Securityvulns - Page 159 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2011/12/15 12:0 a.m.•59 views

Microsoft Office multiple security vulnerabilities

Privilege escalation, use-after-free, insecure DLL loading, memory corruption...

9.3CVSS2.7AI score0.5826EPSS

Exploits9References2Affected Software1

securityvulns•added 2011/12/15 12:0 a.m.•43 views

ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-346 December 13, 2011 - -- CVE ID: CVE-2011-3413 - -- CVSS: 7.5,...

9.3CVSS0.5AI score0.52411EPSS

securityvulns•added 2011/12/15 12:0 a.m.•32 views

Microsoft Active Directory buffer overflow

Buffer overflow on LDAP request parsing...

9CVSS4.9AI score0.4348EPSS

securityvulns•added 2011/12/12 12:0 a.m.•193 views

Vulnerabilities in D-Link DAP 1150

Hello 3APA3A! I want to warn you about security vulnerabilities in D-Link DAP 1150 WiFi Access Point and Router. These are Predictable Resource Location, Brute Force and Cross-Site Request Forgery vulnerabilities. This is my second advisory from series of advisories about vulnerabilities in D-Lin...

securityvulns•added 2011/12/12 12:0 a.m.•110 views

[USN-1295-1] Dovecot vulnerability

========================================================================== Ubuntu Security Notice USN-1295-1 December 08, 2011 dovecot vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.5AI score0.00321EPSS

securityvulns•added 2011/12/12 12:0 a.m.•70 views

[USN-1293-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1293-1 December 08, 2011 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.01502EPSS

securityvulns•added 2011/12/12 12:0 a.m.•19 views

WinAmp integer overflows

Different integer overflows in AVI parsing...

9.3CVSS5.4AI score0.04971EPSS

Exploits2References1Affected Software1

securityvulns•added 2011/12/12 12:0 a.m.•46 views

[SECURITY] [DSA 2359-1] mojarra security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2359-1 [email protected] http://www.debian.org/security/ Florian Weimer December 06, 2011 http://www.debian.org/security/faq -...

6.4CVSS2.9AI score0.00163EPSS

securityvulns•added 2011/12/12 12:0 a.m.•34 views

OSI Security: Squiz Matrix - User Account Enumeration

Squiz Matrix - User Account Enumeration http://www.osisecurity.com.au/advisories/squiz-matrix-user-enumeration Release Date: 12-Dec-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application development tools. ...

securityvulns•added 2011/12/12 12:0 a.m.•45 views

DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection

Title ----- DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection Severity -------- High Date Discovered --------------- November 18, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: sxkeebler and r@b13$ Vulnerability Description...

securityvulns•added 2011/12/12 12:0 a.m.•36 views

Wordpress pretty-link.1.5.2 plugin Cross-Site Scripting Vulnerabilities

a bug in Wordpress pretty-link plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. ISlamic Republic Of IRan Security Team http://irist.ir/forum/ Wordpress pretty-link.1.5.2 plugin Cross-Site Scripting Vulnerabilities...

securityvulns•added 2011/12/12 12:0 a.m.•36 views

WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting Vulnerability

a bug in WordPress flash-album-gallery Plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. Islamic Republic Of Iran Security Team http://irist.ir/forum/ Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities Download......:...

securityvulns•added 2011/12/12 12:0 a.m.•33 views

Secunia Research: Winamp AVI Parsing Two Integer Overflow Vulnerabilities

====================================================================== Secunia Research 12/12/2011 - Winamp AVI Processing Two Integer Overflow Vulnerabilities - ====================================================================== Table of Contents Affected...

9.3CVSS1.1AI score0.04971EPSS

securityvulns•added 2011/12/12 12:0 a.m.•37 views

XSS, SQLi и IL уязвимости в Zeema CMS

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, SQL Injection и Information Leakage уязвимостях в системе Zeema CMS. Это украинская коммерческая CMS. XSS WASC-08: http://site/counter/?act=ip&ipaddr=3Cp20style=-moz-binding:urlhttp://websecurity.com.ua/webtools/xss.xml23xss3...

securityvulns•added 2011/12/12 12:0 a.m.•71 views

[USN-1296-1] acpid vulnerabilities

========================================================================== Ubuntu Security Notice USN-1296-1 December 08, 2011 acpid vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.6CVSS1AI score0.00313EPSS

securityvulns•added 2011/12/12 12:0 a.m.•32 views

Dovecot insufficient SSL certificates validation

Insuficcient certificate validation if used as an SSL proxy...

5.8CVSS2.8AI score0.00321EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/12/12 12:0 a.m.•47 views

[USN-1289-1] colord vulnerability

========================================================================== Ubuntu Security Notice USN-1289-1 December 07, 2011 colord vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.6CVSS0.4AI score0.00109EPSS

securityvulns•added 2011/12/12 12:0 a.m.•47 views

[DCA-2011-0014] - Elxis CMS Cross Site Script

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Elxis CMS Vendor Product Description - Elxis is powerful open source content management system CMS released for free under the GNU/GPL license. It has unique multi-lingual features, it follows W3C...

securityvulns•added 2011/12/12 12:0 a.m.•31 views

colord SQL injection

No description provided...

Exploits0References1Affected Software1

securityvulns•added 2011/12/12 12:0 a.m.•36 views

ACPI scripts privilege escalation

invalid power button events processing, invalid umsk handling...

4.6CVSS2.6AI score0.00313EPSS

Exploits5References1

securityvulns•added 2011/12/12 12:0 a.m.•123 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.4CVSS1.6AI score0.00163EPSS

Exploits0References8Affected Software5

securityvulns•added 2011/12/12 12:0 a.m.•29 views

Meditate Web Content Editor 'username_input' SQL-Injection vulnerability

Advisory: Meditate Web Content Editor 'usernameinput' SQL-Injection vulnerability Advisory ID: SSCHADV2011-039 Author: Stefan Schurtz Affected Software: Successfully tested on Meditate 1.2 Vendor URL: http://www.arlomedia.com/ Vendor Status: fixed ========================== Vulnerability...

securityvulns•added 2011/12/12 12:0 a.m.•52 views

Linux kernel multiple security vulnerabilities

Multiple vulnerabilities in file systems implementations...

7.2CVSS2.2AI score0.01502EPSS

Exploits6References1

securityvulns•added 2011/12/11 12:0 a.m.•40 views

ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-343 December 7, 2011 - -- CVE ID: CVE2011-4260 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

securityvulns•added 2011/12/11 12:0 a.m.•56 views

ZDI-11-342 : Novell ZENworks Asset Management Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-342 : Novell ZENworks Asset Management Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-342 December 7, 2011 - -- CVE ID: CVE-2011-2653 - -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P - -- Affected Vendors: Nove...

10CVSS1AI score0.84689EPSS

securityvulns•added 2011/12/11 12:0 a.m.•28 views

Novell ZENworks Asset Management directory traversal

Directory traversal on file upload...

10CVSS3AI score0.84689EPSS

Exploits15References2Affected Software1

securityvulns•added 2011/12/11 12:0 a.m.•58 views

CA20111208-01: Security Notice for CA SiteMinder

CA20111208-01: Security Notice for CA SiteMinder Issued: December 08, 2011 CA Technologies Support is alerting customers to a potential risk in CA SiteMinder. A vulnerability exists that can allow a malicious user to execute a reflected cross site scripting XSS attack. CA Technologies has issued...

4.3CVSS0.4AI score0.00894EPSS

securityvulns•added 2011/12/11 12:0 a.m.•18 views

HTC Touch2 memory corruption

Memory corruption on 3g2 video files processing...

Exploits0References1

securityvulns•added 2011/12/11 12:0 a.m.•30 views

AST-2011-013: Possible remote enumeration of SIP endpoints with differing NAT settings

Asterisk Project Security Advisory - AST-2011-013 Product Asterisk Summary Possible remote enumeration of SIP endpoints with differing NAT settings Nature of Advisory Unauthorized data disclosure Susceptibility Remote unauthenticated sessions Severity Minor Exploits Known Yes Reported On 2011-07-...

securityvulns•added 2011/12/11 12:0 a.m.•24 views

AST-2011-014: Remote crash possibility with SIP and the "automon" feature enabled

Asterisk Project Security Advisory - AST-2011-014 Product Asterisk Summary Remote crash possibility with SIP and the "automon" feature enabled Nature of Advisory Remote crash vulnerability in a feature that is disabled by default Susceptibility Remote unauthenticated sessions Severity Moderate...

securityvulns•added 2011/12/11 12:0 a.m.•47 views

ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-341 December 7, 2011 - -- CVE ID: CVE-2011-3319 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors:...

9.3CVSS0.4AI score0.02937EPSS

securityvulns•added 2011/12/11 12:0 a.m.•34 views

CA SiteMidner crossite scripting

login.fcc crossite scripting...

4.3CVSS1.4AI score0.00894EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/12/11 12:0 a.m.•106 views

ZDI-11-345 : TrendMicro Control Manager CmdProcessor.exe AddTask Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-345 : TrendMicro Control Manager CmdProcessor.exe AddTask Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-345 December 7, 2011 - -- CVE ID: - -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:P/A:C - -- Affected Vendors:...

securityvulns•added 2011/12/11 12:0 a.m.•38 views

ISC DHCP DoS

Incorrect regular expressions handling...

5CVSS1.2AI score0.32265EPSS

Exploits0Affected Software1

securityvulns•added 2011/12/11 12:0 a.m.•24 views

Trend Micro Control Manager buffer overflow

Buffer overflow on TCP/20101 request parsing...

Exploits0References1

securityvulns•added 2011/12/11 12:0 a.m.•40 views

[SignalSEC Labs]: HTC Touch2 T3333 Video Player Memory Corruption

Affected Software: HTCVideoPlayer.exe Tested on: HTC Touch2 T3333 - Windows Mobile 6.5 Vulnerability: Memory Corruption Details: HTCVideoPlayer is the default media player of HTC Windows Mobile devices. This media player is prone to a memory corruption vulnerability while parsing stbl atom of 3g2...

securityvulns•added 2011/12/11 12:0 a.m.•62 views

ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-340 December 7, 2011 - -- CVE ID: CVE-2011-3248 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

9.3CVSS0.02975EPSS

securityvulns•added 2011/12/11 12:0 a.m.•26 views

chasen library buffer overflow

Buffer overflow on text string parsing...

9.3CVSS4.5AI score0.05803EPSS

Exploits0References1

securityvulns•added 2011/12/11 12:0 a.m.•46 views

[SECURITY] [DSA 2361-1] chasen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2361-1 [email protected] http://www.debian.org/security/ Florian Weimer December 07, 2011 http://www.debian.org/security/faq -...

9.3CVSS2.6AI score0.05803EPSS

securityvulns•added 2011/12/11 12:0 a.m.•55 views

ZDI-11-344 : RealNetworks RealPlayer RV20 Decoding Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-344 : RealNetworks RealPlayer RV20 Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-344 December 7, 2011 - -- CVE ID: CVE-2011-4253 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

10CVSS1AI score0.04054EPSS

securityvulns•added 2011/12/11 12:0 a.m.•59 views

Vulnerabilities in D-Link DSL-500T ADSL Router

Hello 3APA3A! I want to warn you about security vulnerabilities in D-Link DSL-500T ADSL Router. These are Predictable Resource Location, Brute Force and Cross-Site Request Forgery vulnerabilities. This is my first advisory from series of advisories about vulnerabilities in D-Link products...

securityvulns•added 2011/12/11 12:0 a.m.•50 views

RealNetworks RealPlayer multiple security vulnerabilities

Multiple vulnerabilities on different media formats parsing...

10CVSS3.1AI score0.04969EPSS

Exploits0References10Affected Software2

securityvulns•added 2011/12/11 12:0 a.m.•26 views

HP Application Lifestyle Management symbolic links vulnerability

Insecurty temporary files creation...

Exploits0References1Affected Software1

securityvulns•added 2011/12/11 12:0 a.m.•22 views

0A29-11-2 : Privilege escalation vulnerability in HP Application Lifestyle Management (ALM) Platform v11

================ Privilege escalation vulnerability in HP Application Lifestyle Management ALM Platform v11 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ The HP Application Lifestyle Management...

securityvulns•added 2011/12/07 12:0 a.m.•39 views

MIT Kerberos 5 DoS

TGS Null pointer dereference. TGS assertion failure...

7.8CVSS2.3AI score0.01205EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/12/07 12:0 a.m.•81 views

MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-007 MIT krb5 Security Advisory 2011-007 Original release: 2011-12-06 Last update: 2011-12-06 Topic: KDC null pointer dereference in TGS handling CVE-2011-1530 KDC null pointer dereference in TGS handling CVSSv2 Vector:...

6.8CVSS6.1AI score0.00934EPSS

securityvulns•added 2011/12/07 12:0 a.m.•93 views

Vulnerabilities in Serv-U 11.1.0.3

Luigi Auriemma Application: Serv-U FTP http://www.serv-u.com Versions: = 11.1.0.3 Platforms: Windows, Linux bug B should affect only some Windows versions Bugs: A sockets and ports consumption B possible access to the management console Exploitation: remote Date: 03 Dec 2011 Author: Luigi Auriemm...

securityvulns•added 2011/12/07 12:0 a.m.•21 views

Serv-U FTP server security vulnerabilities

Resource exhaustion, administrative session hijacking...

Exploits0References1Affected Software1

securityvulns•added 2011/12/05 12:0 a.m.•27 views

Oxide M0N0X1D3 HTTP server directory traversal

There are multiple weays to download arbitrary files...

Exploits0References1

securityvulns•added 2011/12/05 12:0 a.m.•53 views

ZDI-11-334 : RealNetworks RealPlayer genr Sample Size Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-334 : RealNetworks RealPlayer genr Sample Size Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-334 November 28, 2011 - -- CVE ID: CVE-2011-4251 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

9.3CVSS0.8AI score0.02131EPSS

Total number of security vulnerabilities47153