Securityvulns - Page 16 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/06/08 12:0 a.m.•58 views

CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin [Local File Inclusion]

Exploit Title: CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin Local File Inclusion Date: 2015/06/01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://zanematthew.com/ Software Link:...

5CVSS0.13405EPSS

securityvulns•added 2015/06/08 12:0 a.m.•675 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.13405EPSS

Exploits44References29Affected Software18

securityvulns•added 2015/06/08 12:0 a.m.•77 views

Stored XSS in WP Photo Album Plus WordPress Plugin

Advisory ID: HTB23257 Product: WP Photo Album Plus WordPress Plugin Vendor: J.N. Breetvelt Vulnerable Versions: 6.1.2 and probably prior Tested Version: 6.1.2 Advisory Publication: April 29, 2015 without technical details Vendor Notification: April 29, 2015 Vendor Patch: April 29, 2015 Public...

4.3CVSS0.1AI score0.02424EPSS

securityvulns•added 2015/06/08 12:0 a.m.•66 views

Symphony CMS 2.6.2

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-SYMPHONY0606.txt Vendor: ================================ www.getsymphony.com/download/ Product: ================================ Symphony CMS 2.6.2 Advisory Information:...

securityvulns•added 2015/06/08 12:0 a.m.•34 views

Sendio ESP information disclosure

Session disclosure via Referer...

5CVSS1.8AI score0.06651EPSS

Exploits6References1Affected Software1

securityvulns•added 2015/06/02 12:0 a.m.•20 views

Apple iOS memory corruption

A combination of UTF-8 characters leads to memory corruption...

securityvulns•added 2015/06/02 12:0 a.m.•908 views

Skype DoS

Crash on parsing message with http://: URL from older application version...

Exploits0Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•44 views

HP LoadRunner buffer overflow

No description provided...

10CVSS2.2AI score0.1078EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•53 views

[SECURITY] [DSA 3272-1] ipsec-tools security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3272-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 23, 2015 http://www.debian.org/security/faq -...

7.8CVSS2AI score0.09798EPSS

securityvulns•added 2015/06/01 12:0 a.m.•37 views

ipsec-tools DoS

NULL pointer dereference on UDP packet parsing...

7.8CVSS3.8AI score0.09798EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•53 views

[SECURITY] [DSA 3271-1] nbd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3271-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini May 23, 2015 http://www.debian.org/security/faq -...

7.8CVSS2.1AI score0.03644EPSS

securityvulns•added 2015/06/01 12:0 a.m.•33 views

nbd securityvulnerabilities

Different DoS conditions...

7.8CVSS2.2AI score0.03644EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•90 views

Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability

Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability -- http://www.info-sec.ca/advisories/Thycotic-SecretServer.html Overview "With the Password Manager Secret Server app, you can access passwords for an EXISTING on-premise Secret Server or Secret Server...

securityvulns•added 2015/06/01 12:0 a.m.•68 views

Eisbar SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability

Document Title: =============== Eisbar SCADA All Versions - iOS, Android & W8 - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1456 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID:...

securityvulns•added 2015/06/01 12:0 a.m.•29 views

HP Easy Setup Wizard privilege escalation

No description provided...

7.2CVSS1.5AI score0.00622EPSS

Exploits0References1Affected Software2

securityvulns•added 2015/06/01 12:0 a.m.•68 views

HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability

Document Title: =============== HiDisk 2.4 iOS - currentFolderPath Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1496 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ===================================...

securityvulns•added 2015/06/01 12:0 a.m.•41 views

Synology DiskStation / Synology PhotoStation security vulnerabilities

Crossite scripting, commands injection...

Exploits0References3Affected Software2

securityvulns•added 2015/06/01 12:0 a.m.•31 views

EMC Document Sciences xPression SQL injection

No description provided...

6.5CVSS2.4AI score0.00991EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•87 views

[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04594015 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04594015 Version: 1 HPSBGN03286 rev....

10CVSS0.3AI score0.1078EPSS

securityvulns•added 2015/06/01 12:0 a.m.•36 views

[security bulletin] HPSBHF03340 rev.1 - HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard, Local Unauthorized Access, Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 UPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04692275 Version: 1 HPSBHF03340 rev.1 - HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard, Local Unauthorized Access, Elevation of Privilege NOTICE: The information in this...

7.2CVSS0.2AI score0.00622EPSS

securityvulns•added 2015/06/01 12:0 a.m.•34 views

SAP Hana security vulnerabilities

Information spoofing, information disclosure...

4CVSS0.7AI score0.0126EPSS

Exploits0References2Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•30 views

D-Link NAS / NVR multiple security vulnerabilities

More than 50 different vulnerabilities...

Exploits0References1

securityvulns•added 2015/06/01 12:0 a.m.•33 views

Synology Photo Station multiple Cross-Site Scripting vulnerabilities

------------------------------------------------------------------------ Synology Photo Station multiple Cross-Site Scripting vulnerabilities ------------------------------------------------------------------------ Han Sahin, May 2015...

securityvulns•added 2015/06/01 12:0 a.m.•71 views

[SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices

Overwiew -------- SEARCH-LAB performed an independent security assessment on four different D-Link devices. The assessment has identified altogether 53 unique vulnerabilities in the latest firmware dated 30-07-2014. Several vulnerabilities can be abused by a remote attacker to execute arbitrary...

10CVSS0.3AI score0.20881EPSS

securityvulns•added 2015/06/01 12:0 a.m.•210 views

iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability

Document Title: =============== iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1494 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID VL-ID:...

securityvulns•added 2015/06/01 12:0 a.m.•32 views

HP SiteScope privilege escalation

No description provided...

8.7CVSS1.5AI score0.03456EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•78 views

CVE-2015-1835: ...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2015-1835: Remote exploit of secondary configuration variables in Apache Cordova on Android Severity: High Vendor: The Apache Software Foundation Versions Affected: Cordova Android up to 4.0.1 3.7.2 excluded Description: Android applications bui...

2.6CVSS1.8AI score0.05911EPSS

securityvulns•added 2015/06/01 12:0 a.m.•57 views

[Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2015-006: SAP HANA Information Disclosure via SQL IMPORT FROM statement 1. Impact on Business ===================== Under certain conditions some SAP HANA Database commands could be abused by a remote authenticated...

4CVSS0.4AI score0.0126EPSS

securityvulns•added 2015/06/01 12:0 a.m.•44 views

[security bulletin] HPSBGN03325 rev.1 - HP SiteScope, Remote Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04688784 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04688784 Version: 1 HPSBGN03325 rev....

8.7CVSS1.1AI score0.03456EPSS

securityvulns•added 2015/06/01 12:0 a.m.•31 views

Command injection vulnerability in Synology Photo Station

------------------------------------------------------------------------ Command injection vulnerability in Synology Photo Station ------------------------------------------------------------------------ Han Sahin, May 2015 ------------------------------------------------------------------------...

securityvulns•added 2015/06/01 12:0 a.m.•105 views

OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities

Document Title: =============== OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1494 Release Date: ============= 2015-05-18 Vulnerability Laboratory ID VL-ID: ===================================...

securityvulns•added 2015/06/01 12:0 a.m.•50 views

ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability CVE Identifier: CVE-2015-0540 Severity Rating: CVSSv2 Base Score: 8.0 AV:N/AC:L/Au:S/C:P/I:P/A:C Affected products: • EMC Document Sciences xPression 4.2 • EMC Document Sciences...

6.5CVSS0.5AI score0.00991EPSS

securityvulns•added 2015/06/01 12:0 a.m.•33 views

HP Access Control Software unauthorized access

No description provided...

4CVSS2.3AI score0.01168EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/06/01 12:0 a.m.•76 views

Wireless Photo Transfer v3.0 iOS - File Include Vulnerability

Document Title: =============== Wireless Photo Transfer v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1492 Release Date: ============= 2015-05-12 Vulnerability Laboratory ID VL-ID:...

securityvulns•added 2015/06/01 12:0 a.m.•55 views

[security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 UPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04649315 Version: 1 HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release...

4CVSS0.1AI score0.01168EPSS

securityvulns•added 2015/06/01 12:0 a.m.•58 views

[Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security AdvisoryONAPSIS-2015-007: SAP HANA Log Injection Vulnerability 1. Impact on Business ===================== Under certain conditions the SAP HANA XS engine is vulnerable to arbitrary log injection, allowing remote authenticated attacke...

4CVSS0.7AI score0.01196EPSS

securityvulns•added 2015/06/01 12:0 a.m.•25 views

Reflected Cross-Site Scripting in Synology DiskStation Manager

------------------------------------------------------------------------ Reflected Cross-Site Scripting in Synology DiskStation Manager ------------------------------------------------------------------------ Han Sahin, May 2015...

securityvulns•added 2015/05/25 12:0 a.m.•86 views

[SECURITY] [DSA 3270-1] postgresql-9.4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3270-1 [email protected] http://www.debian.org/security/ Christoph Berg May 22, 2015 http://www.debian.org/security/faq -...

4.3CVSS0.4AI score0.08496EPSS

securityvulns•added 2015/05/25 12:0 a.m.•38 views

PostgreSQL multiple security vulnerabilities

DoS, information disclosure...

4.3CVSS1.2AI score0.08496EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/05/25 12:0 a.m.•90 views

APPLE-SA-2015-05-19-1 Watch OS 1.0.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-05-19-1 Watch OS 1.0.1 Watch OS 1.0.1 is now available and addresses the following: Certificate Trust Policy Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Update to the certificate trust policy Descriptio...

7.5CVSS0.4AI score0.19633EPSS

securityvulns•added 2015/05/25 12:0 a.m.•92 views

[SECURITY] [DSA 3267-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3267-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 22, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.07855EPSS

securityvulns•added 2015/05/25 12:0 a.m.•31 views

fuse NTFS-3G privilege escalation

Insufficient filtering of environment variables...

3.6CVSS3.9AI score0.01008EPSS

Exploits5References1Affected Software1

securityvulns•added 2015/05/25 12:0 a.m.•52 views

Google Chrome / Chromium multiple security vulnerabilities

No description provided...

7.5CVSS1.7AI score0.07855EPSS

Exploits7References3Affected Software1

securityvulns•added 2015/05/25 12:0 a.m.•59 views

Apple Watch multiple security vulnerabilities

Information interception, memory corruptions, code execution, information disclosure, DoS, privilege escalation...

7.5CVSS2.9AI score0.19633EPSS

Exploits4References1Affected Software1

securityvulns•added 2015/05/25 12:0 a.m.•58 views

[SECURITY] [DSA 3268-1] ntfs-3g security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3268-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 22, 2015 http://www.debian.org/security/faq -...

3.6CVSS2.3AI score0.01008EPSS

securityvulns•added 2015/05/18 12:0 a.m.•188 views

SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20150513-0 ======================================================================= title: Multiple critical vulnerabilities product: WSO2 Identity Server other WSO2 Carbon based products may be affected...

securityvulns•added 2015/05/18 12:0 a.m.•283 views

phpMyAdmin 4.4.6 Man-In-the-Middle API Github

phpMyAdmin 4.4.6 Man-In-the-Middle to API Github CVE-2015-3903 Author: Maksymilian Arciemowicz from https://cxsecurity.com Issue type: CWE-295 Source URL: http://cxsecurity.com/issue/WLB-2015050095 --- Description --- As we can read CURLOPTSSLVERIFYPEER option...

4.3CVSS0.1AI score0.01584EPSS

securityvulns•added 2015/05/18 12:0 a.m.•287 views

SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2)

SEC Consult Vulnerability Lab Security Advisory 20150514-0 ======================================================================= title: Multiple vulnerabilities product: Loxone Smart Home vulnerable version: Firmware version 6.4.5.12 fixed version: 6.4.5.12 impact: Critical homepage:...

securityvulns•added 2015/05/18 12:0 a.m.•68 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.6AI score0.02111EPSS

Exploits3References6Affected Software6

securityvulns•added 2015/05/17 12:0 a.m.•42 views

Certificate trust vulnerability in Websense Content Gateway

SUMMARY Websense Content Gateway proxy explicitly trusts compromised certificate authorities Affected versions: Content Gateway 7.8.x Not affected: Content Gateway 7.7.x, 8.0 DESCRIPTION Websense Content Gateway is a filtering web proxy and content inspection application based on a modified...

Total number of security vulnerabilities47153