•added 2015/06/29 12:0 a.m.•56 views

[USN-2651-1] GNU patch vulnerabilities

========================================================================== Ubuntu Security Notice USN-2651-1 June 22, 2015 patch vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.8CVSS0.8AI score0.04141EPSS

securityvulns•added 2015/06/29 12:0 a.m.•50 views

[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS

ERPSCAN Research Advisory ERPSCAN-15-010 SYBASE SQL Anywhere 12 and 16 - DoS Application: SYBASE SQL Anywhere 12 and 16 Versions Affected: SYBASE SQL Anywhere 12 and 16, probably others Vendor URL: http://SAP.com Bugs: DoS Sent: 09.12.2014 Reported: 09.12.2014 Vendor response: 10.12.2014 Date of...

5CVSS0.03285EPSS

securityvulns•added 2015/06/29 12:0 a.m.•32 views

FreeRADIUS

Insufficient certificate revocations checks...

5CVSS2.2AI score0.0038EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•48 views

[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure

ERPSCAN Research Advisory ERPSCAN-15-007 SAP Management Console ReadProfile Parameters - Information disclosure Application: SAP Management Console Versions Affected: SAP NW 7.4 Management Console, probably others Vendor URL: http://SAP.com Bugs: Information disclosure Sent: 09.12.2014 Reported:...

5CVSS6.4AI score0.00435EPSS

securityvulns•added 2015/06/29 12:0 a.m.•43 views

[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check

ERPSCAN Research Advisory ERPSCAN-15-009 SAP Afaria 7 XcListener - Missing authorization check Application: SAP Afaria 7 Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Missing authorization check Sent: 09.12.2014 Reported: 09.12.2014 Vendor response: 10.12.2014...

7.5CVSS0.4AI score0.00756EPSS

securityvulns•added 2015/06/29 12:0 a.m.•28 views

ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability EMC Identifier: ESA-2015-110 CVE Identifier: CVE-2015-0550 Severity Rating: CVSS v2 Base Score: 8.5 AV:N/AC:L/Au:N/C:C/I:N/A:P Affected products: • EMC Documentum Thumbnai...

8.5CVSS0.5AI score0.03018EPSS

securityvulns•added 2015/06/29 12:0 a.m.•34 views

Cisco Virtual WSA / ESA / SMA default keys

Default ssh keys are installed...

5CVSS2.2AI score0.00882EPSS

securityvulns•added 2015/06/29 12:0 a.m.•26 views

EMC Unisphere for VMAX code execution

JDWP access is possible...

10CVSS2.6AI score0.06241EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•29 views

Netgear Prosafe multiple security vulnerabilities

XSS, headers injection, SQL injection...

Exploits0References1Affected Software1

securityvulns•added 2015/06/29 12:0 a.m.•102 views

Netgear Prosafe VPN Firewalls - Multiple vulnerabilities

About Encripto AS ================= Encripto is a Norwegian company which provides specialized services within IT-security. Our core expertise is security testing, network security monitoring and training. Encripto is committed to information security. We do research to discover trends, new...

securityvulns•added 2015/06/29 12:0 a.m.•43 views

ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability EMC Identifier: ESA-2015-102 CVE Identifier: CVE-2015-0545 Severity Rating: CVSS v2 Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC Unisphere for VMAX 8.0.0 ...

10CVSS0.9AI score0.06241EPSS

securityvulns•added 2015/06/21 12:0 a.m.•73 views

BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability

Exploit Title: BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability Date: 2015/06/16 Vendor Homepage: http://blackcat-cms.org/ Software Link: http://blackcat-cms.org/temp/packetyzer/blackcatcms2fo3PXdKj1.zip Version: v1.1.1 Tested on: Centos 6.5,PHP 5.4.41 Category: webapps Description...

securityvulns•added 2015/06/21 12:0 a.m.•41 views

p7zip deirectory trversal

Directory traversal on archive extraction...

5.8CVSS3.5AI score0.03183EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/06/21 12:0 a.m.•49 views

libvirt / qemu / Xen multiple security vulnerabilities

DoS, privilege escalation, information disclosure, code execution...

7.8CVSS3AI score0.18024EPSS

Exploits0References2Affected Software2

securityvulns•added 2015/06/21 12:0 a.m.•60 views

[SECURITY] [DSA 3286-1] xen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3286-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 13, 2015 https://www.debian.org/security/faq -...

7.8CVSS0.8AI score0.18024EPSS

securityvulns•added 2015/06/21 12:0 a.m.•111 views

Productsurf Cms Sql Injection Vulnerability

Sql Injection Vulnerability in Productsurf Cms All Version @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@...

securityvulns•added 2015/06/21 12:0 a.m.•25 views

EMC Unified Infrastructure Manager/Provisioning authentication bypass

Authentication bypass if LDAP authentication is used...

10CVSS3.1AI score0.03406EPSS

Exploits0References1

securityvulns•added 2015/06/21 12:0 a.m.•59 views

[SECURITY] [DSA 3289-1] p7zip security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3289-1 [email protected] https://www.debian.org/security/ Ben Hutchings June 15, 2015 https://www.debian.org/security/faq -...

5.8CVSS1.8AI score0.03183EPSS

securityvulns•added 2015/06/21 12:0 a.m.•50 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.07499EPSS

Exploits12References7Affected Software5

securityvulns•added 2015/06/21 12:0 a.m.•55 views

wpa_supplicant multiple security vulnerabilities

Buffer overflows, DoS vulnerabilities...

5.8CVSS2.7AI score0.08546EPSS

Exploits0References3Affected Software2

securityvulns•added 2015/06/21 12:0 a.m.•90 views

Linux kernel security vulnerabilities

DoS, privilege escalations...

7.2CVSS3AI score0.89572EPSS

Exploits31References4

securityvulns•added 2015/06/21 12:0 a.m.•28 views

My Wifi Router buffer overflow

Buffer overflow on user authentication...

Exploits0References1Affected Software1

securityvulns•added 2015/06/21 12:0 a.m.•84 views

[SECURITY] [DSA 3290-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3290-1 [email protected] https://www.debian.org/security/ Ben Hutchings June 18, 2015 https://www.debian.org/security/faq -...

7.2CVSS0.9AI score0.09009EPSS

securityvulns•added 2015/06/21 12:0 a.m.•35 views

ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning UIM/P Authentication Bypass Vulnerability EMC Identifier: ESA-2015-106 CVE Identifier: CVE-2015-0546 Severity Rating: CVSS v2 Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C Affected products: ...

10CVSS1AI score0.03406EPSS

securityvulns•added 2015/06/21 12:0 a.m.•39 views

Buffer Overflow in My Wifi Router Software

Hi there, I have seen a buffer overflow in My Wifi Router software version 1.0 The link of the software is available :- http://mywifirouter.software.informer.com/1.0/ Exploit :- After running the software you will see two places to enter details i.e "Hotspot Name" and "Password". To exploit this...

securityvulns•added 2015/06/21 12:0 a.m.•65 views

[SECURITY] [DSA 3292-1] cinder security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3292-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 19, 2015 https://www.debian.org/security/faq -...

6.8CVSS1.7AI score0.0051EPSS

securityvulns•added 2015/06/21 12:0 a.m.•66 views

[USN-2647-1] Linux kernel vulnerability

========================================================================== Ubuntu Security Notice USN-2647-1 June 15, 2015 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

7.2CVSS0.6AI score0.89572EPSS

securityvulns•added 2015/06/21 12:0 a.m.•39 views

libav / ffmpeg security vulnerabilities

Memory corruptions in multiple demuxers...

6.8CVSS4.5AI score0.01049EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/21 12:0 a.m.•31 views

VCE Vision Intelligent Operations weak cryptography

Weak cyphers usage, sensitive information transmitted in cleartext...

5CVSS2.6AI score0.00313EPSS

Exploits0References1Affected Software1

Total number of security vulnerabilities47153