Securityvulns - Page 170 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2011/09/26 12:0 a.m.•147 views

[CVE-2011-3645] Multiple vulnerability in "Omnidocs"

Hi All, I would like to inform about multiple vulnerability in NewGen's Omnidocs application. Exploit Title: Multiple Vulnerability in "Omnidocs" Author: Sohil Garg CVE : CVE-2011-3645 Product Description: OmniDocs is an Enterprise Document Management EDM platform for creating, capturing,...

7.5CVSS0.2AI score0.01007EPSS

securityvulns•added 2011/09/26 12:0 a.m.•43 views

TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation

Trustwave's SpiderLabs Security Advisory TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation https://www.trustwave.com/spiderlabs/advisories/TWSL2011-014.txt Published: 2011-09-23 Version: 1.0 Vendor: Pantech http://www.pantechusa.com Product: Link P7040P, others may be vulnerab...

securityvulns•added 2011/09/26 12:0 a.m.•182 views

Advanced Electron Forums (AEF) 1.0.9 <= Cross Site Request Forgery (CSRF) Vulnerability

Advanced Electron Forums AEF 1.0.9 = Cross Site Request Forgery CSRF Vulnerability 1. OVERVIEW The Advanced Electron Forums AEF 1.0.9 = versions are vulnerable to Cross Site Request Forgery CSRF. 2. BACKGROUND AEF has a very simple and easy to use Administration Panel and installing this software...

securityvulns•added 2011/09/26 12:0 a.m.•74 views

[USN-1214-1] GIMP vulnerability

========================================================================== Ubuntu Security Notice USN-1214-1 September 22, 2011 gimp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.1CVSS0.4AI score0.0619EPSS

securityvulns•added 2011/09/26 12:0 a.m.•58 views

NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF - SOS-11-011

Sense of Security - Security Advisory - SOS-11-011 Release Date. 20-Sep-2011 Last Update. - Vendor Notification Date. 22-Mar-2011 Product. NETGEAR Wireless Cable Modem Gateway CG814WG Affected versions. Hardware 1.03, Software V3.9.26 R14 verified, possibly others Severity Rating. High Impact...

securityvulns•added 2011/09/26 12:0 a.m.•122 views

Re: NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux

Research@NGSSecure [email protected] wrote: Vulnerable SUID script in nomachine NX Server for Linux 3.5.0-4 Advanced and Enterprise across redhat and debian hosts 21 September 2011 NGS Secure has discovered a High risk vulnerability in nomachine NX Server for Linux 3.5.0-4 Advanced and...

securityvulns•added 2011/09/26 12:0 a.m.•108 views

TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server

Trustwave's SpiderLabs Security Advisory TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt Published: 2011-09-23 Version: 1.0 Vendor: IceWarp http://www.icewarp.com Product: IceWarp Mail Server Version affected: 10.3.2 a...

6.4CVSS0.2AI score0.08341EPSS

securityvulns•added 2011/09/26 12:0 a.m.•314 views

Vulnerability found in Flynax Classifieds products

I. BACKGROUND -------------- Flynax is a software development company which produces several CMSs to mantain different kinds of classifieds websites. II. DESCRIPTION ---------------- Nasel members discovered a critical vulnerability in the front-end of these products. The vulnerability is an SQL...

securityvulns•added 2011/09/26 12:0 a.m.•91 views

AdaptCMS 2.0.1 Multiple security vulnerabilities

Advisory: AdaptCMS 2.0.1 Multiple security vulnerabilities Advisory ID: SSCHADV2011-018 Author: Stefan Schurtz Affected Software: Successfully tested on AdaptCMS 2.0.1 Vendor URL: http://www.adaptcms.com/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability Description:...

securityvulns•added 2011/09/26 12:0 a.m.•652 views

PunBB 1.3.6 bug

Islamic Republic Of Iran Security Team Www.IrIsT.Ir PunBB == 1.3.6 Cross-Site Scripting Vulnerabilities Download......: http://punbb.informer.com/downloads.php1.3.6 Bug Found.....: IrIsT™...

securityvulns•added 2011/09/26 12:0 a.m.•55 views

[email protected]

Research@NGSSecure [email protected] wrote: Vulnerable SUID script in nomachine NX Server for Linux 3.5.0-4 Advanced and Enterprise across redhat and debian hosts 21 September 2011 NGS Secure has discovered a High risk vulnerability in nomachine NX Server for Linux 3.5.0-4 Advanced and...

securityvulns•added 2011/09/26 12:0 a.m.•70 views

Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA)

Luigi Auriemma Application: Sunway ForceControl http://www.sunwayland.com.cn/pro.asp Versions: = 6.1 sp3 with AngelServer and WebServer updated Platforms: Windows Bugs: various stack overflows directory traversals third party ActiveX code execution various Denials of Service Exploitation: remote...

securityvulns•added 2011/09/26 12:0 a.m.•86 views

XSS Vulnerabilities in TWiki < 5.1.0

Information------------------Name : XSS vulnerability in TWikiSoftware : TWiki 5.0.2 and below.Vendor Hompeage : http://twiki.org/Vulnerability Type : Cross-Site ScriptingSeverity : HighResearcher : Mesut Timur mesut at mavitunasecurity dot comAdvisory Reference : NS-11-006CVE : CVE-2011-3010...

4.3CVSS6.3AI score0.15078EPSS

securityvulns•added 2011/09/26 12:0 a.m.•98 views

Serendipity freetag plugin 'serendipity[tagview]' Cross-Site Scripting vulnerability

Advisory: Serendipity freetag plugin 'serendipitytagview' Cross-Site Scripting vulnerability Advisory ID: SSCHADV2011-016 Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.5.5 Vendor URL: http://www.s9y.org Vendor Status: fixed CVE-ID: - ==========================...

securityvulns•added 2011/09/26 12:0 a.m.•61 views

Advisory: Dolphin Browser HD Cross-Application Scripting

1 Background ============ Android applications are executed in a sandbox environment, to ensure that no application can access sensitive information held by another, without adequate privileges. For example, the Dolphin browser application holds sensitive information such as cookies, cache and...

4.3CVSS6AI score0.0492EPSS

securityvulns•added 2011/09/26 12:0 a.m.•49 views

Advisory: Opera Mobile Cache Poisoning XAS

1 Background ============= Android applications are executed in a sandbox environment, to ensure that no application can access sensitive information held by another, without adequate privileges. For example, Opera Mobile holds sensitive information such as cookies, cache and history, and this...

securityvulns•added 2011/09/26 12:0 a.m.•106 views

Security issue is_a function in PHP 5.3.7+

PHP 5.3.7 changed the behavior of the isa function, used to check if an object is an instance of a class, to call the autoload function. This causes a remote code execute problem when coupled with a standard library like PEAR that internally uses isa to check if a returned variable is an Error...

securityvulns•added 2011/09/26 12:0 a.m.•175 views

Multiple vulnerabilities in Help Desk Software

Vulnerability ID: HTB23041 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinhelpdesksoftware.html Product: Help Desk Software Vendor: freehelpdesk.org http://freehelpdesk.org/ Vulnerable Version: 1.1b and probably prior Tested Version: 1.1b Vendor Notification: 17 August 2011...

securityvulns•added 2011/09/26 12:0 a.m.•76 views

[SECURITY] CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.11 - - Tomcat 6.0.0 to 6.0.32 - - Tomcat 5.5.0 to 5.5.33 - - Earlier,...

5CVSS0.3AI score0.02237EPSS

securityvulns•added 2011/09/26 12:0 a.m.•52 views

Apache Tomcat digest authentication vulnerabilities

Multiple implementation errors make authentication vulnerable to different attacks...

5CVSS5.4AI score0.02237EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/09/20 12:0 a.m.•51 views

Microsoft Sharepoint multiple security vulnerabilities

Crossite scripting, code injection, information disclosure...

4.3CVSS1.1AI score0.65122EPSS

Exploits10References3Affected Software4

securityvulns•added 2011/09/20 12:0 a.m.•87 views

Microsoft Office multiple security vulnerabilities

Multiple Excel memory corruptions, Word uninitialized pointer dereference, unsafe DLL loading...

9.3CVSS2.8AI score0.63521EPSS

Exploits3References5Affected Software1

securityvulns•added 2011/09/20 12:0 a.m.•44 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

5CVSS1.6AI score0.00329EPSS

Exploits1References9Affected Software4

securityvulns•added 2011/09/20 12:0 a.m.•27 views

Colasoft Capsa DoS

Crash on SNMP packet parsing...

Exploits0References1Affected Software1

securityvulns•added 2011/09/20 12:0 a.m.•29 views

HP Business Service Automation Essentials code execution

No description provided...

10CVSS2.5AI score0.19472EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/09/20 12:0 a.m.•53 views

Cisco Unified Communications Manager / Cisco Intercompany Media Engine / Cisco TelePresence Codecs DoS

Crash on Service Advertisement Framework SAF packet parsing, crash on SIP processing, connection flood DoS...

9CVSS4.1AI score0.43062EPSS

Exploits7References3Affected Software2

securityvulns•added 2011/09/20 12:0 a.m.•28 views

librsvg code execution

Code excution on SVG files parsing...

6.8CVSS4AI score0.03439EPSS

Exploits1References1Affected Software1

securityvulns•added 2011/09/20 12:0 a.m.•27 views

Cisco Unified Service Monitor / Cisco Unified Operations Manager / CiscoWorks LAN Management / EMC Ionix buffer overflow

Buffer overflow on TCP/9002 network packet parsing...

10CVSS5.5AI score0.14135EPSS

Exploits0References3Affected Software7

securityvulns•added 2011/09/20 12:0 a.m.•35 views

FortiMail Messaging Security Appliance crossite scripting

Crossite scripting in web administration module...

Exploits0References1Affected Software1

securityvulns•added 2011/09/20 12:0 a.m.•59 views

HP Network Node Manager i DoS

No description provided...

9.3CVSS0.7AI score0.89141EPSS

Exploits19References1

securityvulns•added 2011/09/20 12:0 a.m.•54 views

Update: Vulnerability in plugins for Typepad, RapidWeaver, Habari, DasBlo, eZ Publish, EE, Serendipity, Social Web CMS, PHP-Fusion, Magento and Sweetcron

Hello 3APA3A! One update concerning Cross-Site Scripting vulnerability in multiple plugins for different engines in plugins for Typepad, RapidWeaver, Habari, DasBlo, eZ Publish, EE, Serendipity, Social Web CMS, PHP-Fusion, Magento and Sweetcron, which all are ports of WP-Cumulus. Which I wrote...

securityvulns•added 2011/09/20 12:0 a.m.•105 views

[Onapsis Security Advisory 2011-015] SAP WebAS webrfc Cross-Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-015: SAP WebAS webrfc Cross-Site Scripting This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

securityvulns•added 2011/09/20 12:0 a.m.•93 views

[DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose (by ERPScan)

DSECRG-11-032 SAP NetWeaver ipcpricing - information disclose com.sap.ipc.webapp.ipcpricing application has information disclose vulnerability Digital Security Research Group DSecRG Advisory DSECRG-11-032 Internal DSecRG-00197 Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL...

securityvulns•added 2011/09/20 12:0 a.m.•178 views

[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability (by ERPScan)

DSECRG-11-033 SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability XSS vulnerability found in pubDBLogon.jsp page of SAP Crystal Report Server 2008. Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Linked...

securityvulns•added 2011/09/20 12:0 a.m.•60 views

Cisco TelePresence Multiple Vulnerabilities - SOS-11-010

Sense of Security - Security Advisory - SOS-11-010 Release Date. 19-Sep-2011 Last Update. - Vendor Notification Date. 21-Feb-2011 Product. Cisco TelePresence Series Platform. Cisco Affected versions. C = TC4.1.2, MXP = F9.1 Severity Rating. Low - Medium Impact. Cookie/credential theft,...

9CVSS0.1AI score0.43062EPSS

securityvulns•added 2011/09/20 12:0 a.m.•84 views

[Onapsis Security Advisory 2011-016] SAP WebAS Malicious SAP Shortcut Generation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-016: SAP WebAS Malicious SAP Shortcut Generation This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforeha...

securityvulns•added 2011/09/20 12:0 a.m.•36 views

ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products. EMC Identifier: ESA-2011-029 CVE Identifier: CVE-2011-2738 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected products: Ionix Application Connectivit...

10CVSS0.14135EPSS

securityvulns•added 2011/09/20 12:0 a.m.•30 views

Colasoft Capsa7.2.1 Malformed SNMP Packet Denial of Service

Colasoft Capsa ,a commercial software,is a powerful network packet analyzer,and you can get it from http://www.colasoft.com.cn Chinaand http://www.javvin.comUSA. -------------------------------------------------- I. Summary A flaw has been identified in Colasoft Capsa 7.2.1 concerning SNMPv1...

securityvulns•added 2011/09/20 12:0 a.m.•45 views

[security bulletin] HPSBMU02705 SSRT100622 rev.1 - HP Business Service Automation (BSA) Essentials, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03014398 Version: 1 HPSBMU02705 SSRT100622 rev.1 - HP Business Service Automation BSA Essentials, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be...

10CVSS0.7AI score0.19472EPSS

securityvulns•added 2011/09/20 12:0 a.m.•61 views

VUPEN Security Research - Microsoft Office Excel Formula Record Heap Corruption Vulnerability

VUPEN Security Research - Microsoft Office Excel Formula Record Heap Corruption Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Office Excel is a powerful tool you can use to create and format...

securityvulns•added 2011/09/20 12:0 a.m.•73 views

Multiple vulnerabilities in SiT! Support Incident Tracker

Vulnerability ID: HTB23043 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinsitsupportincidenttracker.html Product: SiT! Support Incident Tracker Vendor: The Support Incident Tracker Project http://sitracker.org/ Vulnerable Version: 3.64 and probably prior Tested Version: 3.64...

securityvulns•added 2011/09/20 12:0 a.m.•44 views

[USN-1206-1] librsvg vulnerability

========================================================================== Ubuntu Security Notice USN-1206-1 September 13, 2011 librsvg vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS0.4AI score0.03439EPSS

securityvulns•added 2011/09/20 12:0 a.m.•455 views

XEE vulnerabilities in SharePoint (MS11-074) and DotNetNuke

Hello, Microsoft recently published MS11-074. This bulletin concerns mainly SharePoint 2007 and 2010 but CVE-2011-1892 applies too to Office Groove client and server, Office Forms Server 2007 and Office Web Apps 2010. The vulnerability is a "XML External Entity Reference" one, as described in...

4CVSS0.4AI score0.65122EPSS

securityvulns•added 2011/09/20 12:0 a.m.•73 views

[security bulletin] HPSBMU02703 SSRT100242 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03005726 Version: 1 HPSBMU02703 SSRT100242 rev.1 - HP Network Node Manager i NNMi for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service DoS, Unauthorized Disclosure of Information,...

9.3CVSS0.9AI score0.89141EPSS

securityvulns•added 2011/09/20 12:0 a.m.•38 views

Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities Advisory ID: cisco-sa-20110914-lms Revision 1.0 For Public Release 2011 September 14 1600 UTC GMT...

10CVSS0.4AI score0.14135EPSS

securityvulns•added 2011/09/20 12:0 a.m.•134 views

Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit

?php / Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration Web Service getSubKeys Remote SQL Injection Exploit tested against: Microsoft Windows Server 2003 r2 sp2 Microsoft SQL Server 2005 Express download uri:...

securityvulns•added 2011/09/20 12:0 a.m.•72 views

CORE-2011-0506 - Multiples Vulnerabilities in ManageEngine ServiceDesk Plus

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Multiples Vulnerabilities in ManageEngine ServiceDesk Plus 1. Advisory Information Title: Multiples Vulnerabilities in ManageEngine ServiceDesk Plus Advisory ID: CORE-2011-0506 Advisory URL:...

5CVSS0.00329EPSS

securityvulns•added 2011/09/20 12:0 a.m.•44 views

Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities Advisory ID: cisco-sa-20110914-cusm Revision 1.0 For Public Release 2011 September 14 1600 UTC GMT...

10CVSS0.6AI score0.14135EPSS

securityvulns•added 2011/09/20 12:0 a.m.•137 views

[Onapsis Security Advisory 2011-014] SAP WebAS Remote Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ?Onapsis Security Advisory 2011-014: SAP WebAS Remote Denial of Service 1. Impact on Business ========================= By exploiting this vulnerability, an unauthenticated attacker would be able to remotely disrupt the SAP Application Server. This...

securityvulns•added 2011/09/20 12:0 a.m.•92 views

XSS vulnerability in FortiMail Messaging Security Appliance

Advisory: XSS vulnerability in FortiMail Messaging Security Appliance Advisory ID: SSCHADV2011-011 Author: Stefan Schurtz Affected Software: v4.0,build0245,101208 MR1 Patch 2 Vendor URL: http://www.fortinet.com/ Vendor Status: informed ========================== Vulnerability Description:...

Total number of security vulnerabilities47153