Securityvulns - Page 158 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2011/12/26 12:0 a.m.•66 views

[SECURITY] [DSA 2370-1] unbound security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2370-1 [email protected] http://www.debian.org/security/ Florian Weimer December 22, 2011 http://www.debian.org/security/faq -...

7.8CVSS1.6AI score0.02914EPSS

securityvulns•added 2011/12/26 12:0 a.m.•39 views

VUPEN Security Research - Microsoft Windows "datime.dll" Remote Code Execution Vulnerability (MS11-090)

VUPEN Security Research - Microsoft Windows "datime.dll" Remote Code Execution Vulnerability MS11-090 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Microsoft Windows is a series of software operating systems and graphica...

securityvulns•added 2011/12/26 12:0 a.m.•33 views

tor buffer overflows

Heap buffer overflow on SOCKS request parsing...

7.6CVSS4AI score0.03506EPSS

Exploits0Affected Software1

securityvulns•added 2011/12/26 12:0 a.m.•48 views

Multiple vulnerabilities in epesi BIM

Vulnerability ID: HTB23061 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinepesibim.html Product: epesi BIM Vendor: Telaxus LLC http://www.epesibim.com/ Vulnerable Version: 1.2.0-rev8154 and probably prior Tested Version: 1.2.0-rev8154 Vendor Notification: 30 November 2011...

securityvulns•added 2011/12/26 12:0 a.m.•57 views

[ MDVSA-2011:191 ] libarchive

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:191 http://www.mandriva.com/security/ Package : libarchive Date : December 18, 2011 Affected: Enterprise Server 5.0 Problem Description: A heap-based buffer overflow flaw was discovered in libarchive. If a...

6.8CVSS9AI score0.03024EPSS

securityvulns•added 2011/12/26 12:0 a.m.•54 views

Microsoft Windows multiple security vulnerabilities

Buffer overflow on TTF fonts parsing, OLE objects memory corruption, CSRSS and kernel privilege escalations, ActiveX code execution...

9.3CVSS6.2AI score0.88311EPSS

Exploits14References2Affected Software1

securityvulns•added 2011/12/26 12:0 a.m.•42 views

ZDI-11-350 : Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-350 : Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-350 December 19, 2011 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: Enterasys - --...

securityvulns•added 2011/12/26 12:0 a.m.•441 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.05088EPSS

Exploits5References11Affected Software10

securityvulns•added 2011/12/26 12:0 a.m.•144 views

[SECURITY] [DSA 2365-1] dtc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2365-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 18, 2011 http://www.debian.org/security/faq -...

6.5CVSS0.5AI score0.00709EPSS

securityvulns•added 2011/12/22 12:0 a.m.•61 views

Microsoft Windows win32k.sys memory corruption

Integer overflow on the frame with large height...

Exploits0Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•35 views

Nova unauthroized access

It's possible to overwrite files...

6CVSS4.2AI score0.00541EPSS

Exploits0Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•48 views

NGS00141 Patch Notification: Websense Triton 7.6 - Stored XSS in report management UI

High risk Vulnerability in Websense Triton 15 December 2011 Ben Williams of NGS Secure has discovered a High risk vulnerability in Websense Impact: Stored XSS Versions affected include: Websense Web Security Gateway Anywhere v7.6 Websense Web Security Gateway v7.6 Websense Web Security v7.6...

securityvulns•added 2011/12/19 12:0 a.m.•79 views

NGS00138 Patch Notification: Websense Triton 7.6 - Authentication bypass in report management UI

High Risk Vulnerability in Websense Triton 15 December 2011 Ben Williams of NGS Secure has discovered a High risk vulnerability in Websense Impact: Authentication bypass Versions affected include: Websense Web Security Gateway Anywhere v7.6 Websense Web Security Gateway v7.6 Websense Web Security...

securityvulns•added 2011/12/19 12:0 a.m.•68 views

[MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matta Consulting - Matta Advisory https://www.trustmatta.com Restorepoint Remote root command execution vulnerability Advisory ID: MATTA-2011-003 CVE reference: CVE-2011-4201 - Code injection vulnerability CVE-2011-4202 - Privilege escalation through...

9.3CVSS1.2AI score0.01055EPSS

securityvulns•added 2011/12/19 12:0 a.m.•30 views

Restorepoint security vulnerabilities

Code execution, privileg escalation...

9.3CVSS3.5AI score0.01055EPSS

Exploits1References1Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•27 views

Secunia Research: Sterling Trader Data Processing Buffer Overflow Vulnerability

====================================================================== Secunia Research 13/12/2011 - Sterling Trader Data Processing Buffer Overflow Vulnerability - ====================================================================== Table of Contents Affected...

securityvulns•added 2011/12/19 12:0 a.m.•118 views

BF, XSS, IAA и CSRF уязвимости в poMMo

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Brute Force, Cross-Site Scripting, Insufficient Anti-automation и Cross-Site Request Forgery уязвимостях в poMMo. Brute Force WASC-11: http://site/pommo/index.php XSS WASC-08:...

securityvulns•added 2011/12/19 12:0 a.m.•34 views

bzip2 bzexe symbolic links vulnerability

Insecure temporary files creation...

4.6CVSS1.5AI score0.00152EPSS

Exploits2References1Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•173 views

Wordpress the-welcomizer plugin Cross-Site Scripting Vulnerabilities

a bug in Wordpress the-welcomizer plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. Iran Hack Security Team & Islamic Republic Of Iran Security Team http://IranHack.Org & http://irist.ir/forum/ Wordpress the-welcomizer plugin Cross-Site Scripting Vulnerabilities...

securityvulns•added 2011/12/19 12:0 a.m.•27 views

[ MDVSA-2011:185 ] libcap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:185 http://www.mandriva.com/security/ Package : libcap Date : December 12, 2011 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in libcap...

4.6CVSS6AI score0.00055EPSS

securityvulns•added 2011/12/19 12:0 a.m.•32 views

libpurple / Pidgin DoS

Crash on SILC protocol parsing, crash on OSCAR parsing AIM, ICQ...

5CVSS2.3AI score0.0379EPSS

Exploits3References2Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•26 views

libcap protection bypass

chdir is not called after chroot...

4.6CVSS1.8AI score0.00055EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•51 views

libxml library security vulnerabilities

Buffer overflow, unallocated memory reference...

9.3CVSS3.6AI score0.03971EPSS

Exploits3Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•36 views

[USN-1308-1] bzip2 vulnerability

========================================================================== Ubuntu Security Notice USN-1308-1 December 14, 2011 bzip2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.6CVSS0.9AI score0.00152EPSS

securityvulns•added 2011/12/19 12:0 a.m.•121 views

0A29-11-4 : Privilege escalation vulnerabilities in Nagios XI installer < 2011R1.9

================ Privilege escalation vulnerabilities in Nagios XI installer 2011R1.9 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Multiple privilege escalations exist within Nagios XI installer. Tested...

securityvulns•added 2011/12/19 12:0 a.m.•44 views

NGS00137 Patch Notification: Websense Triton 7.6 - Reflected XSS in report management UI

Medium Risk Vulnerability in Websense Triton 15 December 2011 Ben Williams of NGS Secure has discovered a Medium risk vulnerability in Websense Impact: Reflected XSS Versions affected include: Websense Web Security Gateway Anywhere v7.6 Websense Web Security Gateway v7.6 Websense Web Security v7....

securityvulns•added 2011/12/19 12:0 a.m.•56 views

ESA-2011-036: RSA, The Security Division of EMC, announces the release of a Security Fix for RSA(r) Adaptive Authentication (On-Premise)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-036: RSA, The Security Division of EMC, announces the release of a Security Fix for RSA® Adaptive Authentication On-Premise Advisories Updated December 6, 2011 Summary: An issue with RSA® Adaptive Authentication On-Premise was discovered whic...

6.8CVSS0.8AI score0.00216EPSS

securityvulns•added 2011/12/19 12:0 a.m.•43 views

Websense multiple security vulnerabilities

Code execution, crossite scripting...

Exploits0References4

securityvulns•added 2011/12/19 12:0 a.m.•37 views

NGS00140 Patch Notification: Websense Triton 7.6 - Unauthenticated remote command execution as SYSTEM

Critical Vulnerability in Websense Triton 15 December 2011 Ben Williams of NGS Secure has discovered a Critical vulnerability in Websense Impact: Unauthenticated remote command execution as SYSTEM Versions affected include: Websense Web Security Gateway Anywhere v7.6 Websense Web Security Gateway...

securityvulns•added 2011/12/19 12:0 a.m.•57 views

JasPer library security vulnerabilities

Buffer overflow and memory corruption on JPEG2000 parsing...

6.8CVSS4.9AI score0.47823EPSS

Exploits0Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•122 views

Seotoaster SQL-Injection Admin Login Bypass

Advisory: Seotoaster SQL-Injection Admin Login Bypass Advisory ID: INFOSERVE-ADV2011-06 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Seotoaster v.1.9 Vendor URL: http://www.seotoaster.com/ Vendor Status: fixed ==========================...

securityvulns•added 2011/12/19 12:0 a.m.•32 views

zFTPServer irectory traversal

Directory traversal in rmdir command...

5.5CVSS3.1AI score0.01135EPSS

Exploits5References1Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•267 views

Citrix Receiver, XenDesktop "Pass-the-hash" Attack

Tested against: Citrix XenDesktop, XenServer, Receiver 5.6 SP2 possibly other versions as well By default, the authentication between the Citrix Receiver client to the Web interface is not configured to use SSL. If a company elects not to use SSL for this, the XML transaction between the receiver...

securityvulns•added 2011/12/19 12:0 a.m.•29 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Exploits0References11Affected Software6

securityvulns•added 2011/12/19 12:0 a.m.•104 views

PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability

Advisory: PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability Advisory ID: SSCHADV2011-035 Author: Stefan Schurtz Affected Software: Successfully tested on PHP-SCMS 1.6.8 Vendor URL: http://php-scms.sourceforge.net/ Vendor Status: unpatched no vendor feedback ========================== Vulnerabilit...

securityvulns•added 2011/12/19 12:0 a.m.•57 views

ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-039: RSA®, The Security Division of EMC, announces security fixes and improvements for RSASecurID® Software Token 4.1 for Microsoft®Windows® Advisories Updated December 12, 2011 Summary: RSA, The Security Division of EMC, announces security...

9.3CVSS0.8AI score0.00462EPSS

securityvulns•added 2011/12/19 12:0 a.m.•127 views

[RT-SA-2011-005] Owl Intranet Engine: Authentication Bypass

Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...

securityvulns•added 2011/12/19 12:0 a.m.•27 views

EMC RSA Adaptive Authentication (On-Premise) security vulnerabilities

Protection bypass is possible...

6.8CVSS4.2AI score0.00216EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•52 views

[ MDVSA-2011:183 ] pidgin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:183 http://www.mandriva.com/security/ Package : pidgin Date : December 10, 2011 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected ...

5CVSS7.8AI score0.0379EPSS

securityvulns•added 2011/12/19 12:0 a.m.•86 views

Microsoft Windows multiple applications DLL hijacking

If application is launched via file type association, current path is set to the path file is located, making it's possible to place DLLs application tries to load dynamically into same directory...

9.3CVSS2.1AI score0.40528EPSS

Exploits1References44Affected Software3

securityvulns•added 2011/12/19 12:0 a.m.•113 views

Multiple vulnerabilities in Browser CRM

Vulnerability ID: HTB23059 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinbrowsercrm.html Product: Browser CRM Vendor: BrowserCRM Limited http://www.browsercrm.com Vulnerable Version: 5.100.01 and probably prior Tested Version: 5.100.01 Vendor Notification: 23 November 2011...

securityvulns•added 2011/12/19 12:0 a.m.•29 views

CS и XSS уязвимости в Zeema CMS

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Content Spoofing и Cross-Site Scripting уязвимостях в системе Zeema CMS. Это украинская коммерческая CMS. Content Spoofing WASC-12: В связи с возможностью прямого обращения к скрипту http://site/counter/counter.php с подделкой параметра ref и...

securityvulns•added 2011/12/19 12:0 a.m.•167 views

RedTeam Pentesting GmbH

Advisory: Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes The Owl Intranet Engine uses no salting in the password hashing procedure. Furthermore, users in the "Administrators" group are able to see the MD5 password hashes of every user using the web interface. Details...

securityvulns•added 2011/12/19 12:0 a.m.•24 views

Sterling Trader integer overflow

Interger overflow on network request parsing...

Exploits0References2Affected Software1

securityvulns•added 2011/12/19 12:0 a.m.•133 views

0A29-11-3 : Cross-Site Scripting vulnerabilities in Nagios XI < 2011R1.9

================ Cross-Site Scripting vulnerabilities in Nagios XI 2011R1.9 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Multiple XSS vulnerabilities exist within Nagios XI. It is entirely likely this...

securityvulns•added 2011/12/19 12:0 a.m.•69 views

zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal

Advisory: zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal Advisory ID: INFOSERVE-ADV2011-09 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on zFTPServer Suite 6.0.0.52 Vendor URL: http://www.zftpserver.com/ Vendor Status: fixed CVE-ID:...

5.5CVSS6.2AI score0.01135EPSS

securityvulns•added 2011/12/19 12:0 a.m.•44 views

Adobe Acrobat / Reader multiple security vulnerabilities

Vulnerabilities are used in-the-wild for unauthorized access...

10CVSS3AI score0.91601EPSS

securityvulns•added 2011/12/15 12:0 a.m.•35 views

Microsoft Windows Media memory corruption

Memory corruption on .dvr-ms files parsing...

9.3CVSS4.9AI score0.38836EPSS

Exploits1Affected Software1

securityvulns•added 2011/12/15 12:0 a.m.•46 views

ZDI-11-347 : Microsoft Office Word Hidden Border Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-347 : Microsoft Office Word Hidden Border Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-347 December 13, 2011 - -- CVE ID: CVE-2011-1983 - -- CVSS: 9, AV:N/AC:L/Au:N/C:C/I:P/A:P - -- Affected Vendors:...

9.3CVSS0.5AI score0.54748EPSS

securityvulns•added 2011/12/15 12:0 a.m.•91 views

ZDI-11-348 : HP OpenView NNM nnmRptConfig.exe nameParams Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-348 : HP OpenView NNM nnmRptConfig.exe nameParams Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-348 December 13, 2011 - -- CVE ID: CVE-2011-3165 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...

10CVSS0.6AI score0.42815EPSS

Total number of security vulnerabilities47153