Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2012/03/19 12:0 a.m.61 views

PHP Gift Registry 1.5.5 SQL Injection

Exploit Title: PHP Gift Registry 1.5.5 SQL Injection Date: 02/22/12 Author: G13 Software Link: https://sourceforge.net/projects/phpgiftreg/ Version: 1.5.5 Category: webapps php Vulnerability The userid parameter in the users.php file is vulnerable to SQL Injection. A user must be signed in to...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.97 views

Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities

Title: ====== Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=470 VL-ID: ===== 470 Introduction: ============= SysAid IT Enterprise Edition is an IT management solution that includes a suite of...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.139 views

Iciniti Store SQL Injection - Security Advisory - SOS-12-003

Sense of Security - Security Advisory - SOS-12-003 Release Date. 06-Mar-2012 Last Update. - Vendor Notification Date. 28-Jul-2011 Product. Iciniti Store Platform. Windows Affected versions. 4.3.3683.31484 verified, and possibly others Severity Rating. High Impact. Manipulation of data Attack...

Exploits0
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.67 views

pidgin OTR information leakage

Pidgin transmits OTR off-the-record conversations over DBUS in plaintext. This makes it possible for attackers that have gained user-level access on a host, to listen in on private conversations associated with the victim account. Pidgin is a popular Instant Messenger application that runs on a...

5.5AI score0.00739EPSS
Exploits2
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.72 views

Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability

Title: Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability Product : Lastguru ASP GuestBook Version : Free Version Vendor: http://www.LastGuru.com Class: Input Validation Error CVE: Remote: Yes Local: No Published: 2012-03-04 Updated: Impact : Medium CVSSv2 Base : 7.5,...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/03/19 12:0 a.m.51 views

Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities

Title: ====== Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=442 VL-ID: ===== 442 Introduction: ============= Designed to enable seamless voice and video communication, the CudaTel...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.20 views

Oracle Exadata Infiniband Switch security vulnerabilities

Default accounts, /conf/shadow file weak permissions...

3.2AI score
Exploits0References1
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.31 views

Linux systemd race conditions

Race conditions on symbolic links removal...

3.3CVSS1.7AI score0.00323EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.99 views

Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability Advisory ID: cisco-sa-20120314-fwsm Revision 1.0 For Public Release 2012 March 14 16:00 UTC GMT...

7.8CVSS0.7AI score0.02076EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.49 views

Cisco ASA / Cisco FSM multiple security vulnerabilities

Multiple DoS conditions, ActiveX code execution...

9.3CVSS2.6AI score0.06181EPSS
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.20 views

AST-2012-002: Remote Crash Vulnerability in Milliwatt Application

Asterisk Project Security Advisory - AST-2012-002 Product Asterisk Summary Remote Crash Vulnerability in Milliwatt Application Nature of Advisory Exploitable Stack Buffer Overflow with locally defined data Susceptibility Remote Unauthenticated Sessions Severity Minor Exploits Known No Reported On...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.80 views

ESA-2012-012: EMC Documentum eRoom Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-012: EMC Documentum eRoom multiple vulnerabilities EMC Identifier: ESA-2012-012 CVE Identifiers: CVE-2012-0398, CVE-2012-0404 Severity Rating: CVE-2012-0398 : CVSS Base Score is 5.8 AV:A/AC:L/Au:N/C:P/I:P/A:P CVE-2012-0404 : CVSS Base Score i...

7.5CVSS0.4AI score0.01323EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.20 views

Asterisk security vulnerabilities

Milliwatt Application buffer overflow, HTTP manager buffer overflow...

1.7AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.60 views

Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability [CVE-2012-1417]

============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product: Yealink Easy VOIP Phone Homepage:...

3.5CVSS6.8AI score0.01733EPSS
Exploits7
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.84 views

Oracle Exadata Infiniband Switch default logins and world readable shadow file

Oracle Exadata Infiniband Switch default logins and world readable shadow file Hi Bugtraq List, I've noticed a minor issue with the 1/4 rack Oracle Exadata Solution. What is Exadata? From Oracle.com "Oracle Exadata is the only database machine that provides extreme performance for both data...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.51 views

VMWare View multiple security vulnerabilities

Multiple XSS vulnerabilities...

7.2CVSS2AI score0.02015EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.31 views

Yealink VOIP Phone crossite sceripting

Crossite scripting in address book...

3.5CVSS1.7AI score0.01733EPSS
Exploits7References1
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.34 views

[ MDVSA-2012:030 ] systemd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:030 http://www.mandriva.com/security/ Package : systemd Date : March 16, 2012 Affected: 2011. Problem Description: A vulnerability has been found and corrected in systemd: A TOCTOU race condition was found i...

3.3CVSS9.1AI score0.00323EPSS
Exploits1
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.95 views

VMSA-2012-0004 VMware View privilege escalation and cross-site scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0004 Synopsis: VMware View privilege escalation and cross-site scripting Issue date: 2012-03-15 Updated on: 2012-03-15 initial...

7.2CVSS9.3AI score0.02015EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.61 views

Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability Advisory ID: cisco-sa-20120314-asaclient Revision 1.0 For Public Release 2012 March 14 16:00 UTC GMT...

9.3CVSS1.6AI score0.06181EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.51 views

AST-2012-003: Stack Buffer Overflow in HTTP Manager

Asterisk Project Security Advisory - AST-2012-003 Product Asterisk Summary Stack Buffer Overflow in HTTP Manager Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On 03/15/2012 Reported By Russell Bryan...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2012/03/18 12:0 a.m.92 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Advisory ID: cisco-sa-20120314-asa Revision 1.0 For Public Release 2012 March 14 16:00 UTC GMT...

7.8CVSS1.3AI score0.02778EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/17 12:0 a.m.54 views

[ MDVSA-2012:029 ] pidgin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:029 http://www.mandriva.com/security/ Package : pidgin Date : March 16, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in pidgin:...

6.4CVSS6.5AI score0.03549EPSS
Exploits1
securityvulns
securityvulns
added 2012/03/17 12:0 a.m.52 views

nginx fix for malformed HTTP responses from upstream servers

Hello, The nginx team has released stable version 1.0.14, and development version 1.1.17 of nginx web server, which include a fix for malformed HTTP responses from upstream servers: http://trac.nginx.org/nginx/changeset/4535/nginx http://trac.nginx.org/nginx/changeset/4531/nginx...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/03/17 12:0 a.m.56 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, privilege escalation, crossite access...

9.3CVSS2.7AI score0.0663EPSS
Exploits1Affected Software3
securityvulns
securityvulns
added 2012/03/17 12:0 a.m.39 views

nginx information leakage

Invalid server response can lead to server memory content disclosure...

5CVSS1.6AI score0.10417EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2012/03/14 12:0 a.m.62 views

Microsoft Windows multiple security vulnerabilities

Kernel drivers privileges escalation, DirectWrite API DoS, RDP memory corruption and DoS...

9.3CVSS4.4AI score0.86147EPSS
Exploits14Affected Software1
securityvulns
securityvulns
added 2012/03/14 12:0 a.m.29 views

Microsoft Visual Studio code execution

Unsafe add-in loading...

6.9CVSS2.7AI score0.01686EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2012/03/14 12:0 a.m.37 views

Microsoft WIndows DNS Server DoS

Crash on request processing...

5CVSS2.1AI score0.31083EPSS
Exploits1
securityvulns
securityvulns
added 2012/03/14 12:0 a.m.29 views

Microsoft Expression Design unsafe DLL loading

Unsafe DLL loading on .xpr and .design files processing...

9.3CVSS2.1AI score0.21892EPSS
Exploits5Affected Software1
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.68 views

ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-037 February 22, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - -...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.57 views

ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution http://www.zerodayinitiative.com/advisories/ZDI-12-039 February 22, 2012 - -- CVE ID: - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors: Orac...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.94 views

[USN-1395-1] PyPAM vulnerability

========================================================================== Ubuntu Security Notice USN-1395-1 March 08, 2012 python-pam vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.7AI score0.14294EPSS
Exploits6
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.35 views

Microsoft Internet Explorer multiple security vulnerabilities

Code execution, information leakage...

9.3CVSS2.3AI score0.65501EPSS
Exploits3References2Affected Software1
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.176 views

ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-038 February 22, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - --...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.47 views

glibc multiple security vulnerabilities

memcpy integer overflow, RPC DoS, vfprintf integer overflow...

6.8CVSS3.5AI score0.08458EPSS
Exploits11References1Affected Software1
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.50 views

Linux kernel multiple security vulnerabilities

LDM and NFSv4 file systems DoS, futexes privilege escalation...

7.2CVSS3.1AI score0.00499EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.55 views

[USN-1382-1] Light Display Manager vulnerability

========================================================================== Ubuntu Security Notice USN-1382-1 March 05, 2012 lightdm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.61 views

TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-12-01 February 22, 2012 - -- CVE ID: - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors: Oracle - ...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.36 views

python-pam memory corruption

Memory corruption on the passwords with NULL byte...

7.5CVSS2.1AI score0.14294EPSS
Exploits6References2Affected Software1
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.92 views

[USN-1396-1] GNU C Library vulnerabilities

========================================================================== Ubuntu Security Notice USN-1396-1 March 09, 2012 eglibc, glibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

7.5CVSS1.1AI score0.14323EPSS
Exploits15
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.57 views

ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-034 February 22, 2012 - -- CVE ID: CVE-2012-0150 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

9.3CVSS1.2AI score0.24272EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.71 views

ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-036 February 22, 2012 - -- CVE ID: CVE-2012-0155 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

9.3CVSS0.7AI score0.65501EPSS
Exploits1
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.56 views

[USN-1385-1] APT vulnerability

========================================================================== Ubuntu Security Notice USN-1385-1 March 06, 2012 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.3CVSS0.3AI score0.01335EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.39 views

[USN-1375-1] httplib2 vulnerability

========================================================================== Ubuntu Security Notice USN-1375-1 February 27, 2012 python-httplib2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.74 views

Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities

Quarterly CPU fixes nearly 80 different vulnerabilities...

7.8CVSS2AI score0.98945EPSS
Exploits28References14Affected Software11
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.206 views

ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-032 February 22, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.38 views

Light Display Manager / gdm / LTSP Display Manager file descriptor leakage

File descriptor is no closed before child proess is spawned...

2.1CVSS1AI score0.00762EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.74 views

[USN-1390-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1390-1 March 06, 2012 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.6AI score0.00499EPSS
Exploits5
securityvulns
securityvulns
added 2012/03/10 12:0 a.m.70 views

ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-035 February 22, 2012 - -- CVE ID: CVE-2012-0011 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...

9.3CVSS1AI score0.27418EPSS
Exploits1
Total number of security vulnerabilities47153