Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/10/02 12:0 a.m.48 views

VUPEN Security Research - Novell GroupWise "TZNAME" Remote Buffer Overflow Vulnerability

VUPEN Security Research - Novell GroupWise Calendar "TZNAME" Remote Buffer Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Novell GroupWise is a messaging and collaborative software platform that...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.53 views

Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability Advisory ID: cisco-sa-20110928-ipv6 Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +--------------------------------------------------------------------...

7.8CVSS1AI score0.01785EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.42 views

Cisco Unified Communications Manager memory leak

Memory leaks in SIP implementation...

7.8CVSS2.2AI score0.01702EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.67 views

Secunia Research: Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability

====================================================================== Secunia Research 27/09/2011 - Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability - ====================================================================== Table of Contents Affected...

10CVSS0.8AI score0.06119EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.65 views

Cisco Security Advisory: Cisco 10000 Series Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco 10000 Series Denial of Service Vulnerability Advisory ID: cisco-sa-20110928-c10k Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +---------------------------------------------------------------------...

7.8CVSS1.2AI score0.0177EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.50 views

Cisco IOS multiple security vulnerabilities

IP SLA DoS, smart install TCP/4786 code execution, memory leaks in IPS and firewall features, multiple SIP vulnerailibites, multiple protocols NAT translation DoS, multiple IPv6 DoS, DLSw DoS...

10CVSS2.2AI score0.10757EPSS
Exploits1References8Affected Software2
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.53 views

Novell Groupwise multiple security vulnerabilities

Multiple memory corruptions, buffer overflows, integer overflows, heap array overflow...

10CVSS2.3AI score0.09547EPSS
Exploits0References10Affected Software1
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.60 views

Secunia Research: Novell GroupWise Internet Agent HTTP Interface Buffer Overflow

====================================================================== Secunia Research 27/09/2011 - Novell GroupWise Internet Agent HTTP Interface Buffer Overflow - ====================================================================== Table of Contents Affected...

10CVSS0.7AI score0.04822EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.69 views

Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability Advisory ID: cisco-sa-20110928-dlsw Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +---------------------------------------------------------------------...

7.8CVSS0.6AI score0.0177EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/02 12:0 a.m.76 views

iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability

iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...

10CVSS0.2AI score0.05394EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.22 views

Barracuda Backup multiple security vulnerabilities

Authentication bypass, crossite scripting...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.36 views

mutt SSL certificate validation vulnerability

SMTP and POP3 certificate hostname is not validated correctly...

5.8CVSS1.2AI score0.01475EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.67 views

[ MDVSA-2011:138 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:138 http://www.mandriva.com/security/ Package : wireshark Date : September 28, 2011 Affected: 2011. Problem Description: This advisory updates wireshark to the latest version 1.6.2, fixing several security...

9.3CVSS7.9AI score0.35528EPSS
Exploits11
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.78 views

Mozilla Foundation Security Advisory 2011-44

Mozilla Foundation Security Advisory 2011-44 Title: Use after free reading OGG headers Impact: Critical Announced: September 27, 2011 Reporter: sczimmer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Thunderbird 7.0 SeaMonkey 2.4 Description sczimmer reported that Firefox crashed...

9.3CVSS0.5AI score0.03965EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.34 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References7Affected Software7
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.56 views

Bitweaver 2.8.1 Multiple Cross-site Scripting Vulnerabilities

Advisory: Bitweaver 2.8.1 Multiple Cross-site Scripting Vulnerabilities Advisory ID: SSCHADV2011-021 Author: Stefan Schurtz Affected Software: Successfully tested on Bitweaver 2.8.1 Vendor URL: http://www.bitweaver.org Vendor Status: informed CVE-ID: - ========================== Vulnerability...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.55 views

Multiple vulnerabilities in Traq

Vulnerability ID: HTB23046 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesintraq.html Product: Traq Vendor: Jack Polgar http://traqproject.org/ Vulnerable Version: 2.2 and probably prior Tested Version: 2.2 Vendor Notification: 07 September 2011 Vulnerability Type: XSS, SQL...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.57 views

[USN-1221-1] Mutt vulnerability

========================================================================== Ubuntu Security Notice USN-1221-1 September 29, 2011 mutt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.01475EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.23 views

NCSS memory corruption

Memory corruption on S0 files parsing...

3.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.60 views

Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities

Joomla! 1.7.0 | Multiple Cross Site Scripting XSS Vulnerabilities 1. OVERVIEW Joomla! 1.7.0 stable version is vulnerable to multiple Cross Site Scripting issues. 2. BACKGROUND Joomla is a free and open source content management system CMS for publishing content on the World Wide Web and intranets...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.46 views

XSS и FPD уязвимости в Adobe ColdFusion

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых уязвимостях в Adobe ColdFusion. Это Cross-Site Scripting и Full path disclosure уязвимости. XSS WASC-08: http://site/CFIDE/componentutils/componentdetail.cfm?component=3Cbody20onload=alertdocument.cookie3E...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.43 views

Wireshark multiple security vulnerabilities

DoS on different protocols dissectors, unsafe dynamic library loading...

9.3CVSS3.3AI score0.35528EPSS
Exploits11References1Affected Software1
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.71 views

Mozilla Foundation Security Advisory 2011-42

Mozilla Foundation Security Advisory 2011-42 Title: Potentially exploitable crash in the YARR regular expression library Impact: Critical Announced: September 27, 2011 Reporter: Aki Helin Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Thunderbird 7.0 SeaMonkey 2.4 Description...

9.3CVSS0.8AI score0.05007EPSS
Exploits1
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.97 views

European Security Services GPS v1.0 - Multiple Vulnerabilities

Title: ====== European Security Services GPS 1.x - Multiple Vulnerabilities Date: ===== 2011-09-28 VL-ID: ===== 63 Reference: ========== http://www.vulnerability-lab.com/getcontent.php?id=63 Introduction: ============= Fur eine geringe Ortungsgebuhr erhalten Sie einen Zugang zu unserem Online...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.146 views

NGS00109 Patch Notification: ImpressPages CMS Remote code execution

High Risk Vulnerability in ImpressPages CMS 27 September 2011 David Middlehurst of NGS Secure has discovered a High risk vulnerability in ImpressPages CMS v1.0.12. Impact: Remote code execution Please update all instances of Impress Pages to the 1.0.13 release:...

1.8AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.89 views

Mozilla Foundation Security Advisory 2011-41

Mozilla Foundation Security Advisory 2011-41 Title: Potentially exploitable WebGL crashes Impact: Critical Announced: September 27, 2011 Reporter: Michael Jordan, Ben Hawkes Products: Firefox, SeaMonkey Fixed in: Firefox 7.0 SeaMonkey 2.4 Description Michael Jordon of Context IS reported that in...

10CVSS9.5AI score0.04229EPSS
Exploits1
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.104 views

openEngine 2.0 'id' Blind SQL Injection vulnerability

Advisory: openEngine 2.0 'id' Blind SQL Injection vulnerability Advisory ID: SSCHADV2011-019 Author: Stefan Schurtz Affected Software: Successfully tested on openEngine 2.0 100226 Vendor URL: http://www.openengine.de/ Vendor Status: informed CVE-ID: - ========================== Vulnerability...

8.3AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.50 views

[USN-1223-1] Puppet vulnerabilities

========================================================================== Ubuntu Security Notice USN-1223-1 September 30, 2011 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

6.3CVSS0.4AI score0.00352EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.53 views

Arbitrary memory corruption in NCSS 07.1.21

Luigi Auriemma Application: NCSS aka NCSS 2007 http://www.ncss.com/ncss.html Versions: = 07.1.21 Platforms: Windows Bug: array overflow with write2 Exploitation: file Date: 28 Sep 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.55 views

Mozilla Foundation Security Advisory 2011-37

Mozilla Foundation Security Advisory 2011-37 Title: Integer underflow when using JavaScript RegExp Impact: Critical Announced: September 27, 2011 Reporter: Mark Kaplan Products: Firefox 3.6 Fixed in: Firefox 3.6.23 Description Mark Kaplan reported a potentially exploitable crash due to integer...

10CVSS0.8AI score0.05368EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.106 views

Mozilla Foundation Security Advisory 2011-39

Mozilla Foundation Security Advisory 2011-39 Title: Defense against multiple Location headers due to CRLF Injection Impact: Moderate Announced: September 27, 2011 Reporter: Ian Graham Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.23 Thunderbird 7.0 SeaMonkey 2.4...

4.3CVSS1AI score0.02018EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.82 views

Mozilla Foundation Security Advisory 2011-38

Mozilla Foundation Security Advisory 2011-38 Title: XSS via plugins and shadowed window.location object Impact: High Announced: September 27, 2011 Reporter: Boris Zbarsky Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 6.0 Firefox 3.6.23 Thunderbird 6.0 SeaMonkey 2.3 Description Mozil...

4.3CVSS1.1AI score0.01095EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.71 views

Mozilla Foundation Security Advisory 2011-36

Mozilla Foundation Security Advisory 2011-36 Title: Miscellaneous memory safety hazards rv:7.0 / rv:1.9.2.23 Impact: Critical Announced: September 27, 2011 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.23 Thunderbird 7.0...

10CVSS0.3AI score0.05312EPSS
Exploits3
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.49 views

Mozilla Foundation Security Advisory 2011-45

Mozilla Foundation Security Advisory 2011-45 Title: Inferring keystrokes from motion data Impact: Moderate Announced: September 27, 2011 Products: Firefox, SeaMonkey Fixed in: Firefox 7.0 SeaMonkey 2.4 Description University of California, Davis researchers Liang Cai and Hao Chen presented a pape...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.68 views

Mozilla Foundation Security Advisory 2011-40

Mozilla Foundation Security Advisory 2011-40 Title: Code installation through holding down Enter Impact: Critical Announced: September 27, 2011 Reporter: Mariusz Mlynski Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.23 Thunderbird 7.0 SeaMonkey 2.4 Description Marius...

4.3CVSS1.2AI score0.01006EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.50 views

Barracuda Backup v2.0 - Multiple Web Vulnerabilities

Title: ====== Barracuda Backup v2.0 - Multiple Web Vulnerabilities Date: ===== 2011-09-28 References: =========== Barracuda Backup Application v2.0 VL-ID: ===== 31 Introduction: ============= Barracuda Networks - Worldwide leader in email and Web security. Barracuda Backup Service is a complete a...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.72 views

Mozilla Foundation Security Advisory 2011-43

Mozilla Foundation Security Advisory 2011-43 Title: loadSubScript unwraps XPCNativeWrapper scope parameter Impact: Critical Announced: September 27, 2011 Reporter: David Rees Products: Firefox, SeaMonkey Fixed in: Firefox 7.0 SeaMonkey 2.4 Description David Rees reported that the JSSubScriptLoade...

4.3CVSS0.1AI score0.01136EPSS
Exploits0
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.50 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, crossite scripting, code executions, etc...

10CVSS2.7AI score0.05368EPSS
Exploits5References10Affected Software3
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.94 views

AdaptCMS 2.0.1 Multiple security vulnerabilities

Advisory: AdaptCMS 2.0.1 Multiple security vulnerabilities Advisory ID: SSCHADV2011-018 Author: Stefan Schurtz Affected Software: Successfully tested on AdaptCMS 2.0.1 Vendor URL: http://www.adaptcms.com/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability Description:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.49 views

Advisory: Opera Mobile Cache Poisoning XAS

1 Background ============= Android applications are executed in a sandbox environment, to ensure that no application can access sensitive information held by another, without adequate privileges. For example, Opera Mobile holds sensitive information such as cookies, cache and history, and this...

Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.123 views

Re: NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux

Research@NGSSecure [email protected] wrote: Vulnerable SUID script in nomachine NX Server for Linux 3.5.0-4 Advanced and Enterprise across redhat and debian hosts 21 September 2011 NGS Secure has discovered a High risk vulnerability in nomachine NX Server for Linux 3.5.0-4 Advanced and...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.49 views

Multiple vulnerabilities in AWStats

Hello 3APA3A! I want to warn you about multiple security vulnerabilities in AWStats. These are Cross-Site Scripting, Redirector, SQL Injection, HTTP Response Splitting and CRLF Injection vulnerabilities in AWStats in awredir. AWStats includes script Advanced Web Redirector awredir.pl. There were...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.91 views

XSS Vulnerabilities in TWiki < 5.1.0

Information------------------Name : XSS vulnerability in TWikiSoftware : TWiki 5.0.2 and below.Vendor Hompeage : http://twiki.org/Vulnerability Type : Cross-Site ScriptingSeverity : HighResearcher : Mesut Timur mesut at mavitunasecurity dot comAdvisory Reference : NS-11-006CVE : CVE-2011-3010...

4.3CVSS6.3AI score0.06045EPSS
Exploits2
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.179 views

Multiple vulnerabilities in Help Desk Software

Vulnerability ID: HTB23041 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinhelpdesksoftware.html Product: Help Desk Software Vendor: freehelpdesk.org http://freehelpdesk.org/ Vulnerable Version: 1.1b and probably prior Tested Version: 1.1b Vendor Notification: 17 August 2011...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.34 views

Sunway ForceControl multiple security vulnerabilities

Multiple buffer overflows, DoS conditions, directory traversal, ActiveX code execution...

5.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.57 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.06045EPSS
Exploits9References10Affected Software13
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.70 views

Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA)

Luigi Auriemma Application: Sunway ForceControl http://www.sunwayland.com.cn/pro.asp Versions: = 6.1 sp3 with AngelServer and WebServer updated Platforms: Windows Bugs: various stack overflows directory traversals third party ActiveX code execution various Denials of Service Exploitation: remote...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.61 views

NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF - SOS-11-011

Sense of Security - Security Advisory - SOS-11-011 Release Date. 20-Sep-2011 Last Update. - Vendor Notification Date. 22-Mar-2011 Product. NETGEAR Wireless Cable Modem Gateway CG814WG Affected versions. Hardware 1.03, Software V3.9.26 R14 verified, possibly others Severity Rating. High Impact...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.56 views

[email protected]

Research@NGSSecure [email protected] wrote: Vulnerable SUID script in nomachine NX Server for Linux 3.5.0-4 Advanced and Enterprise across redhat and debian hosts 21 September 2011 NGS Secure has discovered a High risk vulnerability in nomachine NX Server for Linux 3.5.0-4 Advanced and...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2011/09/26 12:0 a.m.44 views

TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation

Trustwave's SpiderLabs Security Advisory TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation https://www.trustwave.com/spiderlabs/advisories/TWSL2011-014.txt Published: 2011-09-23 Version: 1.0 Vendor: Pantech http://www.pantechusa.com Product: Link P7040P, others may be vulnerab...

6.8AI score
Exploits0
Total number of security vulnerabilities47153