Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2012/03/09 12:0 a.m.52 views

ESA-2012-013: RSA SecurID(r) Software Token Converter buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-013: RSA SecurID® Software Token Converter buffer overflow vulnerability Advisories Updated March 2, 2012 Summary: RSA SecurID® Software Token Converter contains a buffer overflow vulnerability that could allow a malicious user to compromise ...

7.6CVSS0.9AI score0.02752EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/09 12:0 a.m.67 views

[SECURITY] [DSA 2427-1] imagemagick security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2427-1 [email protected] http://www.debian.org/security/ Florian Weimer March 06, 2012 http://www.debian.org/security/faq -...

9.3CVSS1.3AI score0.03816EPSS
Exploits0
securityvulns
securityvulns
added 2012/03/09 12:0 a.m.47 views

Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability Advisory ID: cisco-sa-20120229-cius Revision 1.0 For Public Release 2012 February 29 16:00 UTC GMT +-------------------------------------------------------------------- Summary...

7.8CVSS0.4AI score0.01333EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/24 12:0 a.m.43 views

libxmls library DoS

Predictable hash function collisions lead to resources exhaustion...

5CVSS1.5AI score0.0326EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/24 12:0 a.m.47 views

[ MDVSA-2012:023 ] libxml2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:023 http://www.mandriva.com/security/ Package : libxml2 Date : February 22, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in libxml2: I...

5CVSS8.5AI score0.0326EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.74 views

SQL Injection Vulnerabilities in TestLink

------------------ Information ------------------ Name: SQL Injection Vulnerabilities in TestLink Software tested: TL v1.8.5b & checked in v1.9.3 prior version may be affected Vendor Homepage: http://www.teamst.org Vendor Notification: 27 January 2012 Vendor Patch: 4 February 2012 Public...

6.5CVSS7.8AI score0.05837EPSS
Exploits3
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.47 views

SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional

SEC Consult Vulnerability Lab Security Advisory 20120220-0 ======================================================================= title: Multiple critical vulnerabilities product: VOXTRONIC voxlog professional - voice recording solution vulnerable version: VOXTRONIC voxlog professional = 3.7.2.7...

Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.207 views

OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities

OVERVIEW OxWall 1.1.1 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Oxwall is a free open source software package for building social networks, family sites and collaboration systems. It is a flexible community website engine developed with the aim to provide people...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.35 views

CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated]

OVERVIEW The CubeCart 3.0.20 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.32 views

PHP code execution

filterglobals structure is not cleaned under some conditions...

2.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.13 views

Mercurycom MR804 router buffer overflow

Buffer overflow on HTTP request headers parsgng...

2.5AI score
Exploits0References1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.24 views

ELBA multiple security vulnerabilities

DoS, information leakage, SQL injection...

1.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.55 views

WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability

Advisory: WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability Advisory ID: SSCHADV2012-003 Author: Stefan Schurtz Affected Software: Successfully tested on WebsiteBaker 2.8.2 SP2 Vendor URL: www.websitebaker2.org Vendor Status: fixed ========================== Vulnerability Description...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.40 views

SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5

SEC Consult Vulnerability Lab Security Advisory 20120220-1 ======================================================================= title: Multiple Vulnerabilities in ELBA5 product: ELBA 5 vulnerable version: ELBA 5.4.1 5.5.0 R00004 build 0778 fixed version: partially in 5.5.0 R00004 build 0778 al...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.45 views

Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability

Title: Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability Product : Mercurycom MR804 Router Hardware Version : MR804 v8.0 081C3113 Software Version : 3.8.1 Build 101220 Rel.53006nB Vendor: http://www.mercurycom.com.cn/ Class: Boundary Condition Error CVE: Remote...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.102 views

Multiple vulnerabilities in 11in1

Advisory ID: HTB23071 Product: 11in1 Vendor: 11in1 Vulnerable Versions: 1.2.1 stable 12-31-2011 and probably prior Tested Version: 1.2.1 stable 12-31-2011 Vendor Notification: 25 January 2012 Public Disclosure: 15 February 2012 Vulnerability Type: Local File Inclusion, Сross-Site Request Forgery...

6.8CVSS6.2AI score0.09794EPSS
Exploits3
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.79 views

Mozilla Foundation Security Advisory 2012-11

Mozilla Foundation Security Advisory 2012-11 Title: libpng integer overflow Impact: Critical Announced: February 16, 2012 Reporter: Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0.2 Firefox ESR 10.0.2 Firefox 3.6.27 Thunderbird 10.0.2 Thunderbird ESR 10.0.2 Thunderbird 3.1.19...

7.5CVSS2.7AI score0.73164EPSS
Exploits1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.51 views

libpng integer overflow

Integer overflow on PNG parsing leads to heap buffer overflow...

7.5CVSS4AI score0.73164EPSS
Exploits1References1Affected Software5
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.59 views

Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities

OVERVIEW Dolphin 7.0.7 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Dolphin is the only "all-in-one" free community software platform for creating your own social networking, community or online dating site without any limits and under your full control. Dolphin comes...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.51 views

libvorbis library buffer overflow

Heap buffer overflow on ogg files parsing...

10CVSS4.1AI score0.07936EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.42 views

[SECURITY] [DSA 2411-1] mumble security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2411-1 [email protected] http://www.debian.org/security/ Florian Weimer February 19, 2012 http://www.debian.org/security/faq -...

2.1CVSS1.5AI score0.00384EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.25 views

mumble weak permissions

Weak permissions for configuration files...

2.1CVSS1.6AI score0.00384EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.53 views

Debian debdiff multiple security vulnerabilities

Information leakage, code execution...

9.3CVSS3.5AI score0.05816EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.68 views

[SECURITY] [DSA 2412-1] libvorbis security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2412-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 19, 2012 http://www.debian.org/security/faq -...

10CVSS1.9AI score0.07936EPSS
Exploits1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.81 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.09794EPSS
Exploits16References11Affected Software9
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.104 views

CMS wizard Cross Site Scripting

================================================================= -=CMS wizard Cross Site Scripting ================================================================= Author: XaDaL Date: 14-02-2012 vendor: http://www.cmswizard.co.uk/ tested on: windows mobile dork : powered by CMS wizard This...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.30 views

Skype v5.6.59.x - Memory Corruption Vulnerability

Title: ====== Skype v5.6.59.x - Memory Corruption Vulnerability Date: ===== 2012-02-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=315 VL-ID: ===== 315 Introduction: ============= Skype is a software application that allows users to make voice and video calls and...

Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.51 views

PHP 5.2.x Remote Code Execution Vulnerability

Release Date: 17 February 2012 Affected Versions: 5.2.0 - 5.2.17 unsupported version ------------------------------------------------------------------------------------------ Description: If PHP bails out in startup stage before setting PGmodulesactivated to 1, the filterglobals struct is not...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.44 views

Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20120215-nxos Revision 1.0 For Public Release 2012 February 15 16:00 UTC GMT...

7.8CVSS0.4AI score0.01313EPSS
Exploits1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.36 views

[SECURITY] [DSA 2409-1] devscripts security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2409-1 [email protected] http://www.debian.org/security/ Raphael Geissert February 15, 2012 http://www.debian.org/security/faq -...

9.3CVSS0.9AI score0.05816EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.30 views

Cisco Nexus switches DoS

Crash on IP filtering...

7.8CVSS1.4AI score0.01313EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.72 views

F*EX 20111129-2 Cross Site Scripting Vulnerability

------------------------------------------------------------------------ FEX 20111129-2 Cross Site Scripting Vulnerability ------------------------------------------------------------------------ title.............: FEX 20111129-2 Cross Site Scripting Vulnerabilities author............: muuratsal...

7AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.85 views

Multiple vulnerabilities in LEPTON

Advisory ID: HTB23072 Product: LEPTON Vendor: LEPTON Project Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Vendor Notification: 25 January 2012 Vendor Patch: 4 February 2012 Public Disclosure: 15 February 2012 Vulnerability Type: Local File Inclusion, SQL Injection, Cross Si...

7.5CVSS0.2AI score0.0188EPSS
Exploits5
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.64 views

Pandora FMS v4.0.1 - Local File Include Vulnerability + VD Session

Title: ====== Pandora FMS v4.0.1 - Local File Include Vulnerability Date: ===== 2012-02-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=435 VL-ID: ===== 435 Introduction: ============= Pandora FMS is a monitoring Open Source software. It watches your systems and...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.403 views

Skype memory corruption

Memory corruption on file transfer...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.129 views

http://www.adobe.com/support/security/bulletins/apsb12-03.html

Security update available for Adobe Flash Player Release date: February 15, 2012 Vulnerability identifier: APSB12-03 CVE number: CVE-2012-0751, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756, CVE-2012-0767 Platform: All Platforms SUMMARY This update addresses critical...

10CVSS1.1AI score0.9203EPSS
Exploits13
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.21 views

FreePBX information leakage

It's possible to obtain extensions passwords via genampconf.php...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.44 views

Adobe Shockwave Player multiple security vulnerabilities

Buffer overflow, multiple memory corruptions...

10CVSS3.2AI score0.06012EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.93 views

[CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow

CAL-2011-0071Adobe Shockwave Player Parsing cupt atom heap overflow Discover: instruder of code audit labs of vulnhunt.com CAL: CAL-2011-0071 CVE: CVE-2012-0758 http://blog.vulnhunt.com/index.php/2012/02/15/cal-2011-0071adobe-shockwave-player-parsing-cupt-atom-heap-overflow/ adobe security...

10CVSS0.06012EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.93 views

[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability

CAL-2011-0055Adobe Shockwave Player Parsing blockcout memory corruption vulnerability Discover: instruder of code audit labs of vulnhunt.com CAL: CAL-2011-0055 CVE: CVE-2012-0759...

10CVSS1.8AI score0.03792EPSS
Exploits1
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.149 views

Security update available for Adobe Shockwave Player

Security update available for Adobe Shockwave Player Release date: February 14, 2012 Vulnerability identifier: APSB12-02 CVE number: CVE-2012-0757, CVE-2012-0758, CVE-2012-0759, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, CVE-2012-0766 Platform: Windows and Macintos...

10CVSS3.1AI score0.06012EPSS
Exploits1
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.39 views

FreePBX Remote Exploit

FreePBX web interface remote vulnerability The admin username and password for the web interface is stored in plain text in this publicly accessible file: http://yourip/admin/modules/framework/bin/genampconf.php Which allows a hacker to access the web GUI and view the secretspasswords for each...

2.3AI score
Exploits0
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.81 views

eFront Community++ v3.6.10 - SQL Injection Vulnerability

Title: ====== eFront Community++ v3.6.10 - SQL Injection Vulnerability Date: ===== 2012-02-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=422 VL-ID: ===== 422 Introduction: ============= Tailored with larger organizations in mind, eFront Community ++ offers solution...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.27 views

HP Network Automation unauthorized access

No description provided...

9.3CVSS2.2AI score0.09161EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.48 views

NX Web Companion Spoofing Arbitrary Code Execution Vulnerability

Vuln Title: NX Web Companion Spoofing Arbitrary Code Execution Vulnerability Date: 25.01.2012 Author: otr Software Link: http://www.nomachine.com/documents/plugin/install.php Version: = 3.x Tested on: Linux, Windows, Mac OS X x86, Mac OS X PPC, Solaris CVE : None, yet Summary The No Machine NX We...

1.9AI score
Exploits0
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.76 views

FW: mutant200s DreamBox Arbitrary File Download Vulnerability

Exploit Title: mutant200s DreamBox Arbitrary File Download Vulnerability Google Dork: Date: 30/01 /2012 Author: k3vin mitnick Software Link: Version: Tested on: CVE : DreamBox DM500+ Arbitrary File Download Vulnerability Vendor: Dream Multimedia GmbH Product web page:...

1.9AI score
Exploits0
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.51 views

Linux kernel multiple security vulnerabilities

File systems privilege escalation, /proc privilege escalation, IGMP DoS...

7.8CVSS2.8AI score0.20492EPSS
Exploits18References1Affected Software1
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.63 views

Microsoft Visio Viewer multiple security vulnerabilities

Multiple memory corruptions on VSD files parsing...

9.3CVSS3.3AI score0.20287EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.33 views

Microsoft SharePoint multiple XSS

XSS in different pages...

4.3CVSS1.3AI score0.18001EPSS
Exploits0Affected Software2
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.96 views

[USN-1364-1] Linux kernel (OMAP4) vulnerabilities

========================================================================== Ubuntu Security Notice USN-1364-1 February 13, 2012 linux-ti-omap4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

7.8CVSS0.3AI score0.20492EPSS
Exploits18
Total number of security vulnerabilities47153