Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•53 views

Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities

Advisory: Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities Advisory ID: SSCHADV2011-031 Author: Stefan Schurtz Affected Software: Successfully tested on Yet Another CMS 1.0 Vendor URL: http://yetanothercms.codeplex.com/ Vendor Status: informed EDB-ID: 17997 ==========================...

7.4AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•55 views

DAEMON Tools IOCTL local denial-of-service vulnerability

Advisory: DAEMON Tools IOCTL local denial-of-service vulnerability Advisory ID: JVNDB-2011-000085 Author: Satoshi TANDA Affected Software: Successfully tested on DAEMON Tools 4.40 Vendor URL: http://www.daemon-tools.cc/eng/home Vendor Status: fixed CVE-ID: CVE-2011-3987 ==========================...

4.9CVSS6.3AI score0.00107EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•51 views

Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability Advisory ID: cisco-sa-20111019-cs Revision 1.0 For Public Release 2011 October 19 16:00 UTC GMT...

9CVSS1.8AI score0.27336EPSS
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•63 views

msgid:[email protected][email protected]&[email protected]&folder=\\3APA3A\Bugtraq&subject=Related%20POC%20for%20JCE%20Joomla%20Extension%20<%3D2

After release of vendor supplied patch for JCE's vulnerabilities, AmnPardaz is going to submit related POC for this issue in Perl and PHP after one month for educational purposes. PHP Version: ?php www.bugreport.ir AmnPardaz Security Research & Penetration Testing Group Title: Exploit for JCE...

0.2AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•126 views

DNS Poisoning via Port Exhaustion

Hey, Today we are releasing a very interesting whitepaper which describes a DNS poisoning attack against stub resolvers. It discloses two vulnerabilities: 1. A vulnerability in Java CVE-2011-3552, CVE-2010-4448 which enables remote DNS poisoning using Java applets. This vulnerability can be...

2.6CVSS9.2AI score0.01681EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•43 views

Site@School 2.4.10 SQL Injection & XSS vulnerabilities

Advisory: Site@School 2.4.10 SQL Injection & XSS vulnerabilities Advisory ID: SSCHADV2011-030 Author: Stefan Schurtz Affected Software: Successfully tested on Site@School 2.4.10 Vendor URL: http://sourceforge.net/projects/siteatschool/ Vendor Status: insecure and no longer maintained CVE-ID: -...

7.4AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•45 views

KaiBB 2.0.1 XSS and SQL Injection vulnerabilities

Advisory: KaiBB 2.0.1 XSS and SQL Injection vulnerabilities Advisory ID: SSCHADV2011-027 Author: Stefan Schurtz Affected Software: Successfully tested on KaiBB 2.0.1 Vendor URL: http://code.google.com/p/kaibb/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description...

Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•92 views

ZOHO ManageEngine ADSelfService Plus Administrative Access

ZOHO ManageEngine ADSelfService Plus Administrative Access ========================================================== ADVISORY INFORMATION Title: ZOHO ManageEngine ADSelfService Plus Administrative Access Release date: 10/10/2011 Last update: 10/10/2011 Credits: Roberto Paleari, Emaze Networks...

Exploits1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•38 views

AST-2011-012: Remote crash vulnerability in SIP channel driver

Asterisk Project Security Advisory - AST-2011-012 Product Asterisk Summary Remote crash vulnerability in SIP channel driver Nature of Advisory Remote crash Susceptibility Remote authenticated sessions Severity Critical Exploits Known No Reported On October 4, 2011 Reported By Ehsan Foroughi Poste...

6.8CVSS0.9AI score0.06434EPSS
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•31 views

tor multiple security vulnerabilities

Heap buffer overflow, DoS, key information leak...

6.8CVSS1.8AI score0.05919EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•28 views

Cisco CiscoWorks Common Services code execution

It's possible to execute code with LocalSystem privileges...

9CVSS4.6AI score0.27336EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•32 views

Daemon Tools DoS

Crash on IOCTL processing...

4.9CVSS2.4AI score0.00107EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•38 views

Multiple vulnerabilities in BugFree

Vulnerability ID: HTB23048 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinbugfree.html Product: BugFree Vendor: www.bugfree.org.cn http://www.bugfree.org.cn/ Vulnerable Version: 2.1.3 and probably prior Tested Version: 2.1.3 Vendor Notification: 21 September 2011 Vulnerabili...

5.9AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•91 views

TeamSHATTER Security Advisory: SQL Injection Vulnerability in Oracle DROP INDEX for spatial datatypes

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory October 20, 2011 Risk Level: High Affected versions: Oracle Database Server version 10gR1, 10gR2, 11gR1 and 11gR2 Remote exploitable: No Credits: This vulnerability was discovered and researched by Martin Rakhmanov of...

6.5CVSS0.4AI score0.00509EPSS
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•60 views

Google App Enging SDK Code Execution Vulnerability (CVE 2011-1364)

We recently identified an interesting code execution vulnerability in the Google App Engine SDK for Python. By combining a CSRF vulnerability in the administration web UI, with some other unique vulnerabilities we found in the Google python libraries, a remote hacker could gain remote code...

6.8CVSS1.1AI score0.00149EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•168 views

Multiple vulnerabilities in Pretty Link WordPress Plugin

Vulnerability ID: HTB23049 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinprettylinkwordpressplugin.html Product: Pretty Link WordPress Plugin Vendor: Caseproof http://blairwilliams.com/ Vulnerable Version: 1.4.56 and probably prior Tested Version: 1.4.56 Vendor Notification...

0.2AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•39 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruptions with code execution...

9.3CVSS2.7AI score0.77281EPSS
Exploits13References7Affected Software1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•89 views

Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow Vulnerability

Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow Vulnerability tested against: Microsoft Windows 2k3 r2 sp2 Oracle Hyperion Performance Management and BI v11.1.2.1.0 download url of the Oracle Hyperion suite:...

0.4AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•77 views

MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-006 MIT krb5 Security Advisory 2011-006 Original release: 2011-10-18 Last update: 2011-10-18 Topic: KDC denial of service vulnerabilities CVE-2011-1527: null pointer dereference in KDC LDAP back end CVSSv2 Vector:...

7.8CVSS6.3AI score0.05459EPSS
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•53 views

Joomla Component (com_sgicatalog) <= SQL Injection Vulnerability

Exploit Title: Joomla Component comsgicatalog = SQL Injection Vulnerability Google Dork: inurl:index.php?option=comsgicatalog Date: 2011-10-12 Author: BHG Security Center Home: Http://black-hg.org Software Link: http://joomlaapps.com/ Version: 1.x Tested on: Windows XP- Persian CVE : Webapps...

1.4AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•62 views

OCS Inventory NG 2.0.1 Persistent XSS (CVE-2011-4024)

OCS Inventory NG 2.0.1 Persistent XSS CVE-2011-4024 ------------------------------------------------------- Software : Open Computer and Software OCS Inventory NG Download : http://www.ocsinventory-ng.org/ Discovered by : Nicolas DEROUET nicolas.derouetgmailcom Discover : 2011-10-04...

4.3CVSS0.4AI score0.10895EPSS
Exploits6
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•34 views

[security bulletin] HPSBPI02711 SSRT100647 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03052686 Version: 1 HPSBPI02711 SSRT100647 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Information Disclosure NOTICE: The information in this Security Bulletin should be act...

1.2CVSS0.2AI score0.00188EPSS
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•72 views

Oracle / Sun / People Soft applications multiple security vulnerabilities

Quarterly CPU fixes 50 security vulnereabilities...

9.3CVSS2.1AI score0.90456EPSS
Exploits20References4Affected Software11
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•72 views

Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities Advisory ID: cisco-sa-20111019-sns Revision 1.0 For Public Release 2011 October 19 16:00 UTC GMT +--------------------------------------------------------------------- Summary...

7.5CVSS0.5AI score0.01507EPSS
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•56 views

Code Execution and FPD vulnerabilities in Simple:Press Forum for WordPress

Hello 3APA3A! I want to warn you about multiple security vulnerabilities in plugin Simple:Press Forum for WordPress. These are Code Execution and Full path disclosure vulnerabilities. Code Execution WASC-31: Execution of arbitrary code is possible via TinyBrowser. As I already told concerning...

1.2AI score
Exploits0
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•51 views

LedgerSMB 1.3.0 released, includes anti-XSRF framework

Hi all; LedgerSMB 1.3.0 has been released. One of the important enhancements this version has is protection against cross-site request forgery XSRF, notably missing in past versions. The codebase we inherited when beginning the project has not been very conducive to retrofitting security framewor...

6.8CVSS0.4AI score0.00171EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•49 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.10895EPSS
Exploits8References22Affected Software14
securityvulns
securityvulns•added 2011/10/24 12:0 a.m.•73 views

Apple OS X multiple security vulnerabilities

Multiple vulnerabilities in different system components...

9.3CVSS2AI score0.90456EPSS
Exploits86References3Affected Software1
securityvulns
securityvulns•added 2011/10/23 12:0 a.m.•58 views

VUPEN Security Research - Microsoft Internet Explorer "X-UA-COMPATIBLE" Use-after-free Vulnerability

VUPEN Security Research - Microsoft Internet Explorer "X-UA-COMPATIBLE" Use-after-free Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and...

7.5AI score
Exploits0
securityvulns
securityvulns•added 2011/10/23 12:0 a.m.•34 views

acpid DoS

Large number of connections leads to endless loop...

5CVSS1.7AI score0.08804EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•89 views

ZDI-11-289 : Microsoft Internet Explorer swapNode Handling Remote Code,Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-289 : Microsoft Internet Explorer swapNode Handling Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-289 October 15, 2011 - -- CVE ID: CVE-2011-2000 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

9.3CVSS0.2AI score0.36647EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•56 views

[USN-1232-1] X.Org X server vulnerabilities

========================================================================== Ubuntu Security Notice USN-1232-1 October 18, 2011 xorg-server vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

8.5CVSS0.8AI score0.02846EPSS
Exploits6
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•29 views

SystemTap DoS

Crash on ELF parsing...

1.2CVSS2.3AI score0.00072EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•212 views

Multiple HTTP servers DoS

Range: header processing can lead to memory exhaustion...

7.8CVSS1.4AI score0.90456EPSS
Exploits19References3Affected Software1
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•98 views

ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability

ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-290 October 15, 2011 - -- CVE ID: CVE-2011-2001 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Microsoft - -- Affected Products:...

9.3CVSS0.4AI score0.86795EPSS
Exploits5
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•43 views

[ MDVSA-2011:155 ] systemtap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:155 http://www.mandriva.com/security/ Package : systemtap Date : October 17, 2011 Affected: 2011. Problem Description: Multiple vulnerabilities has been discovered and corrected in systemtap: SystemTap 1.4 a...

1.2CVSS6.2AI score0.00072EPSS
Exploits0
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•26 views

X.Org multiple security vulnerabilities

Memory corruprions, insecure lock file creation...

8.5CVSS2.5AI score0.02846EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•61 views

ZDI-11-287 : Internet Explorer Select Element Cache Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-287 : Internet Explorer Select Element Cache Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-287 October 15, 2011 - -- CVE ID: CVE-2011-1996 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors...

9.3CVSS0.3AI score0.77281EPSS
Exploits5
securityvulns
securityvulns•added 2011/10/20 12:0 a.m.•83 views

ZDI-11-288 : Microsoft Internet Explorer Select Element Insufficient,Type Checking Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-288 : Microsoft Internet Explorer Select Element Insufficient Type Checking Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-288 October 15, 2011 - - -- CVE ID: CVE-2011-1999 - - -- CVSS: 7.5,...

9.3CVSS0.2AI score0.42453EPSS
Exploits2
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•67 views

iDefense Security Advisory 10.11.11: Microsoft Internet Explorer Object Handling Memory Corruption Vulnerability

iDefense Security Advisory 10.11.11 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 11, 2011 I. BACKGROUND Internet Explorer is a graphical web browser developed by Microsoft Corp. that has been included with Microsoft Windows since 1995. For more information about Internet Explorer,...

9.3CVSS6.2AI score0.31819EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•60 views

SEC Consult SA-20111012-0 :: Client-side remote file upload & command execution in Microsoft Forefront UAG Remote Access Agent (CVE-2011-1969)

SEC Consult Vulnerability Lab Security Advisory 20111012-0 ======================================================================= title: Client-side remote file upload & command execution product: Microsoft Forefront Unified Access Gateway Remote Access Agent signed Java applet vulnerable versio...

9.3CVSS0.1AI score0.12912EPSS
Exploits4
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•115 views

iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability

iDefense Security Advisory 10.12.11 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 12, 2011 I. BACKGROUND MobileSafari is Apple's mobile we browser for iOS devices. For more information about MobileSafari, please the visit following website:...

4.3CVSS4.8AI score0.0084EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•125 views

APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006 OS X Lion v10.7.2 and Security Update 2011-006 is now available and addresses the following: Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and...

9.3CVSS0.3AI score0.90456EPSS
Exploits86
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•85 views

APPLE-SA-2011-10-12-2 Apple TV Software Update 4.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-2 Apple TV Software Update 4.4 Apple TV Software Update 4.4 is now available and addresses the following: Apple TV Available for: Apple TV 4.0 through 4.3 Impact: An attacker with a privileged network position may intercept user...

9.3CVSS0.4AI score0.08823EPSS
Exploits7
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•57 views

Apple TV multiple security vulnerabilities

SSL vulnerabilities, vulnerabilities in different media formats parsing...

9.3CVSS3.3AI score0.08823EPSS
Exploits7References1Affected Software1
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•67 views

[USN-1226-1] Samba vulnerabilities

========================================================================== Ubuntu Security Notice USN-1226-1 October 04, 2011 samba vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

3.3CVSS0.3AI score0.01165EPSS
Exploits3
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•79 views

APPLE-SA-2011-10-11-1 iTunes 10.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-11-1 iTunes 10.5 iTunes 10.5 is now available and addresses the following: CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: A man-in-the-middle attack may lead to an unexpected application termination or arbitra...

10CVSS0.2AI score0.7624EPSS
Exploits32
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•38 views

[ GLSA 201110-08 ] feh: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 201110-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

5.1CVSS0.2AI score0.04757EPSS
Exploits1
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•43 views

wget unsafe files creation

Local file is created with server controlled filename...

6.8CVSS1.6AI score0.03833EPSS
Exploits0Affected Software1
securityvulns
securityvulns•added 2011/10/16 12:0 a.m.•64 views

Apple iTunes multiple security vulnerabilities

Multiple security vulnerabilities on different media formats parsing...

10CVSS3.5AI score0.7624EPSS
Exploits32References1Affected Software1
Total number of security vulnerabilities47153