Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•52 views

HP StorageWorks P2000 security vulnerabilities

Default account, directory traversal...

7.8CVSS2.8AI score0.05262EPSS
Exploits0References2
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•90 views

[security bulletin] HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03127140 Version: 1 HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center BAC and Business Service Management BSM, Remote Unauthorized Access to Sensitive Information NOTICE: The...

5CVSS0.7AI score0.62308EPSS
Exploits10
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•55 views

PHP DoS

NULL pointer dereference because on unchecked zendstrndup return value...

5CVSS2.2AI score0.122EPSS
Exploits9References1Affected Software1
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•48 views

[SECURITY] [DSA 2386-1] openttd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2386-1 [email protected] http://www.debian.org/security/ January 10, 2012 http://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.05007EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•18 views

Suhoshin buffer overflow

Buffer overflow in the transparent cookis encryption code...

3.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•44 views

VUPEN Security Research - Adobe Acrobat and Reader Image Processing Integer Overflow (APSB12-01)

VUPEN Security Research - Adobe Acrobat and Reader Image Processing Integer Overflow Vulnerability APSB12-01 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•61 views

Advisory 01/2012: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow Release Date: 2012/01/19 Last Modified: 2012/01/19 Author: Stefan Esser stefan.esseratsektioneins.de...

8.5AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•53 views

XSS in OneOrZero AIMS

Advisory ID: HTB23066 Reference: https://www.htbridge.ch/advisory/xssinoneorzeroaims.html Product: OneOrZero AIMS Vendor: www.oneorzero.com http://www.oneorzero.com/ Vulnerable Version: 2.8.0 Trial build231211 and probably prior Tested Version: 2.8.0 Trial build231211 Vendor Notification: 28...

5.9AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•85 views

PHP 5.3.8 Multiple vulnerabilities

PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NULL Pointer Dereference with zendstrndup CVE-2011-4153 --- As we can see in...

5CVSS0.122EPSS
Exploits9
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•72 views

Microsoft Windows multiple security vulnerabilities

SafeSEH protection bypass, Windows Object Packager code execution, CSRSS privilege escalation, DirectShow / Windows Media memory corruption, Windows Packager code execution, SSL/TLS information leakage...

9.3CVSS5.9AI score0.73753EPSS
Exploits34References1Affected Software1
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•55 views

Webcalendar 1.2.4 'location' XSS

Exploit Title: Webcalendar 1.2.4 'location' XSS Date: 01/11/12 Author: G13 Software Link: https://sourceforge.net/projects/webcalendar/?source=directory Version: 1.2.5 Category: webapps php Vulnerability There is no sanitation on the input of the location variable. This allows malicious scripts t...

1AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•83 views

GreenBrowser iframe content Double Free Vulnerability

GreenBrowser searchbar iframe content Double Free Vulnerability ------------------------------------------------------------------ I. Summary All versions of GreenBrowser is prone to a vulnerability which leads to arbitrary code execution. A Double Free of iframe object is triggered by its shortc...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•56 views

[PT-2011-03] Information disclosure in Kayako Support Suite

----------------------------------------------------------------- PT-2011-03 Positive Technologies Security Advisory Information disclosure in Kayako Support Suite ----------------------------------------------------------------- --- Vulnerable software Kayako Support Suite Version: 3.70.02-stabl...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•113 views

Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS

Exploit Title: Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS Google Dork: "inurl:"sites/all/modules/ckeditor" -drupalcode.org" Google Results: Approximately 379.000 results Date: 18th January 2012 Author: MaXe @InterN0T Found in a private Hatforce.com Penetration Test Software Link:...

Exploits0
securityvulns
securityvulns
•added 2012/01/21 12:0 a.m.•98 views

[security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03153338 Version: 1 HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be act...

7.8CVSS0.2AI score0.05262EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•46 views

Cisco Security Advisory: Cisco Digital Media Manager Privilege Escalation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Digital Media Manager Privilege Escalation Vulnerability Advisory ID: cisco-sa-20120118-dmm Revision 1.0 For Public Release 2012 January 18 16:00 UTC GMT +--------------------------------------------------------------------- Summary =======...

9CVSS1.6AI score0.03209EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•132 views

[SECURITY] CVE-2011-3375 Apache Tomcat Information disclosure

CVE-2011-3375 Apache Tomcat Information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.21 - Tomcat 6.0.30 to 6.0.33 - Earlier versions are not affected Description: For performance reasons, information parsed from a request is often...

5CVSS0.6AI score0.06694EPSS
Exploits2
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•66 views

Cisco Security Advisory: Cisco IP Video Phone E20 Default Root Account

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IP Video Phone E20 Default Root Account Advisory ID: cisco-sa-20120118-te Revision 1.0 For Public Release 2012 January 18 16:00 UTC GMT +--------------------------------------------------------------------- Summary ======= Cisco TelePresence...

10CVSS0.7AI score0.02072EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•36 views

Xpra memory disclosure

Xpra is screen for X11. This is the fork located at: http://xpra.org/ Xpra versions 0.0.7.28 r191 through to 0.0.7.34 r443 return random chunks of memory to the clients by using the wrong size multiplying by 4 for the X11 cursor memory buffer. from XFixesGetCursorImage The byte order of the data...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•70 views

OpenSSL library multiple security vulnerabilities

Double free, protection bypass, information leakages, DoS conditions...

9.3CVSS1.6AI score0.17687EPSS
Exploits0Affected Software1
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•31 views

Microsoft AntiXSS library crossite scripting

Crossite scripting during HTML parsing...

4.3CVSS0.8AI score0.19283EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•27 views

Xpra memory disclosure

It's possible to access uninitialized memory chunks...

3.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•27 views

Cisco Digital Media Manager privilege escalation

It's possible to access administration pages by URLs...

9CVSS4.4AI score0.03209EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•39 views

Apache Tomcat security vulnerabilities

DoS, information disclosure...

5CVSS1.2AI score0.1086EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•27 views

Cisco TelePresence System Integrator / Cisco IP Video Phone E20 default account vulnereability

Default root account is enabled...

3.5AI score
Exploits0References2
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•114 views

Microsoft Anti-XSS Library Bypass (MS12-007)

Introduction ------------- Microsoft Anti-XSS Library is used to protect applications from Cross-Site Scripting attacks, by providing methods for input sanitization. Vulnerability ------------- Microsoft Anti-XSS Library 3.0 and 4.0 are vulnerable to an attack in which an attacker is able to crea...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•92 views

[ MDVSA-2012:009 ] perl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:009 http://www.mandriva.com/security/ Package : perl Date : January 18, 2012 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in perl: Eval injection in the...

7.5CVSS9.9AI score0.13526EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/20 12:0 a.m.•59 views

perl security vulnerabilities

It's possible to inject eval expression into digest module constructor. Off-by-one overflow in decodexs...

7.5CVSS3.2AI score0.13526EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•52 views

ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-014 January 12, 2012 - -- CVE ID: CVE-2011-4787 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -...

9.3CVSS0.5AI score0.04456EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•63 views

ZDI-12-016 : (0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-016 : 0Day HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-016 January 12, 2012 - -- CVE ID: CVE-2011-4789 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...

10CVSS0.8AI score0.64803EPSS
Exploits8
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•40 views

ZDI-12-012 : (0Day) McAfee SaaS myCIOScn.dll ShowReport Method Remote Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-012 : 0Day McAfee SaaS myCIOScn.dll ShowReport Method Remote Command Execution http://www.zerodayinitiative.com/advisories/ZDI-12-012 January 12, 2012 - -- CVE ID: - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors: McAfee - --...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•38 views

MailEnable crossite scripting

Crossite scripting in ForgottonPassword.aspx...

4.3CVSS1.4AI score0.0842EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•37 views

HP Easy Printer Care Software ActiveX unauthorized access

Files write access is possible...

9.3CVSS2.5AI score0.73254EPSS
Exploits18References4
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•91 views

ZDI-12-015 : (0Day) HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-015 : 0Day HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-12-015 January 12, 2012 - -- CVE ID: CVE-2011-4788 - -- CVSS: 9, AV:N/AC:L/Au:N/C:C/I:P/A:P - -- Affecte...

7.8CVSS0.2AI score0.05262EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•123 views

ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389

ME020567: MailEnable webmail cross-site scripting vulnerability CWE-79 References: CVE-2012-0389 Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 Vendor contact: 2012-01-04 09:49:36 UTC Vendor...

4.3CVSS6.2AI score0.0842EPSS
Exploits5
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•39 views

t1lib / xpdf library multiple security vulnerabilities

Multiple memory corruptions...

6.8CVSS2.6AI score0.13055EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•21 views

McAfee SaaS ActiveX code execution

MyCioScan.Scan.ShowReport method code execution...

2.4AI score
Exploits0References1
securityvulns
securityvulns
•added 2012/01/16 12:0 a.m.•50 views

ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-013 January 12, 2012 - -- CVE ID: CVE-2011-4786 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - --...

9.3CVSS0.5AI score0.41132EPSS
Exploits9
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•110 views

DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785)

Title: DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal CVE-2011-4785 Severity: High Date Discovered: 2011-10-12 Discovered By: Digital Defense, Inc. Vulnerability Research Team Credited To: sxkeebler and r@b13$ Vulnerability Description: The HP-ChaiSOE/1.0 embedded web server on certa...

7.8CVSS0.5AI score0.03698EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•31 views

Citrix Provisioning Services memory corruptions

Multiple memory corruptions...

2.7AI score
Exploits0References3
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•45 views

ZDI-12-008 : Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-008 : Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-008 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•43 views

HP LaserJet P3015 printer unauthorized access

Web server directory traversal...

10CVSS3.5AI score0.13953EPSS
Exploits0References2
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•31 views

ZDI-12-011 : Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-011 : Novell Netware XNFS callername xdrDecodeString Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-011 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: Novel...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•73 views

[SECURITY] [DSA 2385-1] pdns security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2385-1 [email protected] http://www.debian.org/security/ Florian Weimer January 10, 2012 http://www.debian.org/security/faq -...

5CVSS1.9AI score0.05264EPSS
Exploits0
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•37 views

ZDI-12-009 : Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-009 : Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-009 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendor...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•41 views

ZDI-12-010 : Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-010 : Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-010 January 10, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendor...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•87 views

Apache mod_proxy unauthorized internal network access

Invalid processing for URI with preceeding @ sign...

5CVSS3.6AI score0.90734EPSS
Exploits14References1Affected Software1
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•33 views

PowerDNS response loop

Resolver reponds to response, allowing DoS attacks...

5CVSS2.2AI score0.05264EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•202 views

Apache privilege escalation

Privilege escalation with SetEnvIf in conjunction with crafted HTTP headers...

4.4CVSS2.4AI score0.04716EPSS
Exploits4Affected Software1
securityvulns
securityvulns
•added 2012/01/11 12:0 a.m.•25 views

Novell Netware security vulnerabilities

TCP/32778, UDP/32778, UDP/2039, UDP/32779 RPC-based services buffer overflow...

3.7AI score
Exploits0References3Affected Software1
Total number of security vulnerabilities47153