Securityvulns - Page 154 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2012/02/08 12:0 a.m.•22 views

Mathopd directory traversal

No description provided...

Exploits0References1Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•27 views

curl data injection

Data injection via request URL...

7.5CVSS3.4AI score0.10342EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/02/08 12:0 a.m.•35 views

QEMU buffer overflow

Buffer overflow in network card emulation...

7.4CVSS3.2AI score0.01027EPSS

Exploits0Affected Software1

securityvulns•added 2012/02/03 12:0 a.m.•66 views

Mozilla Foundation Security Advisory 2012-09

Mozilla Foundation Security Advisory 2012-09 Title: Firefox Recovery Key.html is saved with unsafe permission Impact: Moderate Announced: January 31, 2012 Reporter: magicant starmen Products: Firefox, SeaMonkey Fixed in: Firefox 10.0 SeaMonkey 2.7 Description magicant starmen reported that if a...

2.1CVSS1.1AI score0.00071EPSS

securityvulns•added 2012/02/03 12:0 a.m.•70 views

Mozilla Foundation Security Advisory 2012-02

Mozilla Foundation Security Advisory 2012-02 Title: Overly permissive IPv6 literal syntax Impact: Low Announced: January 31, 2012 Reporter: Gregory Fleischer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.26 Thunderbird 7.0 Thunderbird 3.1.18 SeaMonkey 2.4 Description...

5CVSS0.3AI score0.00725EPSS

securityvulns•added 2012/02/03 12:0 a.m.•62 views

Mozilla Foundation Security Advisory 2012-05

Mozilla Foundation Security Advisory 2012-05 Title: Frame scripts calling into untrusted objects bypass security checks Impact: Critical Announced: January 31, 2012 Reporter: mozbugra4 Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Thunderbird 10.0 SeaMonkey 2.7 Description...

4.3CVSS1.1AI score0.00431EPSS

securityvulns•added 2012/02/03 12:0 a.m.•91 views

Mozilla Foundation Security Advisory 2012-06

Mozilla Foundation Security Advisory 2012-06 Title: Uninitialized memory appended when encoding icon images may cause information disclosure Impact: High Announced: January 31, 2012 Reporter: Tim Abraldes Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Thunderbird 10.0 SeaMonkey...

5CVSS1.4AI score0.006EPSS

securityvulns•added 2012/02/03 12:0 a.m.•171 views

APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 OS X Lion v10.7.3 and Security Update 2012-001 is now available and addresses the following: Address Book Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2...

10CVSS0.1AI score0.36532EPSS

securityvulns•added 2012/02/03 12:0 a.m.•67 views

Mozilla Foundation Security Advisory 2012-04

Mozilla Foundation Security Advisory 2012-04 Title: Child nodes from nsDOMAttribute still accessible after removal of nodes Impact: Critical Announced: January 31, 2012 Reporter: regenrecht Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Firefox 3.6.26 Thunderbird 10.0 Thunderbir...

10CVSS2.1AI score0.72536EPSS

securityvulns•added 2012/02/03 12:0 a.m.•55 views

http://www.mozilla.org/security/announce/2012/mfsa2012-01.html

Mozilla Foundation Security Advisory 2012-01 Title: Miscellaneous memory safety hazards rv:10.0/ 1.9.2.26 Impact: Critical Announced: January 31, 2012 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Fixed in: Firefox 3.6.26 Thunderbird...

10CVSS10AI score0.0276EPSS

securityvulns•added 2012/02/03 12:0 a.m.•67 views

Mozilla Foundation Security Advisory 2012-07

Mozilla Foundation Security Advisory 2012-07 Title: Potential Memory Corruption When Decoding Ogg Vorbis files Impact: Critical Announced: January 31, 2012 Reporter: regenrecht Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Firefox 3.6.26 Thunderbird 10.0 Thunderbird 3.1.18...

10CVSS1.8AI score0.08973EPSS

securityvulns•added 2012/02/03 12:0 a.m.•92 views

Mozilla Foundation Security Advisory 2012-03

Mozilla Foundation Security Advisory 2012-03 Title: iframe element exposed across domains via name attribute Impact: High Announced: January 31, 2012 Reporter: Alex Dvorov Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Thunderbird 10.0 SeaMonkey 2.7 Description Alex Dvorov...

5CVSS1.5AI score0.00536EPSS

securityvulns•added 2012/02/03 12:0 a.m.•56 views

Mozilla Foundation Security Advisory 2012-08

Mozilla Foundation Security Advisory 2012-08 Title: Crash with malformed embedded XSLT stylesheets Impact: Critical Announced: January 31, 2012 Reporter: Nicolas Gregoire, Aki Helin Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Firefox 3.6.26 Thunderbird 10.0 Thunderbird 3.1.18...

10CVSS0.6AI score0.03949EPSS

securityvulns•added 2012/02/03 12:0 a.m.•49 views

Mozilla Foundation Security Advisory 2012-02

Mozilla Foundation Security Advisory 2012-02 Title: Overly permissive IPv6 literal syntax Impact: Low Announced: January 31, 2012 Reporter: Gregory Fleischer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.26 Thunderbird 7.0 Thunderbird 3.1.18 SeaMonkey 2.4 Description...

5CVSS0.3AI score0.00725EPSS

securityvulns•added 2012/02/03 12:0 a.m.•29 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, crossite access, crossite scripting, information leakage, weak permissions...

10CVSS1.7AI score0.72536EPSS

Exploits11References9Affected Software3

securityvulns•added 2012/02/03 12:0 a.m.•124 views

[Announce] Apache HTTP Server 2.2.22 Released

Apache HTTP Server 2.2.22 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.22 of the Apache HTTP Server "Apache". This version of Apache is principally a security and bug fix release, including the following significant...

5CVSS0.77975EPSS

securityvulns•added 2012/02/03 12:0 a.m.•64 views

Apple OS X multiple security vulnerabilities

Graphics, Video, Audio and documents parsing vulnerabilities. Information leakage, code execution via DNS resolver. Privilege escalation. Vulnerabilities in 3rd party packages...

10CVSS5.1AI score0.36532EPSS

Exploits44References2Affected Software1

securityvulns•added 2012/02/03 12:0 a.m.•96 views

Apache multiple security vulnerabilities

Information leakage, filtering bypass, privilege escalation, DoS...

5CVSS2.3AI score0.77975EPSS

Exploits23References1Affected Software1

securityvulns•added 2012/01/30 12:0 a.m.•45 views

[ GLSA 201201-04 ] Logsurfer: Arbitrary code execution

Gentoo Linux Security Advisory GLSA 201201-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

7.5CVSS0.3AI score0.00934EPSS

securityvulns•added 2012/01/30 12:0 a.m.•19 views

Barracuda Spam/Virus WAF 600 multiple security vulnerabilities

Different Web interface vulnerabilities...

Exploits0References1Affected Software1

securityvulns•added 2012/01/30 12:0 a.m.•31 views

NGS00118 Patch Notification: Symantec PCAnywhere Remote Code Execution as SYSTEM

Critical Vulnerability in Symantec PCAnywhere 25 January 2012 Edward Torkington of NGS Secure has discovered a critical vulnerability in Symantec PCAnywhere Impact: Remote Code Execution pre-auth as SYSTEM Versions affected: Symantec pcAnywhere 12.5.x IT Management Suite 7.0 pcAnywhere Solution...

securityvulns•added 2012/01/30 12:0 a.m.•44 views

MIT / FreeBSD / Cisco telnetd buffer overflow

Buffer overflow in BSD telnetd / MIT krb5 telnetd is actively exploited in-the-wild...

10CVSS2.9AI score0.92381EPSS

Exploits19References3Affected Software4

securityvulns•added 2012/01/30 12:0 a.m.•30 views

logsurfer double free vulnerability

prepareexec double free vulnerability...

7.5CVSS1.5AI score0.00934EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/01/30 12:0 a.m.•56 views

[Suspected Spam] Barracuda Spam/Virus WAF 600 - Multiple Web Vulnerabilities

Title: ====== Barracuda Spam/Virus WAF 600 - Multiple Web Vulnerabilities Date: ===== 2012-01-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=28 VL-ID: ===== 28 Introduction: ============= Barracuda Networks - Worldwide leader in email and Web security. The Barracuda...

securityvulns•added 2012/01/30 12:0 a.m.•40 views

ZDI-12-017 : Oracle Outside In OOXML Relationship Tag Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-017 : Oracle Outside In OOXML Relationship Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-017 January 20, 2012 - -- CVE ID: - -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P - -- Affected Vendors:...

securityvulns•added 2012/01/30 12:0 a.m.•40 views

ZDI-12-018 : Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-018 : Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-018 January 25, 2012 - -- CVE ID: CVE-2011-3478 - -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P - -- Affected Vendors: Symantec...

10CVSS0.8AI score0.56994EPSS

securityvulns•added 2012/01/30 12:0 a.m.•42 views

NGS00117 Patch Notification: Symantec PCAnywhere Local Privilege Escalation

High Risk Vulnerability in Symantec PCAnywhere 25 January 2012 Edward Torkington of NGS Secure has discovered a high risk vulnerability in Symantec PCAnywhere Impact: Local Privilege Escalation Versions affected: Symantec pcAnywhere 12.5.x IT Management Suite 7.0 pcAnywhere Solution 12.5.x IT...

securityvulns•added 2012/01/30 12:0 a.m.•63 views

Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability Advisory ID: cisco-sa-20120126-ironport Revision 1.0 For Public Release 2012 January 26 17:00 UTC GMT...

10CVSS0.5AI score0.92381EPSS

securityvulns•added 2012/01/21 12:0 a.m.•59 views

BoltWire 3.4.16 Multiple XSS vulnerabilities

Advisory: BoltWire 3.4.16 Multiple XSS vulnerabilities Advisory ID: SSCHADV2012-001 Author: Stefan Schurtz Affected Software: Successfully tested on BoltWire 3.4.16 Vendor URL: http://www.boltwire.com/ Vendor Status: informed ========================== Vulnerability Description...

securityvulns•added 2012/01/21 12:0 a.m.•41 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.06246EPSS

Exploits0References15Affected Software12

securityvulns•added 2012/01/21 12:0 a.m.•125 views

[PT-2011-01] Cross-Site Scripting in Kayako Support Suite

------------------------------------------------------------------ PT-2011-01 Positive Technologies Security Advisory Cross-Site Scripting in Kayako Support Suite ------------------------------------------------------------------ --- Vulnerable software Kayako Support Suite Version: 3.70.02-stabl...

securityvulns•added 2012/01/21 12:0 a.m.•45 views

Family Connections 2.7.2 Multiple XSS

Exploit Title: Family Connections 2.7.2 Multiple XSS Date: 01/14/12 Author: G13 CVE: 2012-0699 Software Link: https://sourceforge.net/projects/fam-connections/ Version: 2.7.2 Category: webapps php Google dork: "powered by Family Connections" Vulnerability Family Connections 2.7.2 has multiple XSS...

securityvulns•added 2012/01/21 12:0 a.m.•60 views

Advisory 01/2012: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow Release Date: 2012/01/19 Last Modified: 2012/01/19 Author: Stefan Esser stefan.esseratsektioneins.de...

securityvulns•added 2012/01/21 12:0 a.m.•51 views

HP StorageWorks P2000 security vulnerabilities

Default account, directory traversal...

7.8CVSS2.8AI score0.00617EPSS

Exploits0References2

securityvulns•added 2012/01/21 12:0 a.m.•64 views

appRain CMF <= 0.1.5 (uploadify.php) Unrestricted File Upload Vulnerability

--------------------------------------------------------------------------- appRain CMF = 0.1.5 uploadify.php Unrestricted File Upload Vulnerability --------------------------------------------------------------------------- author............: Egidio Romano aka EgiX mail..............:...

securityvulns•added 2012/01/21 12:0 a.m.•69 views

Security updates available for Adobe Reader and Acrobat

Security updates available for Adobe Reader and Acrobat Release date: January 10, 2012 Vulnerability identifier: APSB12-01 CVE numbers: CVE-2011-2462, CVE-2011-4369, CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373 Platform: Windows and Macintosh SUMMARY These updates address critical...

10CVSS0.4AI score0.91601EPSS

securityvulns•added 2012/01/21 12:0 a.m.•71 views

Microsoft Windows multiple security vulnerabilities

SafeSEH protection bypass, Windows Object Packager code execution, CSRSS privilege escalation, DirectShow / Windows Media memory corruption, Windows Packager code execution, SSL/TLS information leakage...

9.3CVSS5.9AI score0.88008EPSS

Exploits34References1Affected Software1

securityvulns•added 2012/01/21 12:0 a.m.•47 views

[SECURITY] [DSA 2386-1] openttd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2386-1 [email protected] http://www.debian.org/security/ January 10, 2012 http://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.06246EPSS

securityvulns•added 2012/01/21 12:0 a.m.•54 views

Webcalendar 1.2.4 'location' XSS

Exploit Title: Webcalendar 1.2.4 'location' XSS Date: 01/11/12 Author: G13 Software Link: https://sourceforge.net/projects/webcalendar/?source=directory Version: 1.2.5 Category: webapps php Vulnerability There is no sanitation on the input of the location variable. This allows malicious scripts t...

securityvulns•added 2012/01/21 12:0 a.m.•88 views

[security bulletin] HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03127140 Version: 1 HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center BAC and Business Service Management BSM, Remote Unauthorized Access to Sensitive Information NOTICE: The...

5CVSS0.7AI score0.67611EPSS

securityvulns•added 2012/01/21 12:0 a.m.•52 views

XSS in OneOrZero AIMS

Advisory ID: HTB23066 Reference: https://www.htbridge.ch/advisory/xssinoneorzeroaims.html Product: OneOrZero AIMS Vendor: www.oneorzero.com http://www.oneorzero.com/ Vulnerable Version: 2.8.0 Trial build231211 and probably prior Tested Version: 2.8.0 Trial build231211 Vendor Notification: 28...

securityvulns•added 2012/01/21 12:0 a.m.•35 views

NTR ActiveX security vulnerabilities

Buffer overflow, unsafe method...

9.3CVSS4.3AI score0.73656EPSS

Exploits9References2Affected Software1

securityvulns•added 2012/01/21 12:0 a.m.•23 views

GreenBrowser double free

Double free on iframe tag...

Exploits0References1Affected Software1

securityvulns•added 2012/01/21 12:0 a.m.•43 views

VUPEN Security Research - Adobe Acrobat and Reader Image Processing Integer Overflow (APSB12-01)

VUPEN Security Research - Adobe Acrobat and Reader Image Processing Integer Overflow Vulnerability APSB12-01 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic...

securityvulns•added 2012/01/21 12:0 a.m.•29 views

EMC SourceOne information leakage

Information leakage via log files...

2.1CVSS2.4AI score0.00057EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/01/21 12:0 a.m.•74 views

[PT-2011-04] Cross-Site Scripting in Kayako Support Suite

----------------------------------------------------------------- PT-2011-04 Positive Technologies Security Advisory Cross-Site Scripting in Kayako Support Suite ----------------------------------------------------------------- --- Vulnerable software Kayako Support Suite Version: 3.70.02-stable...

securityvulns•added 2012/01/21 12:0 a.m.•40 views

Secunia Research: NTR ActiveX Control Four Buffer Overflow Vulnerabilities

====================================================================== Secunia Research 11/01/2012 - NTR ActiveX Control Four Buffer Overflow Vulnerabilities - ====================================================================== Table of Contents Affected...

9.3CVSS1.6AI score0.73656EPSS

securityvulns•added 2012/01/21 12:0 a.m.•54 views

[PT-2011-02] PHP code Injection in Kayako Support Suite

----------------------------------------------------------------- PT-2011-02 Positive Technologies Security Advisory PHP code Injection in Kayako Support Suite ----------------------------------------------------------------- --- Vulnerable software Kayako Support Suite Version: 3.70.02-stable an...

securityvulns•added 2012/01/21 12:0 a.m.•56 views

[PT-2011-03] Information disclosure in Kayako Support Suite

----------------------------------------------------------------- PT-2011-03 Positive Technologies Security Advisory Information disclosure in Kayako Support Suite ----------------------------------------------------------------- --- Vulnerable software Kayako Support Suite Version: 3.70.02-stabl...

securityvulns•added 2012/01/21 12:0 a.m.•56 views

ESA-2012-003: EMC SourceOne Web Search Sensitive Information Disclosure Vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-003: EMC SourceOne Web Search Sensitive Information Disclosure Vulnerability. EMC Identifier: ESA-2012-003 CVE Identifier: CVE-2011-4142 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected products: EMC SourceOne Emai...

2.1CVSS0.8AI score0.00057EPSS

Total number of security vulnerabilities47153