Securityvulns - Page 155 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2012/01/21 12:0 a.m.•81 views

GreenBrowser iframe content Double Free Vulnerability

GreenBrowser searchbar iframe content Double Free Vulnerability ------------------------------------------------------------------ I. Summary All versions of GreenBrowser is prone to a vulnerability which leads to arbitrary code execution. A Double Free of iframe object is triggered by its shortc...

securityvulns•added 2012/01/21 12:0 a.m.•58 views

Linux kernel multiple security vulnerabilities

DoS conditions, information leaks, privilege escalation...

6.9CVSS2.3AI score0.0127EPSS

Exploits10References1Affected Software1

securityvulns•added 2012/01/21 12:0 a.m.•18 views

Suhoshin buffer overflow

Buffer overflow in the transparent cookis encryption code...

Exploits0References1Affected Software1

securityvulns•added 2012/01/21 12:0 a.m.•94 views

[SECURITY] [DSA 2389-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2389-1 [email protected] http://www.debian.org/security/ Dann Frazier January 15, 2012 http://www.debian.org/security/faq -...

6.9CVSS0.8AI score0.0127EPSS

securityvulns•added 2012/01/21 12:0 a.m.•45 views

Beehive Forum 101 Multiple XSS vulnerabilities

Advisory: Beehive Forum 101 Multiple XSS vulnerabilities Advisory ID: SSCHADV2011-042 Author: Stefan Schurtz Affected Software: Successfully tested on Beehive Forum 101 Vendor URL: http://www.beehiveforum.co.uk/ Vendor Status: informed ========================== Vulnerability Description...

securityvulns•added 2012/01/21 12:0 a.m.•105 views

ATutor 2.0.3 Multiple XSS vulnerabilities

Advisory: ATutor 2.0.3 Multiple XSS vulnerabilities Advisory ID: SSCHADV2012-002 Author: Stefan Schurtz Affected Software: Successfully tested on ATutor 2.0.3 Vendor URL: http://atutor.ca Vendor Status: informed ========================== Vulnerability Description ========================== ATuto...

securityvulns•added 2012/01/21 12:0 a.m.•54 views

Multiple Cross-Site-Scripting vulnerabilities in x3cms

Advisory: Multiple Cross-Site-Scripting vulnerabilities in x3cms Advisory ID: INFOSERVE-ADV2011-04 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on x3cms 0.4.3 other versions may also be affected Vendor URL: http://www.x3cms.net/ Vendor Status: Parti...

securityvulns•added 2012/01/21 12:0 a.m.•39 views

Secunia Research: NTR ActiveX Control "StopModule()" Input Validation Vulnerability

====================================================================== Secunia Research 11/01/2012 - NTR ActiveX Control "StopModule" Input Validation Vulnerability - ====================================================================== Table of Contents Affected...

9.3CVSS1.5AI score0.73275EPSS

securityvulns•added 2012/01/21 12:0 a.m.•95 views

[security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03153338 Version: 1 HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be act...

7.8CVSS0.2AI score0.00617EPSS

securityvulns•added 2012/01/21 12:0 a.m.•55 views

PHP DoS

NULL pointer dereference because on unchecked zendstrndup return value...

5CVSS2.2AI score0.06262EPSS

Exploits9References1Affected Software1

securityvulns•added 2012/01/21 12:0 a.m.•110 views

Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS

Exploit Title: Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS Google Dork: "inurl:"sites/all/modules/ckeditor" -drupalcode.org" Google Results: Approximately 379.000 results Date: 18th January 2012 Author: MaXe @InterN0T Found in a private Hatforce.com Penetration Test Software Link:...

securityvulns•added 2012/01/21 12:0 a.m.•52 views

Business Availability Center / Business Service Management information leakage

No description provided...

5CVSS1.8AI score0.67611EPSS

Exploits10References1

securityvulns•added 2012/01/21 12:0 a.m.•84 views

PHP 5.3.8 Multiple vulnerabilities

PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NULL Pointer Dereference with zendstrndup CVE-2011-4153 --- As we can see in...

5CVSS0.06262EPSS

securityvulns•added 2012/01/21 12:0 a.m.•62 views

phpVideoPro Multiple XSS vulnerabilities

Advisory: phpVideoPro Multiple XSS vulnerabilities Advisory ID: SSCHADV2011-041 Author: Stefan Schurtz Affected Software: Successfully tested on phpVideoPro 0.9.7 Vendor URL: http://sourceforge.net/projects/phpvideopro/ Vendor Status: fix in the latest development code ==========================...

securityvulns•added 2012/01/21 12:0 a.m.•50 views

Office arbitrary ClickOnce application execution vulnerability

------------------------------------------------------------------------ Office arbitrary ClickOnce application execution vulnerability ------------------------------------------------------------------------ Yorick Koster, June 2010...

9.3CVSS6.5AI score0.86005EPSS

securityvulns•added 2012/01/20 12:0 a.m.•65 views

Cisco Security Advisory: Cisco IP Video Phone E20 Default Root Account

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IP Video Phone E20 Default Root Account Advisory ID: cisco-sa-20120118-te Revision 1.0 For Public Release 2012 January 18 16:00 UTC GMT +--------------------------------------------------------------------- Summary ======= Cisco TelePresence...

10CVSS0.7AI score0.00887EPSS

securityvulns•added 2012/01/20 12:0 a.m.•26 views

Cisco Digital Media Manager privilege escalation

It's possible to access administration pages by URLs...

9CVSS4.4AI score0.01236EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/01/20 12:0 a.m.•36 views

Xpra memory disclosure

Xpra is screen for X11. This is the fork located at: http://xpra.org/ Xpra versions 0.0.7.28 r191 through to 0.0.7.34 r443 return random chunks of memory to the clients by using the wrong size multiplying by 4 for the X11 cursor memory buffer. from XFixesGetCursorImage The byte order of the data...

securityvulns•added 2012/01/20 12:0 a.m.•45 views

Cisco Security Advisory: Cisco Digital Media Manager Privilege Escalation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Digital Media Manager Privilege Escalation Vulnerability Advisory ID: cisco-sa-20120118-dmm Revision 1.0 For Public Release 2012 January 18 16:00 UTC GMT +--------------------------------------------------------------------- Summary =======...

9CVSS1.6AI score0.01236EPSS

securityvulns•added 2012/01/20 12:0 a.m.•27 views

Xpra memory disclosure

It's possible to access uninitialized memory chunks...

Exploits0References1Affected Software1

securityvulns•added 2012/01/20 12:0 a.m.•113 views

Microsoft Anti-XSS Library Bypass (MS12-007)

Introduction ------------- Microsoft Anti-XSS Library is used to protect applications from Cross-Site Scripting attacks, by providing methods for input sanitization. Vulnerability ------------- Microsoft Anti-XSS Library 3.0 and 4.0 are vulnerable to an attack in which an attacker is able to crea...

securityvulns•added 2012/01/20 12:0 a.m.•129 views

[SECURITY] CVE-2011-3375 Apache Tomcat Information disclosure

CVE-2011-3375 Apache Tomcat Information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.21 - Tomcat 6.0.30 to 6.0.33 - Earlier versions are not affected Description: For performance reasons, information parsed from a request is often...

5CVSS0.6AI score0.02015EPSS

securityvulns•added 2012/01/20 12:0 a.m.•23 views

Cisco TelePresence System Integrator / Cisco IP Video Phone E20 default account vulnereability

Default root account is enabled...

Exploits0References2

securityvulns•added 2012/01/20 12:0 a.m.•70 views

OpenSSL library multiple security vulnerabilities

Double free, protection bypass, information leakages, DoS conditions...

9.3CVSS1.6AI score0.03261EPSS

Exploits0Affected Software1

securityvulns•added 2012/01/20 12:0 a.m.•39 views

Apache Tomcat security vulnerabilities

DoS, information disclosure...

5CVSS1.2AI score0.23189EPSS

Exploits8References1Affected Software1

securityvulns•added 2012/01/20 12:0 a.m.•88 views

[ MDVSA-2012:009 ] perl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:009 http://www.mandriva.com/security/ Package : perl Date : January 18, 2012 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in perl: Eval injection in the...

7.5CVSS9.9AI score0.09609EPSS

securityvulns•added 2012/01/20 12:0 a.m.•31 views

Microsoft AntiXSS library crossite scripting

Crossite scripting during HTML parsing...

4.3CVSS0.8AI score0.59659EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/01/20 12:0 a.m.•58 views

perl security vulnerabilities

It's possible to inject eval expression into digest module constructor. Off-by-one overflow in decodexs...

7.5CVSS3.2AI score0.09609EPSS

Exploits2References1Affected Software1

securityvulns•added 2012/01/16 12:0 a.m.•21 views

McAfee SaaS ActiveX code execution

MyCioScan.Scan.ShowReport method code execution...

Exploits0References1

securityvulns•added 2012/01/16 12:0 a.m.•118 views

ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389

ME020567: MailEnable webmail cross-site scripting vulnerability CWE-79 References: CVE-2012-0389 Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 Vendor contact: 2012-01-04 09:49:36 UTC Vendor...

4.3CVSS6.2AI score0.33839EPSS

securityvulns•added 2012/01/16 12:0 a.m.•37 views

MailEnable crossite scripting

Crossite scripting in ForgottonPassword.aspx...

4.3CVSS1.4AI score0.33839EPSS

Exploits5References1Affected Software1

securityvulns•added 2012/01/16 12:0 a.m.•38 views

t1lib / xpdf library multiple security vulnerabilities

Multiple memory corruptions...

6.8CVSS2.6AI score0.28735EPSS

Exploits0References1Affected Software2

securityvulns•added 2012/01/16 12:0 a.m.•46 views

ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-013 January 12, 2012 - -- CVE ID: CVE-2011-4786 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - --...

9.3CVSS0.5AI score0.63634EPSS

securityvulns•added 2012/01/16 12:0 a.m.•62 views

ZDI-12-016 : (0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-016 : 0Day HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-016 January 12, 2012 - -- CVE ID: CVE-2011-4789 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...

10CVSS0.8AI score0.77481EPSS

securityvulns•added 2012/01/16 12:0 a.m.•39 views

ZDI-12-012 : (0Day) McAfee SaaS myCIOScn.dll ShowReport Method Remote Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-012 : 0Day McAfee SaaS myCIOScn.dll ShowReport Method Remote Command Execution http://www.zerodayinitiative.com/advisories/ZDI-12-012 January 12, 2012 - -- CVE ID: - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors: McAfee - --...

securityvulns•added 2012/01/16 12:0 a.m.•37 views

HP Easy Printer Care Software ActiveX unauthorized access

Files write access is possible...

9.3CVSS2.5AI score0.80079EPSS

Exploits18References4

securityvulns•added 2012/01/16 12:0 a.m.•51 views

ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-014 January 12, 2012 - -- CVE ID: CVE-2011-4787 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -...

9.3CVSS0.5AI score0.00615EPSS

securityvulns•added 2012/01/16 12:0 a.m.•87 views

ZDI-12-015 : (0Day) HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-015 : 0Day HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-12-015 January 12, 2012 - -- CVE ID: CVE-2011-4788 - -- CVSS: 9, AV:N/AC:L/Au:N/C:C/I:P/A:P - -- Affecte...

7.8CVSS0.2AI score0.00617EPSS

securityvulns•added 2012/01/11 12:0 a.m.•41 views

HP LaserJet P3015 printer unauthorized access

Web server directory traversal...

10CVSS3.5AI score0.1545EPSS

Exploits0References2

securityvulns•added 2012/01/11 12:0 a.m.•109 views

DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785)

Title: DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal CVE-2011-4785 Severity: High Date Discovered: 2011-10-12 Discovered By: Digital Defense, Inc. Vulnerability Research Team Credited To: sxkeebler and r@b13$ Vulnerability Description: The HP-ChaiSOE/1.0 embedded web server on certa...

7.8CVSS0.5AI score0.01721EPSS

securityvulns•added 2012/01/11 12:0 a.m.•85 views

Apache mod_proxy unauthorized internal network access

Invalid processing for URI with preceeding @ sign...

5CVSS3.6AI score0.77975EPSS

Exploits14References1Affected Software1

securityvulns•added 2012/01/11 12:0 a.m.•31 views

Citrix Provisioning Services memory corruptions

Multiple memory corruptions...

Exploits0References3

securityvulns•added 2012/01/11 12:0 a.m.•200 views

Apache privilege escalation

Privilege escalation with SetEnvIf in conjunction with crafted HTTP headers...

4.4CVSS2.4AI score0.00591EPSS

Exploits4Affected Software1

securityvulns•added 2012/01/11 12:0 a.m.•45 views

ZDI-12-008 : Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-008 : Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-008 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...

securityvulns•added 2012/01/11 12:0 a.m.•36 views

ZDI-12-009 : Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-009 : Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-009 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendor...

securityvulns•added 2012/01/11 12:0 a.m.•40 views

ZDI-12-010 : Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-010 : Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-010 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendor...

securityvulns•added 2012/01/11 12:0 a.m.•33 views

PowerDNS response loop

Resolver reponds to response, allowing DoS attacks...

5CVSS2.2AI score0.00005EPSS

Exploits0References1Affected Software1

securityvulns•added 2012/01/11 12:0 a.m.•31 views

ZDI-12-011 : Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-011 : Novell Netware XNFS callername xdrDecodeString Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-011 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: Novel...

securityvulns•added 2012/01/11 12:0 a.m.•25 views

Novell Netware security vulnerabilities

TCP/32778, UDP/32778, UDP/2039, UDP/32779 RPC-based services buffer overflow...

Exploits0References3Affected Software1

securityvulns•added 2012/01/11 12:0 a.m.•72 views

[SECURITY] [DSA 2385-1] pdns security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2385-1 [email protected] http://www.debian.org/security/ Florian Weimer January 10, 2012 http://www.debian.org/security/faq -...

5CVSS1.9AI score0.00005EPSS

Total number of security vulnerabilities47153