Securityvulns - Page 149 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2012/03/19 12:0 a.m.•69 views

YVS Image Gallery Sql injection

-=--------------------ADVISORY-------------------=- YVS Image Gallery Author: Corrado Liotta Aka CorryL [email protected] -=-----------------------------------------------=- -=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform:...

securityvulns•added 2012/03/19 12:0 a.m.•64 views

pidgin OTR information leakage

Pidgin transmits OTR off-the-record conversations over DBUS in plaintext. This makes it possible for attackers that have gained user-level access on a host, to listen in on private conversations associated with the victim account. Pidgin is a popular Instant Messenger application that runs on a...

5.5AI score0.00243EPSS

securityvulns•added 2012/03/19 12:0 a.m.•148 views

Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities

Title: ====== Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=443 VL-ID: ===== 443 Introduction: ============= The Enterasys C5 is a scalable, high-performance Gigabit Ethernet switch...

securityvulns•added 2012/03/19 12:0 a.m.•72 views

[security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service (DoS), Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03229235 Version: 1 HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service DoS, Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be...

10CVSS0.5AI score0.73656EPSS

securityvulns•added 2012/03/19 12:0 a.m.•45 views

Symfony2 Local File Disclosure - Security Advisory - SOS-12-002

Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without...

securityvulns•added 2012/03/19 12:0 a.m.•92 views

Case YVS Image Gallery

http://osvdb.org/show/osvdb/79477 The software "YVS Image Gallery" seems to be full of security issues. For example one can have lots of fun with this. Copy from installation.php: """ caseisset$POST'dbname': $host = $POST'host'; $dbname = $POST'dbname'; $dbusername = $POST'dbusername'; $dbpasswor...

securityvulns•added 2012/03/18 12:0 a.m.•20 views

AST-2012-002: Remote Crash Vulnerability in Milliwatt Application

Asterisk Project Security Advisory - AST-2012-002 Product Asterisk Summary Remote Crash Vulnerability in Milliwatt Application Nature of Advisory Exploitable Stack Buffer Overflow with locally defined data Susceptibility Remote Unauthenticated Sessions Severity Minor Exploits Known No Reported On...

securityvulns•added 2012/03/18 12:0 a.m.•51 views

VMWare View multiple security vulnerabilities

Multiple XSS vulnerabilities...

7.2CVSS2AI score0.00295EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/03/18 12:0 a.m.•94 views

VMSA-2012-0004 VMware View privilege escalation and cross-site scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0004 Synopsis: VMware View privilege escalation and cross-site scripting Issue date: 2012-03-15 Updated on: 2012-03-15 initial...

7.2CVSS9.3AI score0.00295EPSS

securityvulns•added 2012/03/18 12:0 a.m.•20 views

Oracle Exadata Infiniband Switch security vulnerabilities

Default accounts, /conf/shadow file weak permissions...

Exploits0References1

securityvulns•added 2012/03/18 12:0 a.m.•96 views

Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability Advisory ID: cisco-sa-20120314-fwsm Revision 1.0 For Public Release 2012 March 14 16:00 UTC GMT...

7.8CVSS0.7AI score0.02272EPSS

securityvulns•added 2012/03/18 12:0 a.m.•31 views

Linux systemd race conditions

Race conditions on symbolic links removal...

3.3CVSS1.7AI score0.00118EPSS

Exploits1References1Affected Software1

securityvulns•added 2012/03/18 12:0 a.m.•60 views

Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability Advisory ID: cisco-sa-20120314-asaclient Revision 1.0 For Public Release 2012 March 14 16:00 UTC GMT...

9.3CVSS1.6AI score0.06667EPSS

securityvulns•added 2012/03/18 12:0 a.m.•31 views

Yealink VOIP Phone crossite sceripting

Crossite scripting in address book...

3.5CVSS1.7AI score0.00931EPSS

Exploits7References1

securityvulns•added 2012/03/18 12:0 a.m.•79 views

ESA-2012-012: EMC Documentum eRoom Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-012: EMC Documentum eRoom multiple vulnerabilities EMC Identifier: ESA-2012-012 CVE Identifiers: CVE-2012-0398, CVE-2012-0404 Severity Rating: CVE-2012-0398 : CVSS Base Score is 5.8 AV:A/AC:L/Au:N/C:P/I:P/A:P CVE-2012-0404 : CVSS Base Score i...

7.5CVSS0.4AI score0.0046EPSS

securityvulns•added 2012/03/18 12:0 a.m.•50 views

AST-2012-003: Stack Buffer Overflow in HTTP Manager

Asterisk Project Security Advisory - AST-2012-003 Product Asterisk Summary Stack Buffer Overflow in HTTP Manager Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On 03/15/2012 Reported By Russell Bryan...

securityvulns•added 2012/03/18 12:0 a.m.•49 views

Cisco ASA / Cisco FSM multiple security vulnerabilities

Multiple DoS conditions, ActiveX code execution...

9.3CVSS2.6AI score0.06667EPSS

Exploits0References3Affected Software2

securityvulns•added 2012/03/18 12:0 a.m.•84 views

Oracle Exadata Infiniband Switch default logins and world readable shadow file

Oracle Exadata Infiniband Switch default logins and world readable shadow file Hi Bugtraq List, I've noticed a minor issue with the 1/4 rack Oracle Exadata Solution. What is Exadata? From Oracle.com "Oracle Exadata is the only database machine that provides extreme performance for both data...

securityvulns•added 2012/03/18 12:0 a.m.•57 views

Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability [CVE-2012-1417]

============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product: Yealink Easy VOIP Phone Homepage:...

3.5CVSS6.8AI score0.00931EPSS

securityvulns•added 2012/03/18 12:0 a.m.•18 views

Asterisk security vulnerabilities

Milliwatt Application buffer overflow, HTTP manager buffer overflow...

Exploits0References2Affected Software1

securityvulns•added 2012/03/18 12:0 a.m.•33 views

[ MDVSA-2012:030 ] systemd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:030 http://www.mandriva.com/security/ Package : systemd Date : March 16, 2012 Affected: 2011. Problem Description: A vulnerability has been found and corrected in systemd: A TOCTOU race condition was found i...

3.3CVSS9.1AI score0.00118EPSS

securityvulns•added 2012/03/18 12:0 a.m.•86 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Advisory ID: cisco-sa-20120314-asa Revision 1.0 For Public Release 2012 March 14 16:00 UTC GMT...

7.8CVSS1.3AI score0.02272EPSS

securityvulns•added 2012/03/17 12:0 a.m.•51 views

nginx fix for malformed HTTP responses from upstream servers

Hello, The nginx team has released stable version 1.0.14, and development version 1.1.17 of nginx web server, which include a fix for malformed HTTP responses from upstream servers: http://trac.nginx.org/nginx/changeset/4535/nginx http://trac.nginx.org/nginx/changeset/4531/nginx...

securityvulns•added 2012/03/17 12:0 a.m.•39 views

nginx information leakage

Invalid server response can lead to server memory content disclosure...

5CVSS1.6AI score0.04101EPSS

Exploits1References1Affected Software1

securityvulns•added 2012/03/17 12:0 a.m.•56 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, privilege escalation, crossite access...

9.3CVSS2.7AI score0.07333EPSS

Exploits1Affected Software3

securityvulns•added 2012/03/17 12:0 a.m.•53 views

[ MDVSA-2012:029 ] pidgin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:029 http://www.mandriva.com/security/ Package : pidgin Date : March 16, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in pidgin:...

6.4CVSS6.5AI score0.01136EPSS

securityvulns•added 2012/03/14 12:0 a.m.•29 views

Microsoft Expression Design unsafe DLL loading

Unsafe DLL loading on .xpr and .design files processing...

9.3CVSS2.1AI score0.44025EPSS

Exploits5Affected Software1

securityvulns•added 2012/03/14 12:0 a.m.•29 views

Microsoft Visual Studio code execution

Unsafe add-in loading...

6.9CVSS2.7AI score0.02767EPSS

Exploits1Affected Software1

securityvulns•added 2012/03/14 12:0 a.m.•37 views

Microsoft WIndows DNS Server DoS

Crash on request processing...

5CVSS2.1AI score0.62574EPSS

securityvulns•added 2012/03/14 12:0 a.m.•62 views

Microsoft Windows multiple security vulnerabilities

Kernel drivers privileges escalation, DirectWrite API DoS, RDP memory corruption and DoS...

9.3CVSS4.4AI score0.87379EPSS

Exploits14Affected Software1

securityvulns•added 2012/03/10 12:0 a.m.•54 views

[USN-1382-1] Light Display Manager vulnerability

========================================================================== Ubuntu Security Notice USN-1382-1 March 05, 2012 lightdm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

securityvulns•added 2012/03/10 12:0 a.m.•73 views

[USN-1390-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1390-1 March 06, 2012 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.6AI score0.00182EPSS

securityvulns•added 2012/03/10 12:0 a.m.•98 views

LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts - Security Advisory 2012-03-01 === PyPAM -- Python bindings for PAM - Double Free Corruption - --------------------------------------------------------- Affected Versions ================= PyPAM = 0.4.2 Red Hat PyPAM =...

7.5CVSS6.3AI score0.25639EPSS

securityvulns•added 2012/03/10 12:0 a.m.•68 views

ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-036 February 22, 2012 - -- CVE ID: CVE-2012-0155 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

9.3CVSS0.7AI score0.56965EPSS

securityvulns•added 2012/03/10 12:0 a.m.•38 views

Light Display Manager / gdm / LTSP Display Manager file descriptor leakage

File descriptor is no closed before child proess is spawned...

2.1CVSS1AI score0.00196EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/03/10 12:0 a.m.•61 views

TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-12-01 February 22, 2012 - -- CVE ID: - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors: Oracle - ...

securityvulns•added 2012/03/10 12:0 a.m.•56 views

ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-034 February 22, 2012 - -- CVE ID: CVE-2012-0150 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

9.3CVSS1.2AI score0.59759EPSS

securityvulns•added 2012/03/10 12:0 a.m.•39 views

[USN-1375-1] httplib2 vulnerability

========================================================================== Ubuntu Security Notice USN-1375-1 February 27, 2012 python-httplib2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

securityvulns•added 2012/03/10 12:0 a.m.•34 views

Microsoft Internet Explorer multiple security vulnerabilities

Code execution, information leakage...

9.3CVSS2.3AI score0.56965EPSS

Exploits3References2Affected Software1

securityvulns•added 2012/03/10 12:0 a.m.•204 views

ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-032 February 22, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

securityvulns•added 2012/03/10 12:0 a.m.•55 views

[USN-1385-1] APT vulnerability

========================================================================== Ubuntu Security Notice USN-1385-1 March 06, 2012 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.3CVSS0.3AI score0.00118EPSS

securityvulns•added 2012/03/10 12:0 a.m.•50 views

Linux kernel multiple security vulnerabilities

LDM and NFSv4 file systems DoS, futexes privilege escalation...

7.2CVSS3.1AI score0.00053EPSS

Exploits6References1Affected Software1

securityvulns•added 2012/03/10 12:0 a.m.•31 views

python-httplib information leakage

SSL certificates are not checked...

Exploits0References1Affected Software1

securityvulns•added 2012/03/10 12:0 a.m.•47 views

glibc multiple security vulnerabilities

memcpy integer overflow, RPC DoS, vfprintf integer overflow...

6.8CVSS3.5AI score0.03036EPSS

Exploits11References1Affected Software1

securityvulns•added 2012/03/10 12:0 a.m.•91 views

[USN-1395-1] PyPAM vulnerability

========================================================================== Ubuntu Security Notice USN-1395-1 March 08, 2012 python-pam vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.7AI score0.25639EPSS

securityvulns•added 2012/03/10 12:0 a.m.•87 views

[USN-1396-1] GNU C Library vulnerabilities

========================================================================== Ubuntu Security Notice USN-1396-1 March 09, 2012 eglibc, glibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

7.5CVSS1.1AI score0.06775EPSS

securityvulns•added 2012/03/10 12:0 a.m.•176 views

ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-038 February 22, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - --...

securityvulns•added 2012/03/10 12:0 a.m.•52 views

Microsoft Windows multiple security vulnerabilities

GDI code execution, drivers privilege escalation, unsafe DLL loading, C Runtime code execution, .Net framework and Silverlight vulnerabilities...

9.3CVSS4.2AI score0.75536EPSS

Exploits5References1Affected Software1

securityvulns•added 2012/03/10 12:0 a.m.•56 views

ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution http://www.zerodayinitiative.com/advisories/ZDI-12-039 February 22, 2012 - -- CVE ID: - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors: Orac...

securityvulns•added 2012/03/10 12:0 a.m.•67 views

ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-037 February 22, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - -...

Total number of security vulnerabilities47153