Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2012/06/17 12:0 a.m.39 views

Asterisk DoS

Crash in Skinny driver...

4CVSS1.5AI score0.01728EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.23 views

Checkpoint Endpoint Connect DLL hijacking

It's possible to load user provided library into system process...

6.9CVSS2.1AI score0.00399EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.33 views

HP Server Automation code execution

No description provided...

10CVSS1.8AI score0.74034EPSS
Exploits9References1
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.103 views

[SE-2012-01] Regarding Oracle's Critical Patch Update for Java SE

Dear All, Yesterday, Oracle released its Critical Patch Update for Java SE software 1, which incorporates fixes for 3 of more than 20+ security issues that were reported to the company in Apr 2012 2. We would like to inform, that while some of the Proof of Concept codes we developed for the...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.55 views

[SECURITY] [DSA 2481-1] arpwatch security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2481-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez June 2, 2012 http://www.debian.org/security/faq -...

10CVSS1.5AI score0.03202EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.35 views

Sielco Sistemi Winlog Buffer Overflow <= v2.07.14

!/usr/bin/ruby --------------------------------------------- Sielco Sistemi Winlog Buffer Overflow = v2.07.14 - Buffer overflow vulnerability Date: 04.06.2012 --------------------------------------------- - Description Winlog Lite is the entry level version of the SCADA/HMI software Winlog Pro...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.40 views

ComSndFTP Server Remote Format String Overflow Vulnerability

Title: ComSndFTP Server Remote Format String Overflow Vulnerability Software : ComSndFTP FTP Server Software Version : ComSndFTP 1.3.7 Beta Vendor: http://ftp.comsnd.com/ Vulnerability Published : 2012-06-07 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 5.0,...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.22 views

ComSndFTP FTP Server format string vulnerability

Format string vulnerability in USER command...

1.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.24 views

ESRI ArcMap code execution

MXD files may contain VBS scripts...

9.3CVSS1.4AI score0.23833EPSS
Exploits6References1Affected Software2
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.87 views

ZDI-12-093 : (Pwn2Own) Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-093 : Pwn2Own Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-093 June 12, 2012 - -- CVE ID: CVE-2012-1876 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - --...

9.3CVSS0.3AI score0.64962EPSS
Exploits27
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.74 views

ZDI-12-089 : HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-089 : HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-089 June 6, 2012 - -- CVE ID: CVE-2011-4164 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...

10CVSS0.3AI score0.08526EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.37 views

VMWare security vulnerabilities

DoS, memory corruption...

9.3CVSS2.8AI score0.03842EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.29 views

Opera URL spoof

It's possible to trace event when user leaves the site and to spoof site content...

4.3CVSS1.7AI score0.02001EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.42 views

CVE-2012-1661 - ESRI ArcMap arbitrary code execution via crafted map file.

Description: Opening a specially crafted mxd file will execute arbitrary code without prompting and without a crash of the application. This is due to a flaw in the programs ability to prompt a user before executing embedded VBA. Mxd files are not filtered by email systems so this allows a remote...

9.3CVSS2.9AI score0.23833EPSS
Exploits6
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.63 views

VMSA-2012-0011 VMware hosted products and ESXi and ESX patches address security issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0011 Synopsis: VMware hosted products and ESXi and ESX patches address security issues Issue date: 2012-06-14 Updated on: 2012-06-1...

9.3CVSS7.2AI score0.03842EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.72 views

Security Advisory - Checkpoint Endpoint Connect VPN - DLL Hijack

Security Advisory - Checkpoint Endpoint Connect VPN - DLL Hijack ================================================================================ Summary : Checkpoint Endpoint Connect VPN is prone to DLL hijacking Date : 12 June 2012 Affected versions : Endpoint Security VPN R75 Remote Access...

6.9CVSS7.2AI score0.00399EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.51 views

ffmpeg library multiple security vulnerabilities

Multiple security vulnerabilities on Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV parsing...

10CVSS3.2AI score0.04686EPSS
Exploits3References2Affected Software1
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.77 views

[SECURITY] [DSA 2494-1] ffmpeg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2494-1 [email protected] http://www.debian.org/security/ Florian Weimer June 14, 2012 http://www.debian.org/security/faq -...

6.8CVSS1.7AI score0.03233EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.72 views

[security bulletin] HPSBMU02790 SSRT100872 rev.1 - HP Server Automation, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03366886 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03366886 Version: 1 HPSBMU02790...

10CVSS0.7AI score0.74034EPSS
Exploits9
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.48 views

[CAL-2012-0015] opera website spoof

CAL-2012-0015 opera website spoof CVE ID: Opera did not assign ,please [email protected] assign CAL ID: CAL-2012-0015 ref: http://blog.vulnhunt.com/index.php/2012/06/14/cal-2012-0015-opera-website-spoof/ 1 Affected Products ================= 11.61 and prior 2 Vulnerability Details ===================...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.132 views

AdNovum NevisWeb Security Proxy Vulnerability - Cross-site scripting (XSS) within 302 Redirections

Hi all, nevisProxy is a Swiss secure reverse proxy with integrated web application firewall WAF. It acts as a central upstream entry point for web traffic to integrated online applications. nevisProxy controls user access and protects sensitive data, applications, services, and systems from...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.184 views

[security bulletin] HPSBMU02776 SSRT100852 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access to Data, Unauthorized Disclosure of Information Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03315912 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03315912 Version: 1 HPSBMU02776...

7.8CVSS0.6AI score0.98945EPSS
Exploits32
securityvulns
securityvulns
added 2012/06/17 12:0 a.m.93 views

HP Onboard Administrator multiple security vulnerabilities

Unauthorized access, DoS...

7.8CVSS2AI score0.98945EPSS
Exploits32References1Affected Software1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.40 views

RealNetworks RealPlayer multiple security vulnerabilities

Multiple vulnerabilities on different sofrmats parsing...

9.3CVSS2.7AI score0.04546EPSS
Exploits1References5Affected Software2
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.66 views

ZDI-12-075 : Apple Quicktime RLE Sample Decoding Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-075 : Apple Quicktime RLE Sample Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-075 June 6, 2012 - -- CVE ID: CVE-2012-0668 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Apple...

9.3CVSS0.9AI score0.04626EPSS
Exploits1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.52 views

PHP buffer overflow

Buffer overflow on tar files processing...

7.5CVSS3.8AI score0.42481EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.98 views

ZDI-12-090 : Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-090 : Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-090 June 8, 2012 - -- CVE ID: CVE-2012-0297 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

10CVSS0.72596EPSS
Exploits22
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.17 views

Network Instruments Observer security vulnerabilities

Buffer overflows on SNMP parsing...

4.1AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.49 views

ZDI-12-084 : RealNetworks RealPlayer RV10 Encoded Height/Width Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-084 : RealNetworks RealPlayer RV10 Encoded Height/Width Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-084 June 6, 2012 - -- CVE ID: CVE-2012-0926 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...

9.3CVSS0.6AI score0.03736EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.22 views

PHP PDO out-of-boundaures access

Out-of-bounds access via precompiled database request...

3.6AI score
Exploits0References1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.47 views

ZDI-12-085 : RealNetworks RealPlayer dmp4 esds Width Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-085 : RealNetworks RealPlayer dmp4 esds Width Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-085 June 6, 2012 - -- CVE ID: CVE-2011-4261 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

9.3CVSS0.3AI score0.02955EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.17 views

Microsoft IIS protection bypass

Password protection bypass, script files content access...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.30 views

Microsoft Dynamics AX crossite scripting

Crossite scripting via URLs...

4.3CVSS2.1AI score0.11014EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.132 views

ZDI-12-083 : Oracle Java OpenAL Library Pointer Manipulation Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-083 : Oracle Java OpenAL Library Pointer Manipulation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-083 June 6, 2012 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - -- Affected...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.65 views

ZDI-12-078 : Apple QuickTime SVQ3 Codec mb_skip_run Parsing Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-078 : Apple QuickTime SVQ3 Codec mbskiprun Parsing Remote Code Execution http://www.zerodayinitiative.com/advisories/ZDI-12-078 June 6, 2012 - -- CVE ID: CVE-2012-0669 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Apple - --...

9.3CVSS0.3AI score0.04997EPSS
Exploits1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.36 views

Secunia Research: Network Instruments Observer SNMP Processing Buffer Overflows

====================================================================== Secunia Research 07/06/2012 - Network Instruments Observer - - SNMP Processing Buffer Overflows - ====================================================================== Table of Contents Affected...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.82 views

[SECURITY] [DSA 2492-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2492-1 [email protected] http://www.debian.org/security/ Florian Weimer June 10, 2012 http://www.debian.org/security/faq -...

7.5CVSS2AI score0.42481EPSS
Exploits1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.42 views

[php<=5.4.3] Parsing Bug in PHP PDO prepared statements may lead to access violation

php=5.4.3 Parsing Bug in PHP PDO prepared statements may lead to access violation Affected Product: PHP Affected Component: PDO - PHP Data Objects Affected Versions: =5.4.3 latest version and trunk PHP Bug Ref: 61755 Patch: bug61755.diff Discovery Date: Feb...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.307 views

ZDI-12-081 : Oracle Java GlueGen Arbitrary Native Library Loading Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-081 : Oracle Java GlueGen Arbitrary Native Library Loading Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-081 June 6, 2012 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - --...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.63 views

ZDI-12-076 : Apple QuickTime MPEG Stream Padding Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-076 : Apple QuickTime MPEG Stream Padding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-076 June 6, 2012 - -- CVE ID: CVE-2012-0659 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Apple...

6.8CVSS0.6AI score0.03164EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.75 views

ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-080 June 6, 2012 - -- CVE ID: CVE-2012-0754 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

10CVSS0.5AI score0.9203EPSS
Exploits11
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.61 views

ZDI-12-079 : Apple QuickTime H264 Picture Width Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-079 : Apple QuickTime H264 Picture Width Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-079 June 6, 2012 - -- CVE ID: CVE-2012-0665 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors...

9.3CVSS0.7AI score0.04057EPSS
Exploits1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.91 views

Mictosoft Lync multiple security vulnerabilities

Font parsing vulnerabilities, unsafe DLL loading, crossite scripting...

9.3CVSS2.2AI score0.78285EPSS
Exploits8Affected Software2
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.90 views

IIS 6.0/7.5 Vulnerabilities [moderate risk] - ISOWAREZ BDAY RELEASE

THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed Authentication Bypass Affected software: Microsoft IIS 6.0 wi...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.78 views

Adobe Flash Player multiple security vulnerabilities

Memory corruptions, protection bypass, crossite scripting...

10CVSS1.6AI score0.9203EPSS
Exploits14References2Affected Software1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.56 views

ZDI-12-087 : RealNetworks RealPlayer raac.dll stsz Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-087 : RealNetworks RealPlayer raac.dll stsz Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-087 June 6, 2012 - -- CVE ID: CVE-2011-4260 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

9.3CVSS0.2AI score0.03017EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.75 views

Microsoft Remote Desktop memory corruption

Memory corruption on RDP packets processing...

9.3CVSS2.8AI score0.20933EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.35 views

Secunia Research: Network Instruments Observer SNMP OID Processing Denial of Service

====================================================================== Secunia Research 07/06/2012 - Network Instruments Observer - - SNMP OID Processing Denial of Service Vulnerability - ====================================================================== Table of Contents Affected...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.53 views

ZDI-12-092 : RealNetworks RealPlayer QCELP Stream Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-092 : RealNetworks RealPlayer QCELP Stream Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-092 June 8, 2012 - -- CVE ID: CVE-2011-4247 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

9.3CVSS0.5AI score0.03017EPSS
Exploits0
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.56 views

ZDI-12-077 : Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-077 : Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-077 June 6, 2012 - -- CVE ID: CVE-2012-0667 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendor...

9.3CVSS0.4AI score0.03442EPSS
Exploits6
Total number of security vulnerabilities47153