Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2012/08/06 12:0 a.m.57 views

[USN-1522-1] QEMU vulnerability

========================================================================== Ubuntu Security Notice USN-1522-1 August 02, 2012 qemu-kvm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.4CVSS0.4AI score0.00344EPSS
Exploits0
securityvulns
securityvulns
added 2012/08/06 12:0 a.m.67 views

[SECURITY] [DSA 2520-1] openoffice.org security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2520-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez August 01, 2012 http://www.debian.org/security/faq -...

7.5CVSS1.6AI score0.07006EPSS
Exploits0
securityvulns
securityvulns
added 2012/08/06 12:0 a.m.46 views

libjpeg-turbo

Buffer overflow on JPEG decoding...

6.8CVSS3.6AI score0.04765EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/08/06 12:0 a.m.71 views

MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2012-001 MIT krb5 Security Advisory 2012-001 Original release: 2012-07-31 Topic: KDC heap corruption and crash vulnerabilities CVE-2012-1015: KDC frees uninitialized pointer CVSSv2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2...

9.3CVSS9.6AI score0.04814EPSS
Exploits0
securityvulns
securityvulns
added 2012/08/06 12:0 a.m.49 views

MIT Kerberos 5 security vulnerabilities

Uninitialized pointer free, DoS...

9.3CVSS3.1AI score0.04814EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/08/06 12:0 a.m.41 views

QEMU sumbolic links vulnerability

Symbolic links vulnerability on snapshot creation...

4.4CVSS1.7AI score0.00344EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/08/06 12:0 a.m.49 views

[ MDVSA-2012:121 ] libjpeg-turbo

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:121 http://www.mandriva.com/security/ Package : libjpeg-turbo Date : August 1, 2012 Affected: 2011. Problem Description: A vulnerability has been discovered and corrected in libjpeg-turbo: A Heap-based buffe...

6.8CVSS8.3AI score0.04765EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/30 12:0 a.m.48 views

libxslt DoS

No description provided...

5CVSS1AI score0.02123EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/07/30 12:0 a.m.80 views

[ MDVSA-2012:109 ] libxslt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:109 http://www.mandriva.com/security/ Package : libxslt Date : July 23, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in libxslt: The XSL...

5CVSS7.7AI score0.02123EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/30 12:0 a.m.33 views

file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install.

Hi list, Two small problems I noticed with Oracle Solaris Update Manager and the latest patch cluster on Solaris 10 x86. += Local Root If the system administrator is updating the system using update manager or smpatch multi user mode a race condition exists with the postinstall script for SUNWbin...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/07/30 12:0 a.m.55 views

PHP security vulnerabilities

phpstreamscandir overflow, SQLite functionality openbasedir protection bypass...

10CVSS3.4AI score0.11178EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2012/07/30 12:0 a.m.75 views

[ MDVSA-2012:108 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:108 http://www.mandriva.com/security/ Package : php Date : July 23, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in php:...

10CVSS8.4AI score0.10467EPSS
Exploits2
securityvulns
securityvulns
added 2012/07/29 12:0 a.m.52 views

[ MDVSA-2012:114 ] apache-mod_auth_openid

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:114 http://www.mandriva.com/security/ Package : apache-modauthopenid Date : July 26, 2012 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in...

2.1CVSS6AI score0.01004EPSS
Exploits5
securityvulns
securityvulns
added 2012/07/29 12:0 a.m.64 views

[USN-1518-1] Bind vulnerability

========================================================================== Ubuntu Security Notice USN-1518-1 July 26, 2012 bind9 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

7.8CVSS0.1AI score0.27383EPSS
Exploits1
securityvulns
securityvulns
added 2012/07/29 12:0 a.m.52 views

ISC bind DoS

Crash because of incorrect failed requests cache implementation...

7.8CVSS1.6AI score0.27383EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2012/07/29 12:0 a.m.73 views

[ MDVSA-2012:117 ] python-pycrypto

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:117 http://www.mandriva.com/security/ Package : python-pycrypto Date : July 27, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in...

4.3CVSS7.8AI score0.02727EPSS
Exploits2
securityvulns
securityvulns
added 2012/07/29 12:0 a.m.30 views

Apache mod_auth_openid weak permissions

/tmp/modauthopenid.db weak permissions...

2.1CVSS1.7AI score0.01004EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
added 2012/07/29 12:0 a.m.61 views

[ MDVSA-2012:115 ] dhcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:115 http://www.mandriva.com/security/ Package : dhcp Date : July 26, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in ISC DHCP: An unexpected client...

6.1CVSS6.9AI score0.12985EPSS
Exploits1
securityvulns
securityvulns
added 2012/07/29 12:0 a.m.119 views

python multiple security vulnerabilities

DoS, crissoite scripting, information leakage...

5CVSS1.4AI score0.0562EPSS
Exploits9References2Affected Software1
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.112 views

Event Calendar PHP 1.2 - Multiple Web Vulnerabilites

Title: ====== Event Calendar PHP 1.2 - Multiple Web Vulnerabilites Date: ===== 2012-06-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=607 VL-ID: ===== 607 Common Vulnerability Scoring System: ==================================== 7.1 Introduction: ============= Event...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.129 views

Jrobalian CMS SQL Injection Vulnerability

===================================================== Jrobalian CMS SQL Injection Vulnerability ===================================================== :----------------------------------------------------------------------------------------------------------------------------------------: :...

8.3AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.87 views

Google Chrome 19 metro_driver.dll mishandling

Security Advisory - Google Chrome 19 metrodriver.dll mishandling ======================================================================== Summary : Google Chrome 19 is prone to unqualified DLL loading Date : 28 June 2012 Affected versions : Google Chrome v19.0.1084.21 up-to v20.0.1132.23 ID :...

7.2CVSS6.8AI score0.00442EPSS
Exploits1
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.57 views

[SECURITY] [DSA 2515-1] nsd3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2515-1 [email protected] http://www.debian.org/security/ Nico Golde July 19, 2012 http://www.debian.org/security/faq -...

5CVSS1.4AI score0.09235EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.33 views

nsd DNS server DoS

NULL pointer dereference on malformed DNS packet processing...

5CVSS2.4AI score0.09235EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.35 views

Metasploit pcap_log symbolic links vulnerability

Symbolic links vulnerability on temporary file creation...

2.1AI score
Exploits0References1
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.319 views

PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities

Title: ====== PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=623 VL-ID: ===== 625 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============= PBBoard...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.167 views

SMF Board v2.0.2 - Multiple Web Vulnerabilities

Title: ====== SMF Board v2.0.2 - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=596 VL-ID: ===== 624 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: ============= Simple...

Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.156 views

AVAVoIP v1.5.12 - Multiple Web Vulnerabilities

Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: ===== 2012-06-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 611 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Designed fr...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.184 views

VamCart v0.9 CMS - Multiple Web Vulnerabilities

Title: ====== VamCart v0.9 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=622 VL-ID: ===== 622 Common Vulnerability Scoring System: ==================================== 4 Introduction: ============= VamCart is a...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.41 views

Google Chrome DLL spoofing

Unsafe metrodriver.dll loading...

7.2CVSS1.8AI score0.00442EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.59 views

[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03403333 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03403333 Version: 1 HPSBGN02787...

4.3CVSS1.2AI score0.0163EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.25 views

HP AssetManager crossite scripting

Multiple crossite scripting possibilities...

4.3CVSS1AI score0.0163EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.22 views

HP StorageWorks code execution

Few vulnerabilities in File Migration Agent TCP/9111 service...

2.1AI score
Exploits0References2
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.53 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References10Affected Software9
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.88 views

Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability

Title: ====== Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Date: ===== 2012-05-29 References: =========== http://www.blackboard.com/Platforms/Learn/Overview.aspx VL-ID: ===== 580 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.13213 views

MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities

Advisory: MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities Advisory ID: SSCHADV2012-017 Author: Stefan Schurtz Affected Software: Successfully tested on MGB OpenSource Guestbook 0.6.9.1 Vendor URL: http://www.m-gb.org Vendor Status: fixed ========================== Vulnerability...

Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.98 views

WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities

Advisory: WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities Advisory ID: SSCHADV2012-015 Author: Stefan Schurtz Affected Software: Successfully tested on 'Count Per Day' 3.1.1 Vendor URL: http://www.tomsdimension.de/wp-plugins/count-per-day Vendor Status: fixed...

5.8AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.22 views

DomsHttpd DoS

Crash on Referer: header processing...

0.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.134 views

DomsHttpd 1.0 <= Remote Denial Of Service

DomsHttpd 1.0 = Remote Denial Of Service Discovered by: Jean Pascal Pereira [email protected] About DomsHttpd: "A very simple HTTP protocol program base on asynchronous socket model." Vendor URI: http://domshttpd.codeplex.com/ The remote attacker has the possibility to crash the application by...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.82 views

ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-127 : 0Day HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-127 July 18, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...

Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.106 views

ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-126 : 0 day HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-126 July 18, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...

Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.112 views

CakePHP 2.x-2.2.0-RC2 XXE Injection

Exploit title: CakePHP XXE injection Date: 01.07.2012 Software Link: http://www.cakephp.org Vulnerable version: 2.x - 2.2.0-RC2 Tested on: Windows and Linux Author: Pawel Wylecial http://h0wl.pl 1. Background Short description from the project website: "CakePHP makes building web applications...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.29 views

0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability

================ 0A29-12-2 : Metasploit 'pcaplog' plugin privilege escalation vulnerability Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Metasploit plugin 'pcaplog' is vulnerable to an arbitrary file...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.42 views

libexif project security advisory July 12, 2012

libexif project security advisory July 12, 2012 PROBLEM DESCRIPTION A number of remotely exploitable issues were discovered in libexif and exif, with effects ranging from information leakage to potential remote code execution. The issues are: CVE-2012-2812: A heap-based out-of-bounds array read i...

7.5CVSS3.8AI score0.07557EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.35 views

libexif / exif multiple security vulnerabilities

Buffer overflows, integer overflows, DoS conditions...

7.5CVSS3.6AI score0.07557EPSS
Exploits0References2
securityvulns
securityvulns
added 2012/07/18 12:0 a.m.24 views

Dr.Web antivirus SQL injection

SQL injection in com.drweb.activities.antispam.CursorActivity class of android antivirus allows untrusted applications to access SMS archive...

4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/07/18 12:0 a.m.73 views

CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Kernel ReadLayoutFile Heap Overflow 1. Advisory Information Title: Windows Kernel ReadLayoutFile Heap Overflow Advisory ID: CORE-2011-1123 Advisory URL: http://www.coresecurity.com/content/windows-kernel-readlayoutfile Da...

7.2CVSS6.4AI score0.01791EPSS
Exploits1
securityvulns
securityvulns
added 2012/07/18 12:0 a.m.63 views

[PT-2012-23] SQL Injection in Dr.Web Anti-virus

----------------------------------------------------------------------------- PT-2012-23 Positive Technologies Security Advisory SQL Injection in Dr.Web Anti-virus ----------------------------------------------------------------------------- --- Vulnerable software Dr.Web Anti-virus Version: 7.00...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/07/16 12:0 a.m.61 views

[ MDVSA-2012:104 ] openjpeg

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:104 http://www.mandriva.com/security/ Package : openjpeg Date : July 12, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in openjpeg: OpenJPEG allocated...

10CVSS7.4AI score0.07695EPSS
Exploits0
securityvulns
securityvulns
added 2012/07/16 12:0 a.m.53 views

XSS, Redirector and CSRF vulnerabilities in WordPress

Hello 3APA3A! After seven previous vulnerabilities in Akismet, here are new holes. They take place in plugin Akismet for WordPress and it's core-plugin since version WP 2.0, so these vulnerabilities concern WordPress itself. This is the second in series of advisories concerning vulnerabilities in...

0.7AI score
Exploits0
Total number of security vulnerabilities47153