Securityvulns - Page 168 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2011/10/10 12:0 a.m.•33 views

VUPEN Security Research - Google Chrome WebKit Engine Ruby Tag Stale Pointer Vulnerability

VUPEN Security Research - Google Chrome WebKit Engine Ruby Tag Stale Pointer Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Google Chrome is a web browser developed by Google that uses the WebKit layout...

securityvulns•added 2011/10/10 12:0 a.m.•39 views

Medium severity flaw with Ark

I recently discovered that the Ark archiving tool is vulnerable to directory traversal via malformed. When attempts are made to view files within the malformed Zip file in Ark's default view, the wrong file may be displayed due to incorrect construction of the temporary file name. Whilst this doe...

6.8CVSS0.7AI score0.00381EPSS

securityvulns•added 2011/10/10 12:0 a.m.•62 views

VMSA-2011-0011 VMware hosted products address remote code execution vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0011 Synopsis: VMware hosted products address remote code execution vulnerability Issue date: 2011-10-04 Updated on: 2011-10-04...

9.3CVSS7.1AI score0.22333EPSS

securityvulns•added 2011/10/10 12:0 a.m.•42 views

[ MDVSA-2011:143 ] rpm

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:143 http://www.mandriva.com/security/ Package : rpm Date : October 5, 2011 Affected: 2009.0, 2010.1, Enterprise Server 5.0 Problem Description: Multiple flaws were found in the way the RPM library parsed...

9.3CVSS8.2AI score0.07655EPSS

securityvulns•added 2011/10/10 12:0 a.m.•48 views

Secunia Research: Cyrus IMAPd NTTP Authentication Bypass Vulnerability

====================================================================== Secunia Research 05/10/2011 - Cyrus IMAPd NTTP Authentication Bypass Vulnerability - ====================================================================== Table of Contents Affected...

securityvulns•added 2011/10/10 12:0 a.m.•71 views

[SECURITY] [DSA 2318-1] cyrus-imapd-2.2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2318-1 [email protected] http://www.debian.org/security/ Nico Golde Oct 6, 2011 http://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.09847EPSS

securityvulns•added 2011/10/10 12:0 a.m.•50 views

Secunia Research: Autonomy Keyview Ichitaro QLST Integer Overflow Vulnerability

====================================================================== Secunia Research 07/10/2011 - Autonomy Keyview Ichitaro QLST Integer Overflow Vulnerability - ====================================================================== Table of Contents Affected...

securityvulns•added 2011/10/10 12:0 a.m.•54 views

[SECURITY] [DSA 2315-1] openoffice.org security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2315-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano October 05, 2011 http://www.debian.org/security/faq -...

4.3CVSS0.6AI score0.01541EPSS

securityvulns•added 2011/10/10 12:0 a.m.•106 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Advisory ID: cisco-sa-20111005-asa Revision 1.0 For Public Release 2011 October 05 1600 UTC GM...

7.9CVSS1.6AI score0.06107EPSS

securityvulns•added 2011/10/05 12:0 a.m.•79 views

vTiger CRM 5.2.x <= Remote Code Execution Vulnerability

vTiger CRM 5.2.x = Remote Code Execution Vulnerability 1. OVERVIEW The vTiger CRM 5.2.1 and lower versions are vulnerable to Remote Code Execution. No fixed version has been released as of 2011-10-05. 2. BACKGROUND vtiger CRM is a free, full-featured, 100 Open Source CRM software ideal for small...

6.8CVSS6.9AI score0.04403EPSS

securityvulns•added 2011/10/04 12:0 a.m.•34 views

Cytel Studio memory corruptions

Memory corruptions on CY3, CYL, CYB files parsing...

Exploits0References1Affected Software1

securityvulns•added 2011/10/04 12:0 a.m.•17 views

GenStat memory corruption

Memory corruptions on GWB and GSH files processing...

Exploits0References1Affected Software1

securityvulns•added 2011/10/04 12:0 a.m.•19 views

ThinVNC / ThinRDP directory traversal

Directory traversal in embedded web server...

Exploits0References1Affected Software3

securityvulns•added 2011/10/04 12:0 a.m.•40 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.00907EPSS

Exploits1References7Affected Software5

securityvulns•added 2011/10/04 12:0 a.m.•26 views

Metropolis Technologies OfficeWatch directory traversal

Embedded web server directory traversal...

Exploits0References1Affected Software1

securityvulns•added 2011/10/04 12:0 a.m.•40 views

SonicWall NSA 4500 protection bypass

ARP spoofing protection doesn't work if used in conjunction...

Exploits0References1Affected Software1

securityvulns•added 2011/10/04 12:0 a.m.•62 views

Phorum 5.2.18 Cross-site scripting vulnerability

Advisory: Phorum 5.2.18 Cross-site scripting vulnerability Advisory ID: SSCHADV2011-023 Author: Stefan Schurtz Affected Software: Successfully tested on Phorum 5.2.18 Vendor URL: http://www.phorum.org/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description:...

securityvulns•added 2011/10/04 12:0 a.m.•80 views

Netvolution referer header SQL injection vulnerability

Netvolution CMS v2.5.8 is vulnerable to a blind SQL injection attack in the HTTP “referer” header. A malicious user may utilize this vulnerability to modify content on the vulnerable website, inject malicious javascript code to a visitor’s browser, collect CMS usernames and plaintext passwords an...

7.5CVSS0.4AI score0.00907EPSS

securityvulns•added 2011/10/04 12:0 a.m.•126 views

Elastix PBX Extensions Enumeration

Exploit Title: Elastix PBX Extensions Enumeration Date: 1 Oct 2011 Author: Bassem Saleh Contact: Injectoratlivedotcom Software Link: http://www.elastix.org/ Version: 2.X and may be below versions Tested on: 2.0.3 ================================================================ Non privileges user...

securityvulns•added 2011/10/04 12:0 a.m.•89 views

SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability

Title: ====== SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability Date: ===== 2011-10-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=196 VL-ID: ===== 196 Introduction: ============= SonicWALL® ViewPoint™ ist ein benutzerfreundliches webbasiertes Reporting-Too...

securityvulns•added 2011/10/04 12:0 a.m.•68 views

vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities

vTiger CRM 5.2.x = Multiple Cross Site Scripting Vulnerabilities 1. OVERVIEW The vTiger CRM 5.2.1 and lower versions are vulnerable to Cross Site Scripting. No fixed version has been released as of 2011-10-04. 2. BACKGROUND vtiger CRM is a free, full-featured, 100 Open Source CRM software ideal f...

securityvulns•added 2011/10/04 12:0 a.m.•33 views

Vulnerabilities in GenStat 14.1.0.5943

Luigi Auriemma Application: GenStat http://www.vsni.co.uk/software/genstat/ Versions: = 14.1.0.5943 Platforms: Windows Bugs: A array overflow with write2 B heap overflow Exploitation: file Date: 01 Oct 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bugs ...

securityvulns•added 2011/10/04 12:0 a.m.•26 views

Multiple vulnerabilities in SonicWall

While pentesting a a WIFI network on a customer, we found some vulnerabilities in the SonicWall NSA 4500. You can find details here: http://www.pentest.es/vulnssonicpoint.txt -------------------------------------------------- Title: ====== SonicWall products with incompatible MAC spoofing...

securityvulns•added 2011/10/04 12:0 a.m.•55 views

DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal

Title ----- DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal Severity -------- High Date Discovered --------------- August 15, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Chris Graham and r@b13$ Vulnerability Description...

securityvulns•added 2011/10/04 12:0 a.m.•41 views

DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval

Title ----- DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval Severity -------- High Date Discovered --------------- September 6th, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description...

securityvulns•added 2011/10/04 12:0 a.m.•40 views

Vulnerabilities in Cytel Studio 9

Luigi Auriemma Application: Cytel Studio: StatXact / LogXact / CrossOver http://www.cytel.com/Software/StatXact.aspx http://www.cytel.com/Software/LogXact.aspx http://www.cytel.com/Software/Crossover.aspx Versions: = 9.0.0 Platforms: Windows Bugs: A strings stack overflow B rows integer overflow ...

securityvulns•added 2011/10/04 12:0 a.m.•33 views

Vulnerability in multiple themes for Drupal

Hello list! The endless saga continue. After informing about a lot of vulnerable plugins and widgets with this swf-file, here is information about multiple vulnerable themes ;-. I want to warn you about Cross-Site Scripting vulnerability in multiple themes for Drupal. And a lot of other themes fo...

securityvulns•added 2011/10/02 12:0 a.m.•26 views

PcVue ActiveX multiple security vulnerabilities

Unsafe methods, array index overflow, code execution...

Exploits0References1Affected Software1

securityvulns•added 2011/10/02 12:0 a.m.•45 views

EViews memory corruptions

Memory corruption on WF1 files parsing, buffer overflow on PRG parsing...

Exploits0References1Affected Software1

securityvulns•added 2011/10/02 12:0 a.m.•42 views

Cisco Unified Communications Manager memory leak

Memory leaks in SIP implementation...

7.8CVSS2.2AI score0.00708EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/10/02 12:0 a.m.•29 views

Cisco Jabber Extensible Communications Platform / Cisco Unified Presence

Resources exhaustion on XML parsing...

7.8CVSS2.9AI score0.00527EPSS

Exploits0References1

securityvulns•added 2011/10/02 12:0 a.m.•16 views

FreeBSD domain socket name buffer overflow

bind buffer overflow on local domain sockets...

Exploits0References1

securityvulns•added 2011/10/02 12:0 a.m.•49 views

Cisco IOS multiple security vulnerabilities

IP SLA DoS, smart install TCP/4786 code execution, memory leaks in IPS and firewall features, multiple SIP vulnerailibites, multiple protocols NAT translation DoS, multiple IPv6 DoS, DLSw DoS...

10CVSS2.2AI score0.25006EPSS

Exploits1References8Affected Software2

securityvulns•added 2011/10/02 12:0 a.m.•32 views

Cisco 10000 routers DoS

Crash on ICMP packets parsing...

7.8CVSS3.4AI score0.00427EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/10/02 12:0 a.m.•51 views

Novell Groupwise multiple security vulnerabilities

Multiple memory corruptions, buffer overflows, integer overflows, heap array overflow...

10CVSS2.3AI score0.21513EPSS

Exploits0References10Affected Software1

securityvulns•added 2011/10/02 12:0 a.m.•53 views

iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability

iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...

10CVSS0.5AI score0.07969EPSS

securityvulns•added 2011/10/02 12:0 a.m.•43 views

VUPEN Security Research - Novell GroupWise "BYWEEKNO" Remote Memory Corruption Vulnerability

VUPEN Security Research - Novell GroupWise Calendar "BYWEEKNO" Remote Memory Corruption Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Novell GroupWise is a messaging and collaborative software platform tha...

securityvulns•added 2011/10/02 12:0 a.m.•64 views

iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability

iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...

10CVSS7.3AI score0.21513EPSS

securityvulns•added 2011/10/02 12:0 a.m.•38 views

FreeBSD Security Advisory FreeBSD-SA-11:05.unix

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:05.unix Security Advisory The FreeBSD Project Topic: Buffer overflow in handling of UNIX socket addresses Category: core Module: kern Announced: 2011-09-28...

securityvulns•added 2011/10/02 12:0 a.m.•59 views

Secunia Research: Novell GroupWise Internet Agent HTTP Interface Buffer Overflow

====================================================================== Secunia Research 27/09/2011 - Novell GroupWise Internet Agent HTTP Interface Buffer Overflow - ====================================================================== Table of Contents Affected...

10CVSS0.7AI score0.11082EPSS

securityvulns•added 2011/10/02 12:0 a.m.•51 views

Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability Advisory ID: cisco-sa-20110928-ipv6 Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +--------------------------------------------------------------------...

7.8CVSS1AI score0.00371EPSS

securityvulns•added 2011/10/02 12:0 a.m.•57 views

Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability Advisory ID: cisco-sa-20110928-ipsla Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...

7.8CVSS0.3AI score0.00602EPSS

securityvulns•added 2011/10/02 12:0 a.m.•72 views

iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability

iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...

10CVSS0.2AI score0.03768EPSS

securityvulns•added 2011/10/02 12:0 a.m.•46 views

VUPEN Security Research - Novell GroupWise "TZNAME" Remote Buffer Overflow Vulnerability

VUPEN Security Research - Novell GroupWise Calendar "TZNAME" Remote Buffer Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Novell GroupWise is a messaging and collaborative software platform that...

securityvulns•added 2011/10/02 12:0 a.m.•48 views

Vulnerabilities in PcVue 10 (SCADA)

Luigi Auriemma Application: PcVue http://www.arcinfo.com/index.php?option=comcontent&id=2&Itemid=151 Versions: PcVue = 10.0 SVUIGrd.ocx = 1.5.1.0 aipgctl.ocx = 1.07.3702 Platforms: Windows Bugs: A code execution in SVUIGrd.ocx Save/LoadObject B write4 in SVUIGrd.ocx GetExtendedColor C possible...

securityvulns•added 2011/10/02 12:0 a.m.•51 views

Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability Advisory ID: cisco-sa-20110928-smart-install Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...

10CVSS1.4AI score0.25006EPSS

securityvulns•added 2011/10/02 12:0 a.m.•67 views

Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability Advisory ID: cisco-sa-20110928-dlsw Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +---------------------------------------------------------------------...

7.8CVSS0.6AI score0.00427EPSS

securityvulns•added 2011/10/02 12:0 a.m.•59 views

Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities Advisory ID: cisco-sa-20110928-ipv6mpls Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +---------------------------------------------------------------------...

7.8CVSS0.8AI score0.00963EPSS

securityvulns•added 2011/10/02 12:0 a.m.•45 views

VUPEN Security Research - Novell GroupWise "integerList" Remote Buffer Overflow Vulnerability

VUPEN Security Research - Novell GroupWise Calendar "integerList" Remote Buffer Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Novell GroupWise is a messaging and collaborative software platform th...

securityvulns•added 2011/10/02 12:0 a.m.•65 views

iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability

iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...

10CVSS7.4AI score0.0557EPSS

Total number of security vulnerabilities47153