Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/08/17 12:0 a.m.39 views

ZDI-11-256: Apple QuickTime Media Link src Parameter Remote Code Execution Vulnerability

ZDI-11-256: Apple QuickTime Media Link src Parameter Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-256 August 16, 2011 -- CVE ID: CVE-2011-0248 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...

9.3CVSS1.3AI score0.0302EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.19 views

Nortel / Avaya Media Application Server buffer overflow

Buffer overflow on TCP/52005 request parsing...

5.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.110 views

ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication On-Premise Advisories Updated August 11, 2011 Summary: An issue with Adaptive Authentication On-Premise was discovered which in certain circumstances...

7.5CVSS0.01289EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.73 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.02985EPSS
Exploits1References2Affected Software5
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.61 views

CA20110809-01: Security Notice for CA ARCserve D2D

CA20110809-01: Security Notice for CA ARCserve D2D Issued: August 9, 2011 CA Technologies support is alerting customers to a security risk associated with CA ARCserve D2D. A vulnerability exists that can allow a remote attacker to access credentials and execute arbitrary commands. CA Technologies...

5CVSS0.6AI score0.71631EPSS
Exploits5
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.55 views

[security bulletin] HPSBHF02699 SSRT100592 rev.1 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02950841 Version: 1 HPSBHF02699 SSRT100592 rev.1 - HP ProLiant SL Advanced Power Manager SL-APM, Remote User Validation Failure NOTICE: The information in this Security Bulletin should be acted...

7.8CVSS0.4AI score0.02308EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.34 views

[oCERT-2011-002] libavcodec insufficient boundary check

2011-002 libavcodec insufficient boundary check Description: The libavcodec library, an open source video encoding/decoding library part of the FFmpeg and Libav projects, performs insufficient boundary check against a buffer index. The missing check can result in arbitrary read/write of data...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.38 views

libavcodec / FFmpeg / MPlayer buffer overflow

Buffer overflow in CAVS decoding...

6.8CVSS3.6AI score0.03409EPSS
Exploits0References1Affected Software3
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.32 views

CA ARCserve D2D unauthorized access

Information leakage and code execution while processing TCP/8014 HTTP RPC request...

1.9AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.64 views

[security bulletin] HPSBGN02694 SSRT100586 rev.1 - HP webOS Contacts Application, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02937744 Version: 1 HPSBGN02694 SSRT100586 rev.1 - HP webOS Contacts Application, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon...

4.3CVSS0.7AI score0.01728EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.38 views

Adobe Flash Media Server DoS

Memory corruption...

5CVSS2.9AI score0.08467EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.27 views

Adobe Photoshop memory corruption

Memory corruption on GIF parsing...

9.3CVSS3.5AI score0.222EPSS
Exploits3
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.53 views

[security bulletin] HPSBPI02698 SSRT100404 rev.1 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02949847 Version: 1 HPSBPI02698 SSRT100404 rev.1 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be...

7.5CVSS0.4AI score0.73254EPSS
Exploits9
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.23 views

HP ProLiant SL Advanced Power Manager unauthorized access

No description provided...

7.8CVSS3AI score0.02308EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.68 views

iDefense Security Advisory 08.09.11: Adobe Flash Player Integer Overflow

iDefense Security Advisory 08.09.11 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 09, 2011 I. BACKGROUND Adobe Flash Player is an application for viewing animations and movies using computer programs such as a Web browser; in common usage, Flash lets you put animation and movies on a...

10CVSS0.1AI score0.09568EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.72 views

iDefense Security Advisory 08.09.11: Adobe Flash Player ActionScript Display Memory Corruption Vulnerability

iDefense Security Advisory 08.09.11 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 09, 2011 I. BACKGROUND Adobe Flash Player is an application for viewing animations and movies using computer programs such as a Web browser; in common usage, Flash lets you put animation and movies on a...

10CVSS0.1AI score0.07545EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.90 views

[SECURITY] [DSA 2289-1] typo3-src security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2289-1 [email protected] http://www.debian.org/security/ Florian Weimer August 07, 2011 http://www.debian.org/security/faq -...

1.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.60 views

[security bulletin] HPSBGN02696 SSRT100590 rev.1 - HP webOS Calendar Application, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02945437 Version: 1 HPSBGN02696 SSRT100590 rev.1 - HP webOS Calendar Application, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon...

4.3CVSS0.6AI score0.01463EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.27 views

HP Palm WebOS crossite scripting

Crossite scripting in Contacts and Calendar applications...

4.3CVSS1AI score0.01463EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/08/12 12:0 a.m.119 views

Mambo CMS 4.6.x (4.6.5) | SQL Injection

Mambo CMS 4.6.x 4.6.5 | SQL Injection 1. OVERVIEW Mambo CMS 4.6.5 and lower versions are vulnerable to SQL Injection. 2. BACKGROUND Mambo is a full-featured, award-winning content management system that can be used for everything from simple websites to complex corporate applications. It is used...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/11 12:0 a.m.71 views

[USN-1188-1] eCryptfs vulnerabilities

========================================================================== Ubuntu Security Notice USN-1188-1 August 09, 2011 ecryptfs-utils vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

4.6CVSS0.7AI score0.00382EPSS
Exploits2
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.26 views

HP OpenView Performance Insight security vulnerabilities

Crossite scripting, unauthorized access...

6.4CVSS1.6AI score0.02519EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.37 views

Amigot Corp (story.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Amigot Corp story.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://amigot.com/ Persian Gulf 4 Ever! Dork : "Powered By Amigot Corp" "inurl:story.php?id=" Exploite:...

3.9AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.51 views

Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials

FYI, we have published a fix for this issue. https://support.ca.com/irj/portal/anonymous/solndtls?aparNo=RO33517&os=W INDOWS&actionID=3 A formal security notice will be published next week. Thanks and regards, Ken Williams, Director CA Technologies Product Vulnerability Response Team CA...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.44 views

Multiple XSS in eShop for Wordpress

Vulnerability ID: HTB23034 Reference: http://www.htbridge.ch/advisory/multiplexssineshopforwordpress.html Product: eShop for Wordpress Vendor: Rich Pedley http://wordpress.org/extend/plugins/eshop/ Vulnerable Version: 6.2.8 and probably prior Tested on: 6.2.8 Vendor Notification: 20 July 2011...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.22 views

Android application spoofing

Application can emulate logon window of different application...

2.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.53 views

6House Design (product_details.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability 6House Design productdetails.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://sixhousedesign.com/ Persian Gulf 4 Ever! Dork : "Designed By: 6House Design"...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.37 views

TPTI-11-12: McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability

TPTI-11-12: McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-12 August 8, 2011 -- CVSS: 8.3, AV:N/AC:M/Au:N/C:P/I:P/A:C -- Affected Vendors: McAfee -- Affected Products: McAfee...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.206 views

Arte Dude (collections.php?id) (property.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Arte Dude collections.php?id property.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.artdudegraphics.com/ Persian Gulf 4 Ever! Dork : "inurl:property.php?id=" "an...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.21 views

McAfee Security-as-a-Service ActiveX code execution

Insecure methods in MyAsUtil5.2.0.603.dll, myCIOScn.dll...

2.3AI score
Exploits0References2
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.40 views

Microsoft Windows DNS server security vulnerabilities

Memory corruption on NAPTR record handling, uninitialized memory access on non-existent domain lookup...

10CVSS2.4AI score0.55203EPSS
Exploits2
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.44 views

Webdesigns-studio (sysMsg.php?errMsg) Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities Webdesigns-studio sysMsg.php?errMsg AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://webdesigns-studio.com/ Persian Gulf 4 Ever! Dork : "Designed and Developed by...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.63 views

Liberating IT (picture.php?gid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Liberating IT picture.php?gid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.liberatingit.com/ Persian Gulf 4 Ever! Dork : "Web Design by LiberatingIT.com"...

3.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.187 views

SEO New York (prod.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability SEO New York prod.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.eyesonnet.com/ Persian Gulf 4 Ever! Dork : "Powered by:SEO New York" "inurl:prod.php?id" Exploite...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.98 views

Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Chezola Systems display-section.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://chezolasystems.com/ Persian Gulf 4 Ever! Dork : "Powered by Chezola Systems Canada Inc"...

3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.32 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruptions, crossite data access, code execution...

9.3CVSS2.9AI score0.3434EPSS
Exploits11References4Affected Software1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.1542 views

Web Design Sydney (news-item.php?id) (news-item.php?newsid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Web Design Sydney news-item.php?id news-item.php?newsid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.milkdigital.com.au/ Persian Gulf 4 Ever! Dork : "web design sydney...

2.9AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.114 views

XWeavers (sysMsg.php?errMsg) Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities XWeavers sysMsg.php?errMsg AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://xweavers.com/ Persian Gulf 4 Ever! Dork : "Designed and Developed by XWeavers.com" Exploite:...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.85 views

SQL injection in Social Slider

Vulnerability ID: HTB23033 Reference: http://www.htbridge.ch/advisory/sqlinjectioninsocialslider.html Product: Social Slider Vendor: Lukasz Wiecek http://wiecek.pl Vulnerable Version: 5.6.2 and probably prior Tested on: 5.6.2 Vendor Notification: 20 July 2011 Vulnerability Type: SQL Injection Ris...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.24 views

Многичесленные уязвимости в Register Plus Redux для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною многочисленных Cross-Site Scripting уязвимостях в плагине Register Plus Redux для WordPress. XSS persistent WASC-08: Есть много persistent XSS уязвимостей в настойках плагина http://site/wp-admin/options-general.php?page=register-plus-redux. В...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.65 views

Fwd: {Lostmonґs Group} Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability

Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability Vendor URL: http://www.microsoft.com Advisore: http://lostmon.blogspot.com/2011/08/internet-explorer-6-7-and-8-windowopen.html Coordinate Dislcosure: YES exploit available: Private CVE-2011-1257 and MS011-57 Microsoft Internet...

7.6CVSS6.6AI score0.15279EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.26 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References18Affected Software3
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.1240 views

Synchrony Infotech (product_details.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Synchrony Infotech productdetails.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.synchrony.co.in/ Persian Gulf 4 Ever! Dork : "Designed by synchrony infotech."...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.82 views

ZDI-11-247: Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability

ZDI-11-247: Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-247 August 9, 2011 -- CVE ID: CVE-2011-1963 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Microsoft -- Affected Products: Microsoft...

9.3CVSS0.3AI score0.23356EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.177 views

Avant-Garde Technologies (display-section.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Avant-Garde Technologies display-section.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.agtsindia.com/ Persian Gulf 4 Ever! Dork : "Powered by Avant-Garde...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.129 views

[security bulletin] HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02942411 Version: 1 HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access NOTICE: The information in this Security Bulletin should be acted up...

6.4CVSS0.8AI score0.02519EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.340 views

EasyContent CMS (participant.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability EasyContent CMS participant.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.emmattweb.com/ Persian Gulf 4 Ever! Dork : "Powered by EasyContent CMS"...

3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.66 views

ZDI-11-248: Microsoft Internet Explorer 9 STYLE Object Parsing Remote Code Execution Vulnerability

ZDI-11-248: Microsoft Internet Explorer 9 STYLE Object Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-248 August 9, 2011 -- CVE ID: CVE-2011-1964 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Microsoft -- Affected Products: Microsoft...

9.3CVSS0.5AI score0.23356EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.23 views

TWSL2011-008: Focus Stealing Vulnerability in Android

Trustwave's SpiderLabs Security Advisory TWSL2011-008: Focus Stealing Vulnerability in Android https://www.trustwave.com/spiderlabs/advisories/TWSL2011-008.txt Published: 2011-08-06 Version: 1.0 Vendor: Google http://www.android.com/ Product: Android Versions affected: Tested on 2.1 - 2.3 Other...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.62 views

ZDI-11-249: (Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability

ZDI-11-249: Pwn2Own Microsoft Internet Explorer Protected Mode Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-249 August 9, 2011 -- CVSS: 6.4, AV:N/AC:L/Au:N/C:P/I:P/A:N -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- TippingPointTM IPS...

0.9AI score
Exploits0
Total number of security vulnerabilities47153