Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•86 views

[SECURITY] [DSA 2506-1] libapache-mod-security security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2506-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez July 02, 2012 http://www.debian.org/security/faq -...

4.3CVSS1.9AI score0.03303EPSS
Exploits2
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•102 views

Wordpress (editormonkey) Arbitrary File Upload Vulnerability

a bug in Wordpress editormonkeythat allows to us to occur a File Upload on a Remote machin. Exploit Title : Wordpress editormonkey Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk : High...

1.4AI score
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•67 views

Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities

Title: ====== Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities Date: ===== 2012-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=614 VL-ID: ===== 614 Common Vulnerability Scoring System: ==================================== 6.5 Introduction:...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•61 views

[SECURITY] [DSA 2503-1] bcfg2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2503-1 [email protected] http://www.debian.org/security/ Florian Weimer June 28, 2012 http://www.debian.org/security/faq -...

9CVSS2.3AI score0.0382EPSS
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•93 views

Blind SQL Injection in Webmatic

Advisory ID: HTB23096 Product: Webmatic Vendor: valarsoft.com Vulnerable Versions: 3.1.1 and probably prior Tested Version: 3.1.1 Vendor Notification: 13 June 2012 Public Disclosure: 4 July 2012 Vulnerability Type: Blind SQL Injection CVE Reference: CVE-2012-3350 CVSSv2 Base Score: 7.5...

6.8CVSS7.8AI score0.02925EPSS
Exploits6
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•71 views

[USN-1473-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1473-1 June 13, 2012 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.2CVSS0.7AI score0.00556EPSS
Exploits3
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•69 views

[USN-1444-1] BackupPC vulnerability

========================================================================== Ubuntu Security Notice USN-1444-1 May 17, 2012 backuppc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

4.3CVSS0.3AI score0.02067EPSS
Exploits1
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•66 views

CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability

Severity: important Vendor: The Apache Software Foundation Versions Affected: Roller 4.0.0 to Roller 4.0.1 Roller 5.0 The unsupported Roller 3.1 release is also affected Description: HTTP POST interfaces in the Roller admin/editor console were not protected from CSRF attacks. This issue has been...

0.2AI score0.01592EPSS
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•102 views

[ MDVSA-2012:096-1 ] python

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:096-1 http://www.mandriva.com/security/ Package : python Date : July 2, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in python: The ssl...

5CVSS8.8AI score0.73327EPSS
Exploits11
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•45 views

MIT Kerberos 5 kadmind DoS

NULL pointer dereference...

4CVSS2.6AI score0.03115EPSS
Exploits1Affected Software1
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•46 views

ZDI-12-106 : Avaya IP Office Customer Call Reporter ImageUpload Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ZDI-12-106 : Avaya IP Office Customer Call Reporter ImageUpload Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-106 June 28, 2012 - -- CVE ID: CVE-2012-3811 - -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P - --...

10CVSS0.5AI score0.62876EPSS
Exploits8
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•52 views

[security bulletin] HPSBPI02794 SSRT100542 rev.1 - Certain HP Photosmart Printers, Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c02931414 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02931414 Version: 1 HPSBPI02794...

7.8CVSS0.3AI score0.02335EPSS
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•103 views

NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation

High Risk Vulnerability in Symantec Message Filter 2 July 2012 Ben Williams of NCC Group has discovered a High risk vulnerability in Symantec Message Filter Impact: Session Hijacking via session fixation Versions affected: Symantec Message Filter Version 6.3 An updated version of the software has...

1.2AI score
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•100 views

Forum Oxalis 0.1.2 <= SQL Injection Vulnerability

Forum Oxalis 0.1.2 = SQL Injection Vulnerability Discovered by: Jean Pascal Pereira [email protected] Vendor information: "Forum Oxalis is a minimalis GPL PHP forum using CSS." Vendor URI: http://developer.berlios.de/projects/forumoxalis/ Risk-level: High The application is prone to a remote SQL...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•340 views

IIS Short File/Folder Name Disclosure by using tilde ~ character

Link: http://soroush.secproject.com/downloadable/iistildeshortnamedisclosure.txt Exploit-db link: www.exploit-db.com/exploits/19525/ ---------------------------- Security Research - IIS Short File/Folder Name Disclosure Website : http://soroush.secproject.com/blog/ I. BACKGROUND...

Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•44 views

XSS, Redirector and FPD vulnerabilities in WordPress

Hello 3APA3A! In June I've disclosed vulnerabilities in WordPress, which I'd present for you. They take place in plugin Akismet for WordPress and it's core-plugin since version WP 2.0, so these vulnerabilities concern WordPress itself. This is the first in series of advisories concerning...

0.7AI score
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•60 views

plow 0.0.5 <= Buffer Overflow Vulnerability

plow 0.0.5 = Buffer Overflow Vulnerability Discovered by: Jean Pascal Pereira [email protected] Vendor information: "plow is a command line playlist generator." Vendor URI: http://developer.berlios.de/projects/plow/ Risk-level: Medium The application is prone to a local buffer overflow...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•37 views

ESA-2012-026: RSA Access Manager Session Replay Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-026: RSA Access Manager Session Replay Vulnerability EMC Identifier: ESA-2012-026 CVE Identifier: CVE-2012-2281 Severity Rating: CVSSv2 Base Score: 6. 8 AV:A/AC:H/Au:N/C:C/I:C/A:C Affected Products: RSA Access Manager Server version 6.0.x RSA...

6.8CVSS0.2AI score0.0068EPSS
Exploits0
securityvulns
securityvulns
•added 2012/07/09 12:0 a.m.•50 views

.Net Framework Tilde Character DoS - Sorry, exploit-db link corrected

Link: http://soroush.secproject.com/downloadable/iistildedos.txt Exploit-db link: www.exploit-db.com/exploits/19575 ---------------------------- Security Research - .Net Framework Tilde Character DoS Website : http://soroush.secproject.com/blog/ I. BACKGROUND --------------------- "The .NET...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•100 views

Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy

a bug in Mybb 1.6.8 'announcements.php' that allows to us to occur a Sql Injection on a Remote machin. Exploit Title : Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://www.mybb.com/ Security Risk...

0.7AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•63 views

Webify Product Series - Multiple Web Vulnerabilities

Title: ====== Webify Product Series - Multiple Web Vulnerabilities Date: ===== 2012-06-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=598 VL-ID: ===== 598 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Webif...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•132 views

Commentics 2.0 <= Multiple Vulnerabilities

Commentics 2.0 = Multiple Vulnerabilities Discovered by: Jean Pascal Pereira [email protected] Vendor information: "Commentics is a free, advanced PHP comment script with many features. Professionally written and with open source code, its main aims are to be integrable, customizable and secure."...

7.2AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•54 views

News Script PHP v1.2 - Multiple Web Vulnerabilites

Title: ====== News Script PHP v1.2 - Multiple Web Vulnerabilites Date: ===== 2012-06-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=600 VL-ID: ===== 600 Common Vulnerability Scoring System: ==================================== 7.5 Introduction: ============= Visitor...

Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•21 views

QNAP Turbo NAS multiple security vulnerabilities

Information leakage, privilege esclation, system access...

2.2AI score
Exploits0References1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•89 views

traq-2.3.5_CSRF_XSS_SQL_INjeCTION_vulns

==================================================================== Vulnerable Software: traq-2.3.5 Official Site: TraqProject.org ==================================================================== About Software: Traq is a PHP powered project manager, capable of tracking issues for multiple...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•43 views

ClamAV antivirus multiple security vulnerabilities

Vulnerabilitie on TAR and CHM parsing...

4.3CVSS3.2AI score0.99809EPSS
Exploits0Affected Software1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•71 views

FreeBSD Security Advisory FreeBSD-SA-12:04.sysret [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:04.sysret Security Advisory The FreeBSD Project Topic: Privilege escalation when returning from kernel Category: core Module: sysamd64 Announced: 2012-06-12...

7.2CVSS9.1AI score0.37212EPSS
Exploits6
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•48 views

FreeBSD kernel privilege escalation

Privilege escalation on susret on some CPUs...

7.2CVSS3.1AI score0.37212EPSS
Exploits6References2Affected Software1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•31 views

Cisco Application Control Engine privilege escalation

Context administrator can access wrong context...

7.1CVSS4AI score0.01016EPSS
Exploits0References1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•29 views

Lattice Diamond Programmer buffer overflow

Code execution via .xcf files...

6.8CVSS5.8AI score0.04101EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•64 views

Multiple vulnerabilities in web@all

Advisory ID: HTB23094 Product: web@all Vendor: webatall.org Vulnerable Versions: 2.0 downloaded before 30th of May 2012; prior versions may also be vulnerable Tested Version: 2.0 downloaded on 25th of May 2012 Vendor Notification: 30 May 2012 Vendor Patch: 30 May 2012 Public Disclosure: 20 June...

6.8CVSS7.1AI score0.01531EPSS
Exploits4
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•68 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruptions, code executions, information leakage...

9.3CVSS2.8AI score0.64962EPSS
Exploits50References6Affected Software1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•25 views

Western Digital ShareSpace information leakage

It's possible to access configuration files via Web interface...

2.8AI score
Exploits0References1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•35 views

Cisco ASA DoS

It's possible to reboot device remotely...

7.8CVSS2.9AI score0.01913EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•35 views

Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability Advisory ID: cisco-sa-20120620-asaipv6 Revision 1.0 For Public Release 2012 June 20 16:00 UTC GMT...

1.4AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•94 views

VUPEN Security Research - Microsoft Internet Explorer "Col" Element Remote Heap Overflow (MS12-037 / CVE-2012-1876)

VUPEN Security Research - Microsoft Internet Explorer "Col" Element Remote Heap Overflow MS12-037 / CVE-2012-1876 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by...

9.3CVSS0.1AI score0.64962EPSS
Exploits27
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•77 views

VUPEN Security Research - Microsoft Internet Explorer "GetAtomTable" Remote Use-after-free (MS12-037 / CVE-2012-1875)

VUPEN Security Research - Microsoft Internet Explorer "GetAtomTable" Remote Use-after-free MS12-037 / CVE-2012-1875 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by...

9.3CVSS8.1AI score0.61655EPSS
Exploits11
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•63 views

QNAP Turbo NAS Multiple Vulnerabilities - Security Advisory

Sense of Security - Security Advisory - SOS-12-006 Release Date. 13-Jun-2012 Last Update. - Vendor Notification Date. 12-Mar-2012 Product. QNAP Platform. Turbo NAS verified and possibly others Affected versions. Firmware Version: 3.6.1 Build 0302T and prior Severity Rating. High Impact. Exposure ...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•63 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Advisory ID: cisco-sa-20120620-ac Revision 1.0 For Public Release 2012 June 20 16:00 UTC GMT +--------------------------------------------------------------------- Summary ======= T...

1AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•40 views

snmpd DoS

Crash on request to non-existent extension table entry...

3.5CVSS1.8AI score0.02167EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•36 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.01531EPSS
Exploits4References9Affected Software8
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•60 views

[ MDVSA-2012:099 ] net-snmp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:099 http://www.mandriva.com/security/ Package : net-snmp Date : June 21, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in net-snmp...

3.5CVSS7.6AI score0.02167EPSS
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•51 views

[security bulletin] HPSBMU02792 SSRT100820 rev.1 - HP Business Service Management (BSM), Remote Unauthorized Disclosure of Information, Unauthorized Modification, Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03377648 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03377648 Version: 1 HPSBMU02792...

10CVSS0.5AI score0.08659EPSS
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•140 views

SEC Consult SA-20120618-0 :: Western Digital ShareSpace WEB GUI Sensitive Data Disclosure

SEC Consult Vulnerability Lab Security Advisory 20120618-0 ======================================================================= title: WD ShareSpace WEB GUI Sensitive Data Disclosure product: WD ShareSpace network storage system vulnerable version: WD ShareSpace = v2.3.02 D and E series fixed...

7AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•27 views

HP Business Service Management multiple security vulnerabilities

Information leakage, unauthorized access, DoS...

10CVSS2.1AI score0.08659EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•55 views

SEC Consult SA-20120618-1 :: Airlock WAF overlong UTF-8 sequence bypass

SEC Consult Vulnerability Lab Security Advisory 20120618-1 ======================================================================= title: Airlock WAF overlong UTF-8 sequence bypass product: Airlock vulnerable version: = 4.2.4 without hotfix HF4213 fixed version: 4.2.5 impact: critical homepage:...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•74 views

VUPEN Security Research - Microsoft Internet Explorer "CollectionCache" Remote Use-after-free (MS12-037)

VUPEN Security Research - Microsoft Internet Explorer "CollectionCache" Remote Use-after-free MS12-037 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft an...

Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•47 views

Cisco Security Advisory: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Application Control Engine Administrator IP Address Overlap Vulnerability Advisory ID: cisco-sa-20120620-ace Revision 1.0 For Public Release 2012 June 20 16:00 UTC GMT +---------------------------------------------------------------------...

0.8AI score
Exploits0
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•46 views

CORE-2012-0530 - Lattice Diamond Programmer Buffer Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Lattice Diamond Programmer Buffer Overflow 1. Advisory Information Title: Lattice Diamond Programmer Buffer Overflow Advisory ID: CORE-2012-0530 Advisory URL:...

6.8CVSS0.1AI score0.04101EPSS
Exploits6
securityvulns
securityvulns
•added 2012/06/25 12:0 a.m.•155 views

Squiz CMS Multiple Vulnerabilities - Security Advisory - SOS-12-007

Sense of Security - Security Advisory - SOS-12-007 Release Date. 14-Jun-2012 Last Update. - Vendor Notification Date. 02-Apr-2012 Product. Squiz CMS Platform. Independent Affected versions. Squiz 4.6.3 verified and possibly others Severity Rating. Medium Impact. Exposure of session information...

7.3AI score
Exploits0
Total number of security vulnerabilities47153