Securityvulns - Page 133 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2012/08/06 12:0 a.m.•46 views

libjpeg-turbo

Buffer overflow on JPEG decoding...

6.8CVSS3.6AI score0.02359EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/08/06 12:0 a.m.•47 views

[ MDVSA-2012:121 ] libjpeg-turbo

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:121 http://www.mandriva.com/security/ Package : libjpeg-turbo Date : August 1, 2012 Affected: 2011. Problem Description: A vulnerability has been discovered and corrected in libjpeg-turbo: A Heap-based buffe...

6.8CVSS8.3AI score0.02359EPSS

securityvulns•added 2012/08/06 12:0 a.m.•41 views

QEMU sumbolic links vulnerability

Symbolic links vulnerability on snapshot creation...

4.4CVSS1.7AI score0.00065EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/08/06 12:0 a.m.•70 views

MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2012-001 MIT krb5 Security Advisory 2012-001 Original release: 2012-07-31 Topic: KDC heap corruption and crash vulnerabilities CVE-2012-1015: KDC frees uninitialized pointer CVSSv2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2...

9.3CVSS9.6AI score0.04152EPSS

securityvulns•added 2012/08/06 12:0 a.m.•65 views

[SECURITY] [DSA 2520-1] openoffice.org security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2520-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez August 01, 2012 http://www.debian.org/security/faq -...

7.5CVSS1.6AI score0.05396EPSS

securityvulns•added 2012/08/06 12:0 a.m.•49 views

MIT Kerberos 5 security vulnerabilities

Uninitialized pointer free, DoS...

9.3CVSS3.1AI score0.04152EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/08/06 12:0 a.m.•52 views

[USN-1522-1] QEMU vulnerability

========================================================================== Ubuntu Security Notice USN-1522-1 August 02, 2012 qemu-kvm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.4CVSS0.4AI score0.00065EPSS

securityvulns•added 2012/07/30 12:0 a.m.•55 views

PHP security vulnerabilities

phpstreamscandir overflow, SQLite functionality openbasedir protection bypass...

10CVSS3.4AI score0.32676EPSS

Exploits2References1Affected Software1

securityvulns•added 2012/07/30 12:0 a.m.•74 views

[ MDVSA-2012:108 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:108 http://www.mandriva.com/security/ Package : php Date : July 23, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in php:...

10CVSS8.4AI score0.32676EPSS

securityvulns•added 2012/07/30 12:0 a.m.•32 views

file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install.

Hi list, Two small problems I noticed with Oracle Solaris Update Manager and the latest patch cluster on Solaris 10 x86. += Local Root If the system administrator is updating the system using update manager or smpatch multi user mode a race condition exists with the postinstall script for SUNWbin...

securityvulns•added 2012/07/30 12:0 a.m.•79 views

[ MDVSA-2012:109 ] libxslt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:109 http://www.mandriva.com/security/ Package : libxslt Date : July 23, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in libxslt: The XSL...

5CVSS7.7AI score0.01062EPSS

securityvulns•added 2012/07/30 12:0 a.m.•48 views

libxslt DoS

No description provided...

5CVSS1AI score0.01062EPSS

Exploits0References1

securityvulns•added 2012/07/29 12:0 a.m.•51 views

ISC bind DoS

Crash because of incorrect failed requests cache implementation...

7.8CVSS1.6AI score0.06693EPSS

Exploits1References1Affected Software1

securityvulns•added 2012/07/29 12:0 a.m.•63 views

[USN-1518-1] Bind vulnerability

========================================================================== Ubuntu Security Notice USN-1518-1 July 26, 2012 bind9 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

7.8CVSS0.1AI score0.06693EPSS

securityvulns•added 2012/07/29 12:0 a.m.•30 views

Apache mod_auth_openid weak permissions

/tmp/modauthopenid.db weak permissions...

2.1CVSS1.7AI score0.00371EPSS

Exploits5References1Affected Software1

securityvulns•added 2012/07/29 12:0 a.m.•51 views

[ MDVSA-2012:114 ] apache-mod_auth_openid

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:114 http://www.mandriva.com/security/ Package : apache-modauthopenid Date : July 26, 2012 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in...

2.1CVSS6AI score0.00371EPSS

securityvulns•added 2012/07/29 12:0 a.m.•119 views

python multiple security vulnerabilities

DoS, crissoite scripting, information leakage...

5CVSS1.4AI score0.04088EPSS

Exploits9References2Affected Software1

securityvulns•added 2012/07/29 12:0 a.m.•59 views

[ MDVSA-2012:115 ] dhcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:115 http://www.mandriva.com/security/ Package : dhcp Date : July 26, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in ISC DHCP: An unexpected client...

6.1CVSS6.9AI score0.17426EPSS

securityvulns•added 2012/07/29 12:0 a.m.•72 views

[ MDVSA-2012:117 ] python-pycrypto

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:117 http://www.mandriva.com/security/ Package : python-pycrypto Date : July 27, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in...

4.3CVSS7.8AI score0.04088EPSS

securityvulns•added 2012/07/23 12:0 a.m.•52 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Exploits0References10Affected Software9

securityvulns•added 2012/07/23 12:0 a.m.•41 views

libexif project security advisory July 12, 2012

libexif project security advisory July 12, 2012 PROBLEM DESCRIPTION A number of remotely exploitable issues were discovered in libexif and exif, with effects ranging from information leakage to potential remote code execution. The issues are: CVE-2012-2812: A heap-based out-of-bounds array read i...

7.5CVSS3.8AI score0.04256EPSS

securityvulns•added 2012/07/23 12:0 a.m.•55 views

[SECURITY] [DSA 2515-1] nsd3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2515-1 [email protected] http://www.debian.org/security/ Nico Golde July 19, 2012 http://www.debian.org/security/faq -...

5CVSS1.4AI score0.01384EPSS

securityvulns•added 2012/07/23 12:0 a.m.•21 views

HP StorageWorks code execution

Few vulnerabilities in File Migration Agent TCP/9111 service...

Exploits0References2

securityvulns•added 2012/07/23 12:0 a.m.•155 views

AVAVoIP v1.5.12 - Multiple Web Vulnerabilities

Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: ===== 2012-06-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 611 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Designed fr...

securityvulns•added 2012/07/23 12:0 a.m.•13206 views

MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities

Advisory: MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities Advisory ID: SSCHADV2012-017 Author: Stefan Schurtz Affected Software: Successfully tested on MGB OpenSource Guestbook 0.6.9.1 Vendor URL: http://www.m-gb.org Vendor Status: fixed ========================== Vulnerability...

securityvulns•added 2012/07/23 12:0 a.m.•181 views

VamCart v0.9 CMS - Multiple Web Vulnerabilities

Title: ====== VamCart v0.9 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=622 VL-ID: ===== 622 Common Vulnerability Scoring System: ==================================== 4 Introduction: ============= VamCart is a...

securityvulns•added 2012/07/23 12:0 a.m.•29 views

0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability

================ 0A29-12-2 : Metasploit 'pcaplog' plugin privilege escalation vulnerability Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Metasploit plugin 'pcaplog' is vulnerable to an arbitrary file...

securityvulns•added 2012/07/23 12:0 a.m.•35 views

Metasploit pcap_log symbolic links vulnerability

Symbolic links vulnerability on temporary file creation...

Exploits0References1

securityvulns•added 2012/07/23 12:0 a.m.•41 views

Google Chrome DLL spoofing

Unsafe metrodriver.dll loading...

7.2CVSS1.8AI score0.00386EPSS

Exploits1References1Affected Software1

securityvulns•added 2012/07/23 12:0 a.m.•128 views

Jrobalian CMS SQL Injection Vulnerability

===================================================== Jrobalian CMS SQL Injection Vulnerability ===================================================== :----------------------------------------------------------------------------------------------------------------------------------------: :...

securityvulns•added 2012/07/23 12:0 a.m.•92 views

WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities

Advisory: WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities Advisory ID: SSCHADV2012-015 Author: Stefan Schurtz Affected Software: Successfully tested on 'Count Per Day' 3.1.1 Vendor URL: http://www.tomsdimension.de/wp-plugins/count-per-day Vendor Status: fixed...

securityvulns•added 2012/07/23 12:0 a.m.•25 views

HP AssetManager crossite scripting

Multiple crossite scripting possibilities...

4.3CVSS1AI score0.00623EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/07/23 12:0 a.m.•21 views

DomsHttpd DoS

Crash on Referer: header processing...

Exploits0References1Affected Software1

securityvulns•added 2012/07/23 12:0 a.m.•57 views

[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03403333 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03403333 Version: 1 HPSBGN02787...

4.3CVSS1.2AI score0.00623EPSS

securityvulns•added 2012/07/23 12:0 a.m.•105 views

ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-126 : 0 day HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-126 July 18, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...

securityvulns•added 2012/07/23 12:0 a.m.•319 views

PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities

Title: ====== PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=623 VL-ID: ===== 625 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============= PBBoard...

securityvulns•added 2012/07/23 12:0 a.m.•109 views

Event Calendar PHP 1.2 - Multiple Web Vulnerabilites

Title: ====== Event Calendar PHP 1.2 - Multiple Web Vulnerabilites Date: ===== 2012-06-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=607 VL-ID: ===== 607 Common Vulnerability Scoring System: ==================================== 7.1 Introduction: ============= Event...

securityvulns•added 2012/07/23 12:0 a.m.•129 views

DomsHttpd 1.0 <= Remote Denial Of Service

DomsHttpd 1.0 = Remote Denial Of Service Discovered by: Jean Pascal Pereira [email protected] About DomsHttpd: "A very simple HTTP protocol program base on asynchronous socket model." Vendor URI: http://domshttpd.codeplex.com/ The remote attacker has the possibility to crash the application by...

securityvulns•added 2012/07/23 12:0 a.m.•33 views

nsd DNS server DoS

NULL pointer dereference on malformed DNS packet processing...

5CVSS2.4AI score0.01384EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/07/23 12:0 a.m.•81 views

ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-127 : 0Day HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-127 July 18, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...

securityvulns•added 2012/07/23 12:0 a.m.•83 views

Google Chrome 19 metro_driver.dll mishandling

Security Advisory - Google Chrome 19 metrodriver.dll mishandling ======================================================================== Summary : Google Chrome 19 is prone to unqualified DLL loading Date : 28 June 2012 Affected versions : Google Chrome v19.0.1084.21 up-to v20.0.1132.23 ID :...

7.2CVSS6.8AI score0.00386EPSS

securityvulns•added 2012/07/23 12:0 a.m.•35 views

libexif / exif multiple security vulnerabilities

Buffer overflows, integer overflows, DoS conditions...

7.5CVSS3.6AI score0.04256EPSS

Exploits0References2

securityvulns•added 2012/07/23 12:0 a.m.•166 views

SMF Board v2.0.2 - Multiple Web Vulnerabilities

Title: ====== SMF Board v2.0.2 - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=596 VL-ID: ===== 624 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: ============= Simple...

securityvulns•added 2012/07/23 12:0 a.m.•111 views

CakePHP 2.x-2.2.0-RC2 XXE Injection

Exploit title: CakePHP XXE injection Date: 01.07.2012 Software Link: http://www.cakephp.org Vulnerable version: 2.x - 2.2.0-RC2 Tested on: Windows and Linux Author: Pawel Wylecial http://h0wl.pl 1. Background Short description from the project website: "CakePHP makes building web applications...

securityvulns•added 2012/07/23 12:0 a.m.•84 views

Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability

Title: ====== Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Date: ===== 2012-05-29 References: =========== http://www.blackboard.com/Platforms/Learn/Overview.aspx VL-ID: ===== 580 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

securityvulns•added 2012/07/18 12:0 a.m.•71 views

CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Kernel ReadLayoutFile Heap Overflow 1. Advisory Information Title: Windows Kernel ReadLayoutFile Heap Overflow Advisory ID: CORE-2011-1123 Advisory URL: http://www.coresecurity.com/content/windows-kernel-readlayoutfile Da...

7.2CVSS6.4AI score0.00731EPSS

securityvulns•added 2012/07/18 12:0 a.m.•24 views

Dr.Web antivirus SQL injection

SQL injection in com.drweb.activities.antispam.CursorActivity class of android antivirus allows untrusted applications to access SMS archive...

Exploits0References1Affected Software1

securityvulns•added 2012/07/18 12:0 a.m.•60 views

[PT-2012-23] SQL Injection in Dr.Web Anti-virus

----------------------------------------------------------------------------- PT-2012-23 Positive Technologies Security Advisory SQL Injection in Dr.Web Anti-virus ----------------------------------------------------------------------------- --- Vulnerable software Dr.Web Anti-virus Version: 7.00...

securityvulns•added 2012/07/16 12:0 a.m.•71 views

Cross site scripting vulnerability found in GLPI 0.83.2

Hi, This is regarding XSS Vulnerability in GLPI 0.83.2. The following is the disclosure document: Title: Cross site scripting vulnerability found in GLPI 0.83.2 ------------------------------------------------------------------------...

securityvulns•added 2012/07/16 12:0 a.m.•156 views

security advisory: AirDroid 1.0.4 beta

Dear Sir or Madam, we'd like to publish the following advisory. Thanks in advance. TC-SA-2012-02: Several weaknesses in implementation of security features in AirDroid 1.0.4 beta Published: 2012/07/12 Advisory-Version: 1.0 Affected products: AirDroid 1.0.4 beta References: TC-SA-2012-02...

7.5CVSS6.5AI score0.0043EPSS

Total number of security vulnerabilities47153