Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•34 views

SAP applications buffer overflow

Buffer overflow in LZC/LZH implementation...

7.5CVSS3.2AI score0.03518EPSS
Exploits1References1
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•70 views

[USN-2608-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2608-1 May 13, 2015 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

7.8CVSS0.4AI score0.15275EPSS
Exploits1
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•51 views

libvirt / qemu security vulnerabilities

Crash on PCI registers, IDE controller and Physical Region Descriptor Table decoder. Code execution...

7.8CVSS4.1AI score0.15275EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•55 views

Apache Tomcat security vulnerabilities

Resources exhaustion, restrictions bypass...

7.8CVSS2.3AI score0.20318EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•59 views

[CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities

Advisory Information Title: SAP LZC/LZH Compression Multiple Vulnerabilities Advisory ID: CORE-2015-0009 Advisory URL: http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities Date published: 2015-05-12 Date of last update: 2015-05-12 Vendors contacted: SAP Release...

7.5CVSS0.03518EPSS
Exploits2
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•40 views

Cisco Telepresence security vulnerabilities

Code execution, authentication bypass, DoS...

9CVSS3AI score0.02891EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•28 views

Pure Faction game server buffer overflow

Buffer overflow via game chat...

4.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•69 views

Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250

Information -------------------- Advisory by Netsparker. Name: Multiple XSS Vulnerabilities in Concrete5 Affected Software : Concrete5 Affected Versions: 5.7.3.1 and possibly below Vendor Homepage : https://www.concrete5.org Vulnerability Type : Cross-site Scripting Severity : Important CVE-ID:...

4.3CVSS0.1AI score0.02111EPSS
Exploits2
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•36 views

Server buffer overflow in Pure Faction <= 3.0c

Application: Pure Faction http://www.purefaction.org Versions: = 3.0c Platforms: Windows Bug: server buffer overflow Risk: highly critical Exploitation: remote and automatic requires attacker to have joined server Date: 13 Mar 2015 Author: soulsgetnothing e-mail: soulsgetnothing at hotmail dot co...

2.7AI score
Exploits0
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•219 views

[SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2014-7810 Security Manager Bypass Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.15 - - Apache Tomcat 7.0.0 to 7.0.57 - - Apache Tomcat 6.0.0 to 6.0.43 Description: Malicious web...

5CVSS0.1AI score0.13872EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•22 views

Websense Content Gateway certificates check vulnereability

Compromised certificates are incorrectly checked...

2.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•66 views

Sidu 5.2 Admin XSS Vulnerability

Affected Vendor: www.topnew.net/sidu/ Credits: John Page hyp3rlinx Domains: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/AS-SIDU0513.txt Product: Sidu version 5.2 is a web based database front-end administration tool. Advisory Information:...

Exploits0
securityvulns
securityvulns•added 2015/05/17 12:0 a.m.•1671 views

Web India Solutions CMS 2015 - SQL Injection Vulnerability

Document Title: =============== Web India Solutions CMS 2015 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1495 Release Date: ============= 2015-05-13 Vulnerability Laboratory ID VL-ID: ====================================...

0.3AI score
Exploits0
securityvulns
securityvulns•added 2015/05/13 12:0 a.m.•133 views

Adobe Flash Player multiple security vulnerabilities

Buffer overflows, memory corruptions, integer overflows, race conditions, restriction bypass...

10CVSS3.5AI score0.87303EPSS
Exploits10Affected Software1
securityvulns
securityvulns•added 2015/05/13 12:0 a.m.•171 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple buffer overflows, memory corruptions, information disclosures, restriction bypass...

10CVSS2.5AI score0.07417EPSS
Exploits0Affected Software3
securityvulns
securityvulns•added 2015/05/13 12:0 a.m.•35 views

Microsoft SharePoint Server code execution

Code execution via document content...

6CVSS3.4AI score0.12136EPSS
Exploits0Affected Software1
securityvulns
securityvulns•added 2015/05/13 12:0 a.m.•64 views

Adobe Reader / Acrobat multiple security vulnerabilities

Memory corruptions, buffer overlfows, restrictions bypass, DoS...

10CVSS3AI score0.17456EPSS
Exploits0Affected Software2
securityvulns
securityvulns•added 2015/05/13 12:0 a.m.•98 views

Microsoft Windows multiple security vulnerabilities

Buffer overflow, memory corruption, code execution, privilege escalation, restrictions bupass, DoS, information disclosure...

9.3CVSS3.1AI score0.562EPSS
Exploits40Affected Software1
securityvulns
securityvulns•added 2015/05/13 12:0 a.m.•43 views

Microsoft Office memory corruptions

Memory corruptions on documents parsing...

9.3CVSS4AI score0.20534EPSS
Exploits0Affected Software2
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•67 views

Manage Engine Desktop Central 9 - CVE-2015-2560 - Unauthorised administrative password reset

A vulnerability exists in the Manage Engine Desktop Central 9 application that affects version build 90130. This may affect earlier releases as well. The vulnerability allows a remote unauthenticated user to change the password of any Manage Engine Desktop Central user with the ‘Administrator’ ro...

0.1AI score0.15613EPSS
Exploits3
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•738 views

Lychee 2.7.1 remote code execution

Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor...

1AI score
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•33 views

NetworkManager directory traversal

File access on modem device handling...

4.6CVSS4AI score0.00534EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•89 views

HotExBilling Manager Cross-site scripting (XSS) vulnerability

Title: ==== HotExBilling Manager – Cross-site scripting XSS vulnerability Credit: ====== Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com CVE: ===== CVE-2015-2781 Date: ==== 12-03-2015 dd/mm/yyyy Vendor: ====== Hotspot Express has been in the billing solution business sinc...

4.3CVSS0.2AI score0.01883EPSS
Exploits2
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•48 views

[SECURITY] [DSA 3218-1] wesnoth-1.10 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3218-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 10, 2015 http://www.debian.org/security/faq -...

5CVSS2.1AI score0.02322EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•126 views

[ MDVSA-2015:185 ] dokuwiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:185 http://www.mandriva.com/en/support/security/ Package : dokuwiki Date : March 31, 2015 Affected: Business Server 1.0 Problem Description: Updated dokuwiki packages fix security vulnerabilities:...

6.5CVSS6.6AI score0.02882EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•39 views

Google Analytics by Yoast stored XSS #2

OVERVIEW ========== Google Analytics by Yoast is one of the most popular WordPress plug-ins with over 7 million downloads and "1+ million" active installs. Last month Yoast patched a stored XSS we reported in the plug-in. Shortly after this we identified another bug of a similar severity. The...

0.1AI score
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•71 views

[ MDVSA-2015:167 ] glpi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:167 http://www.mandriva.com/en/support/security/ Package : glpi Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated glpi package fixes security vulnerabilities: Due to a bug in...

7.5CVSS7.1AI score0.03167EPSS
Exploits4
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•113 views

[CVE-2014-5361][CVE-2014-5362]Landesk Management Suite RFI & CSRF Security Vulnerabilities

Exploit Title: Landesk Management Suite RFI and CSRF vulnerabilities Product: Landesk Management Suite Vulnerable Versions: 9.5 and possible previous versions, 9.6 Tested Version: 9.5 Advisory Publication: 16/04/2015 Latest Update: 16/04/2015 Vulnerability Type: Cross-site request forgery CWE-352...

6.8CVSS7.3AI score0.03162EPSS
Exploits5
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•76 views

Multiple Cross-Site Scripting (XSS) in FreePBX

Advisory ID: HTB23253 Product: FreePBX Vendor: Sangoma Technologies Vulnerable Versions: 12.0.43 and probably prior Tested Version: 12.0.43 Advisory Publication: March 18, 2015 without technical details Vendor Notification: March 18, 2015 Vendor Patch: March 27, 2015 Public Disclosure: April 22,...

4.3CVSS6.4AI score0.02776EPSS
Exploits2
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•41 views

[USN-2581-1] NetworkManager vulnerability

========================================================================== Ubuntu Security Notice USN-2581-1 April 28, 2015 network-manager vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

4.6CVSS1AI score0.00534EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•62 views

[CVE-2015-2926] XSS vuln in phpTrafficA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Product: phpTrafficA Product page: http://soft.zoneo.net/phpTrafficA/ Affected versions: Up to and including 2.3 latest as of writing. Description: The user agent string provided by the browser is not sanitized nor escaped when handled. This string ...

7.2AI score0.01906EPSS
Exploits2
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•34 views

GoAhead Web Server security vulnerabilities

Directory traversal, buffer overflow...

7.5CVSS4AI score0.28417EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•32 views

EMC Isilon OneFS privilege escalation

Local files access...

7.2CVSS3.3AI score0.00548EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•65 views

[SECURITY] [DSA 3230-1] django-markupfield security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3230-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini April 20, 2015 http://www.debian.org/security/faq -...

5CVSS2.2AI score0.01792EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•38 views

Appweb web server DoS

NULL poiinter dereference on Range: header parsing...

5CVSS2.2AI score0.5643EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•47 views

Reflected Cross-Site Scripting vulnerability in asdoc generated documentation

------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in asdoc generated documentation ------------------------------------------------------------------------ Radjnies Bhansingh, March 2014...

0.5AI score
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•39 views

ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability EMC Identifier: ESA-2015-044 CVE Identifier: CVE-2015-0527 Severity Rating: CVSS v2 Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC Documentum xCelerat...

2.1CVSS0.5AI score0.0048EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•58 views

[SECURITY] [DSA 3257-1] mercurial security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3257-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 11, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.63178EPSS
Exploits6
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•31 views

quassel SQL injection

SQL injection via messages...

7.5CVSS4.1AI score0.0211EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•40 views

mercurial code execution

Code injection via clone command...

7.5CVSS4.3AI score0.04199EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•64 views

Reflected XSS Vulnerability In Manage Engine Firewall Analyzer

======================================================================== =======Reflected XSS Vulnerability In Manage Engine Firewall Analyzer ======================================================================== ======= . contents:: Table Of Content Overview ======== Title : Reflected XSS...

6.6AI score
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•74 views

[USN-2558-1] Mailman vulnerability

========================================================================== Ubuntu Security Notice USN-2558-1 April 07, 2015 mailman vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.6CVSS0.7AI score0.07964EPSS
Exploits1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•77 views

[ MDVSA-2015:087 ] egroupware

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:087 http://www.mandriva.com/en/support/security/ Package : egroupware Date : March 28, 2015 Affected: Business Server 2.0 Problem Description: Updated egroupware packages fix security vulnerabilities:...

7.5CVSS7.4AI score0.04046EPSS
Exploits1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•59 views

Advisory: CVE-2014-9708: Appweb Web Server

Affected software: Appweb Web Server CVE ID: CVE-2014-9708 Description: An HTTP request with a Range header of the form "Range: x=," ie. with an empty range value will cause a null pointer dereference, leading to a remotely-triggerable DoS. Fixed versions: 4.6.6, 5.2.1 Bug entry:...

5CVSS0.9AI score0.5643EPSS
Exploits2
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•189 views

[ MDVSA-2015:181 ] drupal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:181 http://www.mandriva.com/en/support/security/ Package : drupal Date : March 30, 2015 Affected: Business Server 1.0 Problem Description: Updated drupal packages fix security vulnerabilities: An information...

7.5CVSS8.3AI score0.99974EPSS
Exploits23
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•35 views

Fortinet FortiAnalyzer and FortiManager crossite scripting

Crossite scripting in web interface...

4.3CVSS2AI score0.02388EPSS
Exploits4References1Affected Software2
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•37 views

Novell ZenWorks Configuration Management code execution

Code execution via web interface...

10CVSS3.4AI score0.74516EPSS
Exploits9References1Affected Software1
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•72 views

[SECURITY ANNOUNCEMENT] CVE-2015-0225

CVE-2015-0225: Apache Cassandra remote execution of arbitrary code Severity: Important Vendor: The Apache Software Foundation Versions Affected: Cassandra 1.2.0 to 1.2.19 Cassandra 2.0.0 to 2.0.13 Cassandra 2.1.0 to 2.1.3 Description: Under its default configuration, Cassandra binds an...

7.5CVSS1.8AI score0.06692EPSS
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•77 views

SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows

SEC Consult Vulnerability Lab Security Advisory 20150409-0 ======================================================================= title: Multiple XSS & XSRF vulnerabilities product: Comalatech Comala Workflows vulnerable version: = 4.6.1 fixed version: 4.6.2 for Confluence 5.4+ and 4.5.4 for...

0.2AI score
Exploits0
securityvulns
securityvulns•added 2015/05/12 12:0 a.m.•29 views

Battle of Wesnoth directory traversal

Directory traversal on maps loading...

5CVSS2.9AI score0.02322EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities47153