Securityvulns - Page 153 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2012/02/13 12:0 a.m.•52 views

ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-021 February 8, 2012 - -- CVE ID: CVE-2011-4373 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

7.5CVSS0.4AI score0.08394EPSS

securityvulns•added 2012/02/13 12:0 a.m.•68 views

ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-023 February 8, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

securityvulns•added 2012/02/13 12:0 a.m.•87 views

CSRF (Cross-Site Request Forgery) in DClassifieds

Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...

securityvulns•added 2012/02/13 12:0 a.m.•46 views

Adobe Acrobat / Reader multiple security vulnerabilities

Code execution, multiple memory corruptions...

10CVSS2.7AI score0.91601EPSS

Exploits12References3Affected Software2

securityvulns•added 2012/02/13 12:0 a.m.•63 views

Bart`s CMS - SQL Injection Vulnerability

Title: ====== Barts CMS - SQL Injection Vulnerability Date: ===== 2012-01-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=390 VL-ID: ===== 390 Introduction: ============= It is a website Content Management System that is build with Codecharge Studio. There will also ...

securityvulns•added 2012/02/13 12:0 a.m.•53 views

eFronts Community++ v3.6.10 - Cross Site Vulnerability

Title: ====== eFronts Community++ v3.6.10 - Cross Site Vulnerability Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=423 VL-ID: ===== 423 Introduction: ============= Tailored with larger organizations in mind, eFront Community ++ offers solutions...

securityvulns•added 2012/02/13 12:0 a.m.•57 views

XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge)

Attach some PoC analysis related to a XSS vulnerability to phpldapadmin. I previously coordinate with the Cert-US in order they contact with Sourceforge and Debian, but receive they was unable to put in contact with them. The first discover was on January 10 for 1.1.6 version, where after noticed...

securityvulns•added 2012/02/13 12:0 a.m.•25 views

sudo format string vulnerability

Format string vulnerability on logging...

Exploits0References1Affected Software1

securityvulns•added 2012/02/13 12:0 a.m.•53 views

SQL Injection Vulnerability in Batavi 1.1.2

Information -------------------- Name : SQL Injection Vulnerability in Batavi Software : Batavi 1.1.2 and possibly below. Vendor Homepage : http://www.batavi.org Vulnerability Type : SQL Injection Severity : Critical Researcher : Onur Y?lmaz Advisory Reference : NS-12-003 Description...

securityvulns•added 2012/02/13 12:0 a.m.•59 views

SimpleGroupware 0.742 Cross-Site-Scripting vulnerability

Advisory: SimpleGroupware 0.742 Cross-Site-Scripting vulnerability Advisory ID: INFOSERVE-ADV2012-01 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on SimpleGroupware 0.742 Vendor URL: http://www.simple-groupware.de/ Vendor Status: fixed see Changelog...

securityvulns•added 2012/02/13 12:0 a.m.•57 views

ESA-2012-005: EMC NetWorker buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-005: EMC NetWorker buffer overflow vulnerability. EMC Identifier: ESA-2012-005 EMC Identifier: NW135173 CVE Identifier: CVE-2012-0395 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC NetWorker Server...

9.3CVSS2AI score0.03542EPSS

securityvulns•added 2012/02/13 12:0 a.m.•95 views

Wordpress Kish Guest Posting Plugin 1.0 (uploadify.php) Unrestricted File Upload Vulnerability

-------------------------------------------------------------------------------- Wordpress Kish Guest Posting Plugin 1.0 uploadify.php Unrestricted File Upload -------------------------------------------------------------------------------- author............: Egidio Romano aka EgiX...

securityvulns•added 2012/02/13 12:0 a.m.•58 views

ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-019 January 30, 2012 - -- CVE ID: CVE-2012-0188 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:...

9.3CVSS0.3AI score0.04977EPSS

securityvulns•added 2012/02/13 12:0 a.m.•49 views

Multiple vulnerabilities in postfixadmin

Advisory ID: CSA-12002 Title: Multiple vulnerabilities in postfixadmin Product: postfixadmin Version: 2.3.4 and probably prior Vendor: www.postifixadmin.org Vulnerability type: SQL injection, XSS Vendor notification: 2012-01-10 Public disclosure: 2012-01-26 postfixadmin version 2.3.4 and probably...

securityvulns•added 2012/02/13 12:0 a.m.•41 views

CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache CXF 2.4.5 and 2.5.1 Description: CXF does not validate a WS-Security UsernameToken receiv...

7.5CVSS0.1AI score0.00671EPSS

securityvulns•added 2012/02/13 12:0 a.m.•59 views

Cyberoam Central Console v2.00.2 - File Include Vulnerability

Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=405 VL-ID: ===== 405 Introduction: ============= Cyberoam Central Console CCC appliances offer the flexibility of hardware...

securityvulns•added 2012/02/13 12:0 a.m.•33 views

ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-031 February 8, 2012 - -- CVE ID: CVE-2011-4194 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...

7.5CVSS1.1AI score0.08111EPSS

securityvulns•added 2012/02/13 12:0 a.m.•40 views

[ GLSA 201201-18 ] bip: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 201201-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

6.5CVSS0.4AI score0.04519EPSS

securityvulns•added 2012/02/13 12:0 a.m.•48 views

DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass

Title ----- DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass Severity -------- High Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Date Discovered --------------- December 7, 2011 Vulnerability Description...

securityvulns•added 2012/02/13 12:0 a.m.•32 views

Advisory: sudo 1.8 Format String Vulnerability

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +--++ Authors joernchen joernchen phenoelit de Phenoelit Group http://www.phenoelit.de Affected Products sudo 1.8.0 - 1.8.3p1 http://sudo.ws Vendor communication 2012-01-24 Send vulnerability details to sudo maintainer 2012-01-24 Maintainer ...

securityvulns•added 2012/02/13 12:0 a.m.•62 views

[SECURITY] [DSA 2395-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2395-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2012 http://www.debian.org/security/faq -...

4.3CVSS0.6AI score0.11114EPSS

securityvulns•added 2012/02/13 12:0 a.m.•33 views

Wireshark multiple security vulnerabilities

LANalyzer buffer overflow, DoS...

4.3CVSS2.5AI score0.11114EPSS

Exploits4References1Affected Software1

securityvulns•added 2012/02/13 12:0 a.m.•45 views

Multiple vulnerabilities in OpenEMR

Advisory ID: HTB23069 Product: OpenEMR Vendor: OEMR Vulnerable Version: 4.1.0 and probably prior Tested Version: 4.1.0 Vendor Notification: 11 January 2012 Vendor Patch: 29 January 2012 Public Disclosure: 01 February 2012 Vulnerability Type: Local File Inclusion, Arbitrary Command Execution...

securityvulns•added 2012/02/12 12:0 a.m.•55 views

[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability

-------------------------------------------------------------------------------------------------- CVE-2011-4367: Apache MyFaces information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: MyFaces Core 2.0.1 to 2.0.11 MyFaces Core 2.1.0 to...

5CVSS0.5AI score0.8592EPSS

securityvulns•added 2012/02/12 12:0 a.m.•81 views

[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability

-------------------------------------------------------------------------------------------------- CVE-2011-4367: Apache MyFaces information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: MyFaces Core 2.0.1 to 2.0.11 MyFaces Core 2.1.0 to...

5CVSS0.5AI score0.8592EPSS

securityvulns•added 2012/02/12 12:0 a.m.•85 views

[SECURITY] [DSA 2407-1] cvs security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2407-1 [email protected] http://www.debian.org/security/ Florian Weimer February 09, 2012 http://www.debian.org/security/faq -...

10CVSS3.5AI score0.02507EPSS

securityvulns•added 2012/02/12 12:0 a.m.•36 views

Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities

Title: ====== Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities Date: ===== 2012-02-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=429 VL-ID: ===== 429 Introduction: ============= Scriptable, distributed and object oriented Hosting Platform. Manage...

securityvulns•added 2012/02/12 12:0 a.m.•44 views

Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities

Title: ====== Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=428 VL-ID: ===== 428 Introduction: ============= Dolibarr ERP & CRM is a modern software to manage your company or foundation...

securityvulns•added 2012/02/12 12:0 a.m.•32 views

CVS client buffer overflow

Heap buffer overflow on server response parsing...

10CVSS3.6AI score0.02507EPSS

Exploits0References1

securityvulns•added 2012/02/12 12:0 a.m.•40 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.8592EPSS

Exploits3References9Affected Software6

securityvulns•added 2012/02/12 12:0 a.m.•63 views

Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities

Title: ====== Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities Date: ===== 2012-02-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=427 VL-ID: ===== 427 Introduction: ============= Dolibarr ERP & CRM is a modern software to manage your company or foundation...

securityvulns•added 2012/02/12 12:0 a.m.•59 views

OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities

Title: ====== OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=426 VL-ID: ===== 426 Introduction: ============= Onxshop is not only great CMS offering integrated in-context editing and full design...

securityvulns•added 2012/02/12 12:0 a.m.•41 views

[ MDVSA-2012:016 ] glpi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:016 http://www.mandriva.com/security/ Package : glpi Date : February 10, 2012 Affected: Enterprise Server 5.0 Problem Description: A File Inclusion vulnerability was discovered and corrected in GLPI. This...

6.5CVSS6AI score0.00607EPSS

securityvulns•added 2012/02/12 12:0 a.m.•71 views

eFront Community++ v3.6.10 - Multiple Web Vulnerabilities

Title: ====== eFront Community++ v3.6.10 - Multiple Web Vulnerabilities Date: ===== 2012-02-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=421 VL-ID: ===== 421 Introduction: ============= Tailored with larger organizations in mind, eFront Community ++ offers solutio...

securityvulns•added 2012/02/12 12:0 a.m.•57 views

CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability

OVERVIEW The CubeCart 3.0.20 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful...

securityvulns•added 2012/02/08 12:0 a.m.•46 views

[USN-1352-1] Software Properties vulnerability

========================================================================== Ubuntu Security Notice USN-1352-1 January 31, 2012 software-properties vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

4.3CVSS0.9AI score0.00134EPSS

securityvulns•added 2012/02/08 12:0 a.m.•65 views

[USN-1351-1] AccountsService vulnerability

========================================================================== Ubuntu Security Notice USN-1351-1 January 31, 2012 accountsservice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

3.6CVSS1.4AI score0.00053EPSS

securityvulns•added 2012/02/08 12:0 a.m.•26 views

Opera array index overflow

Integer overflows in array functions...

Exploits0References1Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•68 views

PHP security vulnerabilities

Reading outside allocated memory on JPEG exif headers parsing. CPU exhaustion because of predictable hash collisions for form data...

7.5CVSS2.5AI score0.85815EPSS

Exploits18References2Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•135 views

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability. EMC Identifier: ESA-2012-010 EMC Identifier: SRCH-7949 CVE Identifier: CVE-2012-0396 Severity Rating: CVSS v2 Base Score: 4.0 AV:N/AC:L/Au:S/C:P/I:N/A:N Affected products: EMC S...

4CVSS0.7AI score0.00251EPSS

securityvulns•added 2012/02/08 12:0 a.m.•63 views

Mathopd - Directory Traversal Vulnerability

Hi, Mathopd - Security Alerts Directory Traversal Vulnerability Reported: 2 February 2012 Older versions of the software have a vulnerability that could lead to directory traversal if the '' construct for mass virtual hosting is used. Affected: all 1.4 versions, all 1.5 versions up to 1.5p7. Fixe...

securityvulns•added 2012/02/08 12:0 a.m.•27 views

Ubuntu utilities security vulnerabilities

AccountsService and Software Properties privlege escalation...

4.3CVSS4AI score0.00134EPSS

Exploits0References2Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•22 views

usbmuxd buffer overflow

Buffer overflow on USB device SerialNumber parsing...

4.6CVSS5.3AI score0.00255EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•52 views

[USN-1349-1] X.Org vulnerability

========================================================================== Ubuntu Security Notice USN-1349-1 January 26, 2012 xorg vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

4.6CVSS0.3AI score0.00084EPSS

securityvulns•added 2012/02/08 12:0 a.m.•44 views

Linux privilege escalation

Under some condirions memwrite allows to overrite process memory...

6.9CVSS4AI score0.64291EPSS

Exploits11Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•33 views

EMC Documentum xPlore information leakage

Under specific circumstances, an authenticated user who does not have BROWSE permission on the object may be able to see the existence of or certain metadata on that object in a search result...

4CVSS2.1AI score0.00251EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•58 views

[USN-1346-1] curl vulnerability

========================================================================== Ubuntu Security Notice USN-1346-1 January 24, 2012 curl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.5CVSS0.6AI score0.10342EPSS

securityvulns•added 2012/02/08 12:0 a.m.•44 views

[CAL-2012-0004] opera array integer overflow

CAL-2012-0004 opera array integer overflow 1 Affected Products ================= 11.60 and prior 2 Vulnerability Details ===================== Code Audit Labs http://www.vulnhunt.com has discovered a integer overflow vulnerability in array functions like Int32Array,Int16Array... . Opear vendor sa...

securityvulns•added 2012/02/08 12:0 a.m.•40 views

X.Org privilege escalation

Unprivileged user can start X server...

4.6CVSS3AI score0.00084EPSS

Exploits3References1Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•41 views

[USN-1354-1] usbmuxd vulnerability

========================================================================== Ubuntu Security Notice USN-1354-1 February 01, 2012 usbmuxd vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.6CVSS0.4AI score0.00255EPSS

Total number of security vulnerabilities47153