Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/09/16 12:0 a.m.66 views

Seeker Advisory Sep11: Insecure Redirect in Microsoft SharePoint Portal

Seeker Research Center Security Advisory This vulnerability was discovered by Seekerr Automatic Run-Time Application Security Testing Solution Disclosed By Irene Abezgauz, September 13th, 2011 ========= I. Overview ========= An Insecure Redirect vulnerability has been identified in Microsoft...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.37 views

Microsoft Windows WIND server privilege escalation

Loopback interface packets handling vulnereability...

7.2CVSS3.2AI score0.07841EPSS
Exploits6
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.52 views

Seeker Advisory Sep11: Reflected Cross Site Scripting in Microsoft SharePoint Portal

Seeker Research Center Security Advisory This vulnerability was discovered by Seeker® Automatic Run-Time Application Security Testing Solution Disclosed By Irene Abezgauz, September 13th, 2011 ========= I. Overview ========= A Cross Site Scripting vulnerability has been identified in Microsoft...

6AI score
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.46 views

VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.52 views

VUPEN Security Research - Adobe Acrobat and Reader BMP Dimensions Heap Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader BMP Dimensions Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.50 views

VUPEN Security Research - Adobe Acrobat and Reader PCX Processing Heap Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader PCX Processing Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...

Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.61 views

Security updates available for Adobe Reader and Acrobat

Security updates available for Adobe Reader and Acrobat Release date: September 13, 2011 Vulnerability identifier: APSB11-24 CVE numbers: CVE-2011-1353, CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434, CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,...

9.3CVSS0.7AI score0.07964EPSS
Exploits12
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.44 views

VUPEN Security Research - Adobe Acrobat and Reader Picture Processing Stack Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader Picture Processing Stack Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...

Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.47 views

VUPEN Security Research - Adobe Acrobat and Reader IFF Processing Heap Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader IFF Processing Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.44 views

Advisory for MS11-035 / ZDI-11-167

Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 2011 advisory 13 Sep 2011 Author: Luigi Auriemma e-mail:...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.48 views

VUPEN Security Research - Adobe Acrobat and Reader TIFF BitsPerSample Heap Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader TIFF BitsPerSample Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...

Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.45 views

iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability

iDefense Security Advisory 09.13.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 13, 2011 I. BACKGROUND Adobe Reader and Acrobat are portable document format PDF readers and processors. For more information, please visit the following pages: http://www.adobe.com/products/reader/...

9.3CVSS0.5AI score0.04903EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.38 views

Microsoft Windows WINS server memory corruption

Memory corruption on send exceptional conditions handling...

9.3CVSS1.5AI score0.47566EPSS
Exploits0References3
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.49 views

[SECURITY] [DSA 2309-1] openssl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2309-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 13, 2011 http://www.debian.org/security/faq -...

2.6CVSS1AI score0.0343EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.45 views

DigiNotar fraudulent certificates

Well known domain names certificates were issued to untrusted party...

2.6CVSS3.4AI score0.0343EPSS
Exploits1References2Affected Software6
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.63 views

iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability

iDefense Security Advisory 09.13.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 13, 2011 I. BACKGROUND Adobe Reader and Acrobat are portable document format PDF readers and processors. For more information, please visit the following pages: http://www.adobe.com/products/reader/...

9.3CVSS0.5AI score0.04903EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.85 views

iDefense Security Advisory 09.13.11: Microsoft Excel Record Integer Signedness Vulnerability

iDefense Security Advisory 09.13.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 13, 2011 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...

9.3CVSS0.3AI score0.20486EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.74 views

iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability

iDefense Security Advisory 09.13.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 13, 2011 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...

9.3CVSS6.8AI score0.21507EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.64 views

iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability

iDefense Security Advisory 09.13.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 13, 2011 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...

9.3CVSS6.8AI score0.18609EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.78 views

[SECURITY] [DSA 2302-1] bcfg2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2302-1 [email protected] http://www.debian.org/security/ Nico Golde Sep 7, 2011 http://www.debian.org/security/faq -...

9.3CVSS2.9AI score0.04798EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.44 views

squid buffer overflow

Buffer overflow on gopher reply parsing...

6.8CVSS4.3AI score0.27454EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.314 views

CVE-2011-2730: Spring Framework Information Disclosure

CVE-2011-2730: Spring Framework Information Disclosure Severity: Variable depending on application. Likely to be low to moderate, may be important. Version affected: 3.0.0 to 3.0.5 2.5.0 to 2.5.6.SEC02 community releases 2.5.0 to 2.5.7.SR01 subscription customers Earlier, unsupported versions may...

7.5CVSS5.5AI score0.11779EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.44 views

[SECURITY] [DSA 2304-1] squid3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2304-1 [email protected] http://www.debian.org/security/ Nico Golde Sep 11, 2011 http://www.debian.org/security/faq -...

6.8CVSS2.1AI score0.27454EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.47 views

Уязвимости в JBoss Application Server

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Information Leakage и Brute Force уязвимостях в JBoss Application Server. Information Leakage WASC-13: http://site/status http://site/status?full=true Публично доступная статистика работы сервера с перечнем всех его сервисов. Brute Force WASC-11:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.27 views

Quassel IRC client DoS

CTCP request parsing DoS...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.52 views

Google Сhrome multiple security vulnerabilities

DoS, information leakage, memory corruption...

7.5CVSS2AI score0.01541EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.67 views

Linux kernel security vulnerabilities

Predictable TCP ISN numbers, CIFS client memory corruption...

10CVSS3.4AI score0.05689EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.36 views

ESA-2011-018: Domain administration privilege enforcement bypass in EMC Avamar

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-018: Domain administration privilege enforcement bypass in EMC Avamar. EMC Identifier: ESA-2011-018 CVE Identifier: CVE-2011-1740 Severity Rating: CVSS v2 Base Score: 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC Avamar version 4.x EM...

7.7CVSS1AI score0.01126EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.34 views

[USN-1200-1] Quassel vulnerability

========================================================================== Ubuntu Security Notice USN-1200-1 September 10, 2011 quassel vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.43 views

APPLE-SA-2011-09-09-1 Security Update 2011-005

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-09-09-1 Security Update 2011-005 Security Update 2011-005 is now available and addresses the following: Certificate Trust Policy Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.1, OS X Lion Server v10.7.1 Impact...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.50 views

Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability Advisory ID: cisco-sa-20110907-nexus Revision 1.0 For Public Release 2011 September 07 1600 UTC GMT...

5CVSS0.6AI score0.01992EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.92 views

CVE-2011-2731: Spring Security privilege escalation when using RunAsManager

CVE-2011-2731: Spring Security privilege escalation when using RunAsManager Severity: Moderate Versions Affected: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Spring Security provides a mechanism RunAsManager to allow particular operations to run with a differe...

5.1CVSS1.1AI score0.01246EPSS
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.88 views

Vulnerability in plugins for Typepad, RapidWeaver, Habari, DasBlo, eZ Publish, EE, Serendipity, Social Web CMS, PHP-Fusion, Magento and Sweetcron

Hello 3APA3A! I want to warn you about Cross-Site Scripting vulnerability in multiple plugins for different engines it's combinations of my three publications which I've made earlier at my site. In plugins for Typepad, RapidWeaver, Habari, DasBlo, eZ Publish, EE, Serendipity, Social Web CMS,...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.121 views

CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities

CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities Severity: Critical Versions Affected: Spring Framework: 3.0.0 to 3.0.5 Spring Security: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Several issues have been report...

6.8CVSS1.9AI score0.08532EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.27 views

EMC Avamar privilege escalation

Domain administrator can access data from different domain...

7.7CVSS4.5AI score0.01126EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.198 views

Multiple XSS vulnerabilities in CMS Papoo Light Version

Advisory: Multiple XSS vulnerabilities in CMS Papoo Light Version Advisory ID: SSCHADV2011-014 Author: Stefan Schurtz Affected Software: v4.0 Vendor URL: http://www.papoo.de/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability Description: ========================== The CMS...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.81 views

[SECURITY] [DSA 2308-1] mantis security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2308-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 12, 2011 http://www.debian.org/security/faq -...

6.8CVSS1.3AI score0.09296EPSS
Exploits4
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.84 views

[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2303-2 [email protected] http://www.debian.org/security/ Dann Frazier September 10, 2011 http://www.debian.org/security/faq -...

10CVSS1.5AI score0.05689EPSS
Exploits15
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.88 views

[SECURITY] [DSA 2307-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2307-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano September 11, 2011 http://www.debian.org/security/faq -...

7.5CVSS4.1AI score0.01541EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.116 views

CVE-2011-2732: Spring Security header injection vulnerability

CVE-2011-2732: Spring Security header injection vulnerability Severity: Important Versions Affected: 2.0.0 to 2.0.6 3.0.0 to 3.0.5 Earlier versions may also be affected Description: Spring Security allows the use of a parameter named "spring-security-redirect" by default to determine the location...

4.3CVSS6.6AI score0.04608EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.35 views

[ MDVSA-2011:134 ] rsyslog

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:134 http://www.mandriva.com/security/ Package : rsyslog Date : September 9, 2011 Affected: 2010.1 Problem Description: A vulnerability was discovered and corrected in rsyslog: Stack-based buffer overflow in...

5CVSS6.7AI score0.20759EPSS
Exploits2
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.30 views

rsyslog buffer overflow

Buffer overflow on oversized syslog TAG...

5CVSS4.4AI score0.20759EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2011/09/13 12:0 a.m.58 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9.3CVSS1.6AI score0.11779EPSS
Exploits7References9Affected Software11
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.86 views

Loop (ricetta.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Loop ricetta.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.loopmm.com/ Persian Gulf 4 Ever! Dork : "Loop - creazioni multimediali" "inurl:ricetta.php?id="...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.46 views

XSS in Zikula

Vulnerability ID: HTB23039 Reference: https://www.htbridge.ch/advisory/xssinzikula.html Product: Zikula Application Framework Vendor: Zikula Software Foundation http://zikula.org/ Vulnerable Version: 1.3.0, build 3168 and probably prior Tested Version: 1.3.0, build 3168 Vendor Notification: 17...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.29 views

Windows server 2008 R1 local DoS

Hi all. Here's a cute little local DoS attack against Windows Server 2008 R1, which will allow any user who can execute unprivileged code to BSoD your server with about three lines of C. I have reported this to Microsoft, but because of the limited scope of the issue - DoS-only, and server 2008 R...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.56 views

MaiNick (ricetta.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability MaiNick ricetta.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.mainickweb.com/ Persian Gulf 4 Ever! Dork : "Designed by MaiNick" "inurl:ricetta.php?id=" Exploite:...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.807 views

Editel (news-dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Editel news-dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.editeltn.it/ Persian Gulf 4 Ever! Dork : "Realizzazione sito: Editel"...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.23 views

Cloud Manager unaurhozied access

Insufficient authentication in RPC-based service...

9.3CVSS4AI score0.03634EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.32 views

Microsoft Windows CSRSS DoS

NULL pointer dereference on console input from stdin if stderr and stdout are closed...

3.2AI score
Exploits0References1
Total number of security vulnerabilities47153