Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2012/02/13 12:0 a.m.36 views

HP Data Protector Media Operations integer overflow

DBServer.exe integer overflow...

10CVSS3.8AI score0.0867EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.68 views

ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-023 February 8, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.54 views

eFronts Community++ v3.6.10 - Cross Site Vulnerability

Title: ====== eFronts Community++ v3.6.10 - Cross Site Vulnerability Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=423 VL-ID: ===== 423 Introduction: ============= Tailored with larger organizations in mind, eFront Community ++ offers solutions...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.34 views

ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-031 February 8, 2012 - -- CVE ID: CVE-2011-4194 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...

7.5CVSS1.1AI score0.02974EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.167 views

[security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03179046 Version: 1 HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as...

10CVSS0.8AI score0.0867EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.36 views

Advisory: sudo 1.8 Format String Vulnerability

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +--++ Authors joernchen joernchen phenoelit de Phenoelit Group http://www.phenoelit.de Affected Products sudo 1.8.0 - 1.8.3p1 http://sudo.ws Vendor communication 2012-01-24 Send vulnerability details to sudo maintainer 2012-01-24 Maintainer ...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.81 views

Multiple vulnerabilities in ZENphoto

Advisory ID: HTB23070 Product: ZENphoto Vendor: www.zenphoto.org Vulnerable Version: 1.4.2 and probably prior Tested Version: 1.4.2 Vendor Notification: 18 January 2012 Vendor Patch: 19 January 2012 Public Disclosure: 8 February 2012 Vulnerability Type: PHP Code Execution, SQL Injection, XSS...

6.8CVSS0.3AI score0.02554EPSS
Exploits5
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.55 views

ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution http://www.zerodayinitiative.com/advisories/ZDI-12-025 February 8, 2012 - -- CVE ID: CVE-2012-0395 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: EMC - -...

9.3CVSS0.9AI score0.03153EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.77 views

Unauthenticated remote code execution on D-Link ShareCenter products

Unauthenticated remote code execution on D-Link ShareCenter products ==================================================================== ADVISORY INFORMATION Title: Unauthenticated remote code execution on D-Link ShareCenter products Release date: 08/02/2012 Last update: 08/02/2012 Credits:...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.88 views

CSRF (Cross-Site Request Forgery) in DClassifieds

Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...

Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.61 views

ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-024 : Total Defense Suite UNC Management Web Service uncspViewReportsHomepage SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-024 February 8, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.24 views

EMC Documentum Content Server privilege escalation

System administrator can elevate privileges to super-user...

3.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.53 views

ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-021 February 8, 2012 - -- CVE ID: CVE-2011-4373 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

7.5CVSS0.4AI score0.30641EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.46 views

Adobe Acrobat / Reader multiple security vulnerabilities

Code execution, multiple memory corruptions...

10CVSS2.7AI score0.86238EPSS
Exploits12References3Affected Software2
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.62 views

TWSL2012-002: Multiple Vulnerabilities in WordPress

Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version affected: 3.3.1 and prior Product...

7.5CVSS6.9AI score0.09551EPSS
Exploits10
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.65 views

Bart`s CMS - SQL Injection Vulnerability

Title: ====== Barts CMS - SQL Injection Vulnerability Date: ===== 2012-01-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=390 VL-ID: ===== 390 Introduction: ============= It is a website Content Management System that is build with Codecharge Studio. There will also ...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.56 views

SQL Injection Vulnerability in Batavi 1.1.2

Information -------------------- Name : SQL Injection Vulnerability in Batavi Software : Batavi 1.1.2 and possibly below. Vendor Homepage : http://www.batavi.org Vulnerability Type : SQL Injection Severity : Critical Researcher : Onur Y?lmaz Advisory Reference : NS-12-003 Description...

Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.54 views

ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-027 February 8, 2012 - -- CVE ID: CVE-2012-0189 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

9.3CVSS0.5AI score0.04497EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.24 views

bip security vulnerabilities

DoS, buffer overflow...

6.5CVSS2.5AI score0.03335EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.89 views

Mibew messenger multiple XSS

Advisory ID: CSA-12001 Title: Mibew messenger multiple XSS Product: mibew messenger Version: 1.6.4 and probably prior Vendor: mibew.org Vulnerability type: XSS Vendor notification: 2012-01-07 Public disclosure: 2012-01-24 Mibew messenger version 1.6.4 an probably below is vulnerable to multiple X...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.41 views

[ GLSA 201201-18 ] bip: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 201201-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

6.5CVSS0.4AI score0.03335EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.99 views

Wordpress Kish Guest Posting Plugin 1.0 (uploadify.php) Unrestricted File Upload Vulnerability

-------------------------------------------------------------------------------- Wordpress Kish Guest Posting Plugin 1.0 uploadify.php Unrestricted File Upload -------------------------------------------------------------------------------- author............: Egidio Romano aka EgiX...

Exploits0
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.57 views

Multiple vulnerabilities in OSClass

Advisory ID: CSA-12003 Title: Multiple vulnerabilities in OSClass Product: OSClass Version: 2.3.4 and probably prior Vendor: osclass.org Vulnerability type: SQL injection, XSS, Remote file inclusion Vendor notification: 2012-01-12 Public disclosure: 2012-01-27 OSClass version 2.3.4 and probably...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.56 views

[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability

-------------------------------------------------------------------------------------------------- CVE-2011-4367: Apache MyFaces information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: MyFaces Core 2.0.1 to 2.0.11 MyFaces Core 2.1.0 to...

5CVSS0.5AI score0.33471EPSS
Exploits2
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.84 views

[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability

-------------------------------------------------------------------------------------------------- CVE-2011-4367: Apache MyFaces information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: MyFaces Core 2.0.1 to 2.0.11 MyFaces Core 2.1.0 to...

5CVSS0.5AI score0.33471EPSS
Exploits2
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.71 views

eFront Community++ v3.6.10 - Multiple Web Vulnerabilities

Title: ====== eFront Community++ v3.6.10 - Multiple Web Vulnerabilities Date: ===== 2012-02-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=421 VL-ID: ===== 421 Introduction: ============= Tailored with larger organizations in mind, eFront Community ++ offers solutio...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.64 views

Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities

Title: ====== Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities Date: ===== 2012-02-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=427 VL-ID: ===== 427 Introduction: ============= Dolibarr ERP & CRM is a modern software to manage your company or foundation...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.58 views

CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability

OVERVIEW The CubeCart 3.0.20 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.41 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.33471EPSS
Exploits3References9Affected Software6
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.43 views

[ MDVSA-2012:016 ] glpi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:016 http://www.mandriva.com/security/ Package : glpi Date : February 10, 2012 Affected: Enterprise Server 5.0 Problem Description: A File Inclusion vulnerability was discovered and corrected in GLPI. This...

6.5CVSS6AI score0.01313EPSS
Exploits1
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.60 views

OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities

Title: ====== OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=426 VL-ID: ===== 426 Introduction: ============= Onxshop is not only great CMS offering integrated in-context editing and full design...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.36 views

Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities

Title: ====== Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities Date: ===== 2012-02-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=429 VL-ID: ===== 429 Introduction: ============= Scriptable, distributed and object oriented Hosting Platform. Manage...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.32 views

CVS client buffer overflow

Heap buffer overflow on server response parsing...

10CVSS3.6AI score0.08396EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.45 views

Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities

Title: ====== Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=428 VL-ID: ===== 428 Introduction: ============= Dolibarr ERP & CRM is a modern software to manage your company or foundation...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2012/02/12 12:0 a.m.87 views

[SECURITY] [DSA 2407-1] cvs security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2407-1 [email protected] http://www.debian.org/security/ Florian Weimer February 09, 2012 http://www.debian.org/security/faq -...

10CVSS3.5AI score0.08396EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.28 views

Ubuntu utilities security vulnerabilities

AccountsService and Software Properties privlege escalation...

4.3CVSS4AI score0.00632EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.28 views

curl data injection

Data injection via request URL...

7.5CVSS3.4AI score0.16723EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.40 views

X.Org privilege escalation

Unprivileged user can start X server...

4.6CVSS3AI score0.00862EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.63 views

Mathopd - Directory Traversal Vulnerability

Hi, Mathopd - Security Alerts Directory Traversal Vulnerability Reported: 2 February 2012 Older versions of the software have a vulnerability that could lead to directory traversal if the '' construct for mass virtual hosting is used. Affected: all 1.4 versions, all 1.5 versions up to 1.5p7. Fixe...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.68 views

PHP security vulnerabilities

Reading outside allocated memory on JPEG exif headers parsing. CPU exhaustion because of predictable hash collisions for form data...

7.5CVSS2.5AI score0.83911EPSS
Exploits18References2Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.44 views

Linux privilege escalation

Under some condirions memwrite allows to overrite process memory...

6.9CVSS4AI score0.10904EPSS
Exploits11Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.34 views

EMC Documentum xPlore information leakage

Under specific circumstances, an authenticated user who does not have BROWSE permission on the object may be able to see the existence of or certain metadata on that object in a search result...

4CVSS2.1AI score0.01081EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.53 views

[USN-1349-1] X.Org vulnerability

========================================================================== Ubuntu Security Notice USN-1349-1 January 26, 2012 xorg vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

4.6CVSS0.3AI score0.00862EPSS
Exploits3
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.136 views

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability. EMC Identifier: ESA-2012-010 EMC Identifier: SRCH-7949 CVE Identifier: CVE-2012-0396 Severity Rating: CVSS v2 Base Score: 4.0 AV:N/AC:L/Au:S/C:P/I:N/A:N Affected products: EMC S...

4CVSS0.7AI score0.01081EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.27 views

Opera array index overflow

Integer overflows in array functions...

3.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.43 views

[USN-1354-1] usbmuxd vulnerability

========================================================================== Ubuntu Security Notice USN-1354-1 February 01, 2012 usbmuxd vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.6CVSS0.4AI score0.00757EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.35 views

QEMU buffer overflow

Buffer overflow in network card emulation...

7.4CVSS3.2AI score0.00923EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.66 views

[USN-1351-1] AccountsService vulnerability

========================================================================== Ubuntu Security Notice USN-1351-1 January 31, 2012 accountsservice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

3.6CVSS1.4AI score0.00378EPSS
Exploits0
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.22 views

usbmuxd buffer overflow

Buffer overflow on USB device SerialNumber parsing...

4.6CVSS5.3AI score0.00757EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.46 views

[CAL-2012-0004] opera array integer overflow

CAL-2012-0004 opera array integer overflow 1 Affected Products ================= 11.60 and prior 2 Vulnerability Details ===================== Code Audit Labs http://www.vulnhunt.com has discovered a integer overflow vulnerability in array functions like Int32Array,Int16Array... . Opear vendor sa...

7.6AI score
Exploits0
Total number of security vulnerabilities47153