Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/08/10 12:0 a.m.25 views

TPTI-11-13: McAfee SaaS myCIOScn.dll Scan Method Script Injection Remote Code Execution Vulnerability

TPTI-11-13: McAfee SaaS myCIOScn.dll Scan Method Script Injection Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-13 August 8, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: McAfee -- Affected Products: McAfee Security-as-a-Service --...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.67 views

Microsoft Windows multiple security vulnerabilities

NDISTAPI service and CSRSS privilege escalations, kernel DoS, TCP/IP DoS, RDP DoS, .Net information disclosure...

7.8CVSS3.5AI score0.38461EPSS
Exploits12Affected Software1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.69 views

ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability

ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-251 August 9, 2011 -- CVE ID: CVE-2011-0250 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointT...

9.3CVSS0.6AI score0.05084EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.59 views

ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability

ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-250 August 9, 2011 -- CVE ID: CVE-2011-0252 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- Vulnerability Details...

9.3CVSS0.9AI score0.05084EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.142 views

THE STUDIO (prod.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability THE STUDIO prod.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.thestudio.net/ Persian Gulf 4 Ever! Dork : "Site designed by The Studio, INC." "inurl:prod.php?id="...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.142 views

Kimia Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Kimia AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.kimia.co.za/ Persian Gulf 4 Ever! Dork : "Graphic design & Website design by Kimia" "inurl:id=" Exploite:...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.49 views

Microsoft Office Visio security vulnerabilities

Memory corruption on Visio files parsing...

9.3CVSS4.2AI score0.22201EPSS
Exploits2Affected Software1
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.109 views

XWeavers (page.asp?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability XWeavers page.asp?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://xweavers.com/ Persian Gulf 4 Ever! Dork : "inurl:page.asp?id=" "Designed and Developed by XWeavers.com"...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.34 views

Microsoft Windows Remote Desktop Web Access crossite scripting

Crossite scripting on the logon page...

4.3CVSS2.7AI score0.15242EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.26 views

ThreeDify Designer ActiveX control Insecure Method

Vulnerability ID: HTB23021 Reference: http://www.htbridge.ch/advisory/threedifydesigneractivexcontrolinsecuremethod.html Product: ThreeDify Designer Vendor: ThreeDify http://www.threedify.com Vulnerable Version: 5.0.2 and probably prior Tested on: 5.0.2 Vendor Notification: 07 June 2011...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.33 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References3Affected Software3
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.19 views

OpenSSH DoS

GSSAPI authentication memory exhaustion...

2.5AI score
Exploits0References1
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.15 views

ThreeDify Designer ActiveX security vulnerabilities

Buffer overflo, insecure methods...

2.9AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.60 views

Community Server - Stored Cross-Site Scripting in User's Signature

Community Server - Stored Cross-site Scripting in user's signature. - Product description: Community Server is a communities and collaboration web application developed by Telligent. It uses ASP.NET platform C and Microsoft SQL Server database. From it's 5.0 version, the software was renamed to...

Exploits0
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.57 views

XSS in WP e-Commerce

Vulnerability ID: HTB23031 Reference: http://www.htbridge.ch/advisory/xssinwpecommerce.html Product: WP e-Commerce Vendor: Instinct Entertainment http://getshopped.org/ Vulnerable Version: 3.8.5 and probably prior Tested on: 3.8.5 Vendor Notification: 13 July 2011 Vulnerability Type: XSS Cross Si...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.32 views

Useless OpenSSH resources exhausion bug via GSSAPI

Name: Useless OpenSSH resources exhausion bug via GSSAPI Author: Adam Zabrocki [email protected] Date: 2008-2009 old useless bug ;P Description: OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.37 views

Android crossapplication scripting

Application can script in browser in any domain's context...

4.3CVSS1.7AI score0.04615EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.166 views

Android Browser Cross-Application Scripting (CVE-2011-2357)

============================================================= Android Browser Cross-Application Scripting CVE-2011-2357 ============================================================= 1 Background -------------- Android applications are executed in a sandbox environment, to ensure that no applicati...

4.3CVSS5.9AI score0.04615EPSS
Exploits3
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.106 views

Cross Site Scription Vulnerability in vBulletin 4.1.3, 4.1.4 and 4.1.5

Advisory Information Title: vBulletin Cross Site Scripting Vulnerability Vendors contacted: vBulletin team ---- Vulnerability Information Class: XSS flaw Vulnerable page: Admin Login Page admincp Remotely Exploitable: Yes ---- Vulnerability Description vBulletin is a community forum solution for ...

5.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.29 views

ThreeDify Designer ActiveX control multiple buffer overflow vulnerabilities

Vulnerability ID: HTB23020 Reference: http://www.htbridge.ch/advisory/threedifydesigneractivexcontrolmultiplebufferoverflowvulnerabilities.html Product: ThreeDify Designer Vendor: ThreeDify http://www.threedify.com Vulnerable Version: 5.0.2 and probably prior Tested on: 5.0.2 Vendor Notification:...

2.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.87 views

APPLE-SA-2011-08-03-1 QuickTime 7.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-08-03-1 QuickTime 7.7 QuickTime 7.7 is now available and addresses the following: QuickTime Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted pict file may...

9.3CVSS1.1AI score0.05084EPSS
Exploits2
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.137 views

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-245 July 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Sybase -- Affected Products: Sybase Adaptive Server ...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.24 views

Sybase Adaptive Server Backup / Monitor Server Translation security vulnerabilities

Different code execution vulnerabilities...

3.4AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.18 views

Flexera FlexNet License Server Manager buffer overflow

Buffer overflow in TCP/27000 request processing...

3.8AI score
Exploits0References1
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.76 views

Multiple XSS in HESK

Vulnerability ID: HTB23030 Reference: http://www.htbridge.ch/advisory/multiplexssinhesk.html Product: HESK Vendor: Klemen Stirn http://www.hesk.com/ Vulnerable Version: 2.2 and probably prior Tested on: 2.2 Vendor Notification: 06 July 2011 Vulnerability Type: XSS Cross Site Scripting Risk level:...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.31 views

dhcpcd shell characters vulnerability

Shell characters vulnerability in the hostname...

6.8CVSS2AI score0.03748EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.24 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.37 views

n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.001 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Stack-Based Buffer Overflow in Citrix XML Service Risk:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.75 views

NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write

======= Summary ======= Name: LibAVCodec AMV Out of Array Write Release Date: 31 July 2011 Reference: NGS00068 Discoverer: Dominic Chell [email protected] Vendor: VideoLAN Vendor Reference: CVE-2011-1931 Systems Affected: VLC media player 1.1.9 and earlier releases Risk: High Status:...

6.8CVSS9.4AI score0.02228EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.30 views

Многичесленные уязвимости в Register Plus для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною многочисленных Cross-Site Scripting уязвимостях в плагине Register Plus для WordPress. XSS persistent WASC-08: При включенных опциях Enable Invitation Codes и Enable Invitation Tracking Dashboard Widget и коде scriptalertdocument.cookie/script в...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.110 views

ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability

ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-246 July 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Sybase -- Affected Products: Sybase Adaptive Server --...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.25 views

Citrix XenApp / XenDesktop security vulnerabilities

Buffer overflow, heap memory corruption...

2.6AI score
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.34 views

[slackware-security] dhcpcd (SSA:2011-210-02)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security dhcpcd SSA:2011-210-02 New dhcpcd packages are available for Slackware 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...

6.8CVSS6.1AI score0.03748EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.22 views

Cisco TelePresence Recording Server default account

root account hat default password...

10CVSS2.3AI score0.03366EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.92 views

ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability

ZDI-11-244: 0day FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-244 July 28, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Flexera Software -- Affected Products: Flexera Software FlexNet License Serv...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.107 views

Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability Advisory ID: cisco-sa-20110729-tp Revision 1.0 For Public Release 2011 July 29 1600 UTC GMT...

10CVSS0.3AI score0.03366EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.40 views

LibAVCodec / FFMpeg / VLC index array overflow

Index array overflow on AMV files parsing...

6.8CVSS5.4AI score0.02228EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.34 views

n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.002 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Heap Corruption in Citrix XML Service Risk: HIGH Vendor...

8.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.75 views

cgcraft llc (collections.php?id) Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities cgcraft llc collections.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.cgcraft.com/ Persian Gulf 4 Ever! Dork : "website by cgCraft llc"...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.32 views

Linux DBus DoS

Byteorder is not checked in some messages...

4.6CVSS1.8AI score0.00386EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.34 views

ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability. EMC Identifier: ESA-2011-021 CVE Identifier: CVE-2011-1742 Severity Rating: CVSS v2 Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C Affected products: EMC SW: EMC Dat...

2.1CVSS1.9AI score0.00315EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.60 views

ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability

ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-241 July 27, 2011 -- CVE ID: CVE-2011-0254 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: WebKit -- Affected Products: WebKit -- TippingPointTM I...

9.3CVSS0.5AI score0.03923EPSS
Exploits2
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.28 views

ClamAV antivirus DoS

No description provided...

5CVSS1.8AI score0.03377EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.53 views

Redirection vulnerability in MBoard

Vulnerability ID: HTB23029 Reference: http://www.htbridge.ch/advisory/redirectionvulnerabilityinmboard.html Product: MBoard Vendor: PHPJunkyar http://www.phpjunkyard.com Vulnerable Version: 1.3 and probably prior Tested on: 1.3 Vendor Notification: 06 July 2011 Vulnerability Type: Redirection...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.58 views

SA500 vulnerabilities - details

Hi Advisory by Cisco was published a few days ago Bugtraq ID: 48810. Now more details: 1. Unathenticated access to web management any user - including admin. Due to blind SQLi in the login form of web management port 443, https, login field, embedded sqlite DB, there is possible to obtain: a all...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.24 views

Cisco SA 500 security vulnerabilities

SQL injection, privilege escalation...

9CVSS4.1AI score0.022EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.56 views

indiacon (selloffers.php?cid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability indiacon selloffers.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.indiacon.com/ Persian Gulf 4 Ever! Dork : inurl:selloffers.php?cid= "Powered by indiacon.com"...

4.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.70 views

[security bulletin] HPSBMU02691 SSRT100483 rev.2 - HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02941034 Version: 2 HPSBMU02691 SSRT100483 rev.2 - HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion NOTICE: The information in this Security Bulletin should be acted...

6.4CVSS0.5AI score0.048EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.104 views

Web Fusion Nepal (find.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Web Fusion Nepal find.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://webfusion.com.np/ Persian Gulf 4 Ever! Dork : "Powered by: Web Fusion Nepal" "inurl:find.php?id="...

2.9AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.305 views

Elgg 1.7.9 <= | Multiple Cross Site Scripting Vulnerabilities

Elgg 1.7.9 = | Multiple Cross Site Scripting Vulnerabilities 1. OVERVIEW The Elgg 1.7.9 and lower versions are vulnerable to multiple Cross Site Scripting. 2. BACKGROUND Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities...

1.3AI score
Exploits0
Total number of security vulnerabilities47153