Securityvulns - Page 177 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2011/08/10 12:0 a.m.•126 views

[security bulletin] HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02942411 Version: 1 HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access NOTICE: The information in this Security Bulletin should be acted up...

6.4CVSS0.8AI score0.0205EPSS

securityvulns•added 2011/08/10 12:0 a.m.•97 views

Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Chezola Systems display-section.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://chezolasystems.com/ Persian Gulf 4 Ever! Dork : "Powered by Chezola Systems Canada Inc"...

securityvulns•added 2011/08/10 12:0 a.m.•339 views

EasyContent CMS (participant.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability EasyContent CMS participant.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.emmattweb.com/ Persian Gulf 4 Ever! Dork : "Powered by EasyContent CMS"...

securityvulns•added 2011/08/10 12:0 a.m.•66 views

ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability

ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-251 August 9, 2011 -- CVE ID: CVE-2011-0250 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointT...

9.3CVSS0.6AI score0.04476EPSS

securityvulns•added 2011/08/10 12:0 a.m.•36 views

Amigot Corp (story.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Amigot Corp story.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://amigot.com/ Persian Gulf 4 Ever! Dork : "Powered By Amigot Corp" "inurl:story.php?id=" Exploite:...

securityvulns•added 2011/08/10 12:0 a.m.•61 views

ZDI-11-249: (Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability

ZDI-11-249: Pwn2Own Microsoft Internet Explorer Protected Mode Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-249 August 9, 2011 -- CVSS: 6.4, AV:N/AC:L/Au:N/C:P/I:P/A:N -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- TippingPointTM IPS...

securityvulns•added 2011/08/10 12:0 a.m.•113 views

XWeavers (sysMsg.php?errMsg) Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities XWeavers sysMsg.php?errMsg AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://xweavers.com/ Persian Gulf 4 Ever! Dork : "Designed and Developed by XWeavers.com" Exploite:...

securityvulns•added 2011/08/10 12:0 a.m.•80 views

ZDI-11-247: Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability

ZDI-11-247: Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-247 August 9, 2011 -- CVE ID: CVE-2011-1963 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Microsoft -- Affected Products: Microsoft...

9.3CVSS0.3AI score0.43042EPSS

securityvulns•added 2011/08/10 12:0 a.m.•107 views

XWeavers (page.asp?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability XWeavers page.asp?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://xweavers.com/ Persian Gulf 4 Ever! Dork : "inurl:page.asp?id=" "Designed and Developed by XWeavers.com"...

securityvulns•added 2011/08/05 12:0 a.m.•37 views

Android crossapplication scripting

Application can script in browser in any domain's context...

4.3CVSS1.7AI score0.0492EPSS

Exploits3References1Affected Software1

securityvulns•added 2011/08/05 12:0 a.m.•33 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Exploits0References3Affected Software3

securityvulns•added 2011/08/05 12:0 a.m.•19 views

OpenSSH DoS

GSSAPI authentication memory exhaustion...

Exploits0References1

securityvulns•added 2011/08/05 12:0 a.m.•15 views

ThreeDify Designer ActiveX security vulnerabilities

Buffer overflo, insecure methods...

Exploits0References2Affected Software1

securityvulns•added 2011/08/05 12:0 a.m.•32 views

Useless OpenSSH resources exhausion bug via GSSAPI

Name: Useless OpenSSH resources exhausion bug via GSSAPI Author: Adam Zabrocki [email protected] Date: 2008-2009 old useless bug ;P Description: OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that...

securityvulns•added 2011/08/05 12:0 a.m.•56 views

XSS in WP e-Commerce

Vulnerability ID: HTB23031 Reference: http://www.htbridge.ch/advisory/xssinwpecommerce.html Product: WP e-Commerce Vendor: Instinct Entertainment http://getshopped.org/ Vulnerable Version: 3.8.5 and probably prior Tested on: 3.8.5 Vendor Notification: 13 July 2011 Vulnerability Type: XSS Cross Si...

securityvulns•added 2011/08/05 12:0 a.m.•26 views

ThreeDify Designer ActiveX control Insecure Method

Vulnerability ID: HTB23021 Reference: http://www.htbridge.ch/advisory/threedifydesigneractivexcontrolinsecuremethod.html Product: ThreeDify Designer Vendor: ThreeDify http://www.threedify.com Vulnerable Version: 5.0.2 and probably prior Tested on: 5.0.2 Vendor Notification: 07 June 2011...

securityvulns•added 2011/08/05 12:0 a.m.•85 views

APPLE-SA-2011-08-03-1 QuickTime 7.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-08-03-1 QuickTime 7.7 QuickTime 7.7 is now available and addresses the following: QuickTime Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted pict file may...

9.3CVSS1.1AI score0.079EPSS

securityvulns•added 2011/08/05 12:0 a.m.•29 views

ThreeDify Designer ActiveX control multiple buffer overflow vulnerabilities

Vulnerability ID: HTB23020 Reference: http://www.htbridge.ch/advisory/threedifydesigneractivexcontrolmultiplebufferoverflowvulnerabilities.html Product: ThreeDify Designer Vendor: ThreeDify http://www.threedify.com Vulnerable Version: 5.0.2 and probably prior Tested on: 5.0.2 Vendor Notification:...

securityvulns•added 2011/08/05 12:0 a.m.•101 views

Cross Site Scription Vulnerability in vBulletin 4.1.3, 4.1.4 and 4.1.5

Advisory Information Title: vBulletin Cross Site Scripting Vulnerability Vendors contacted: vBulletin team ---- Vulnerability Information Class: XSS flaw Vulnerable page: Admin Login Page admincp Remotely Exploitable: Yes ---- Vulnerability Description vBulletin is a community forum solution for ...

securityvulns•added 2011/08/05 12:0 a.m.•57 views

Community Server - Stored Cross-Site Scripting in User's Signature

Community Server - Stored Cross-site Scripting in user's signature. - Product description: Community Server is a communities and collaboration web application developed by Telligent. It uses ASP.NET platform C and Microsoft SQL Server database. From it's 5.0 version, the software was renamed to...

securityvulns•added 2011/08/05 12:0 a.m.•155 views

Android Browser Cross-Application Scripting (CVE-2011-2357)

============================================================= Android Browser Cross-Application Scripting CVE-2011-2357 ============================================================= 1 Background -------------- Android applications are executed in a sandbox environment, to ensure that no applicati...

4.3CVSS5.9AI score0.0492EPSS

securityvulns•added 2011/08/03 12:0 a.m.•16 views

Flexera FlexNet License Server Manager buffer overflow

Buffer overflow in TCP/27000 request processing...

Exploits0References1

securityvulns•added 2011/08/03 12:0 a.m.•25 views

Citrix XenApp / XenDesktop security vulnerabilities

Buffer overflow, heap memory corruption...

Exploits0References2Affected Software2

securityvulns•added 2011/08/03 12:0 a.m.•22 views

Cisco TelePresence Recording Server default account

root account hat default password...

10CVSS2.3AI score0.01169EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/08/03 12:0 a.m.•40 views

LibAVCodec / FFMpeg / VLC index array overflow

Index array overflow on AMV files parsing...

6.8CVSS5.4AI score0.02339EPSS

Exploits0References3Affected Software1

securityvulns•added 2011/08/03 12:0 a.m.•31 views

dhcpcd shell characters vulnerability

Shell characters vulnerability in the hostname...

6.8CVSS2AI score0.00922EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/08/03 12:0 a.m.•24 views

Sybase Adaptive Server Backup / Monitor Server Translation security vulnerabilities

Different code execution vulnerabilities...

Exploits0References2Affected Software1

securityvulns•added 2011/08/03 12:0 a.m.•24 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Exploits0References3Affected Software2

securityvulns•added 2011/08/03 12:0 a.m.•33 views

n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.002 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Heap Corruption in Citrix XML Service Risk: HIGH Vendor...

securityvulns•added 2011/08/03 12:0 a.m.•33 views

[slackware-security] dhcpcd (SSA:2011-210-02)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security dhcpcd SSA:2011-210-02 New dhcpcd packages are available for Slackware 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...

6.8CVSS6.1AI score0.00922EPSS

securityvulns•added 2011/08/03 12:0 a.m.•27 views

Многичесленные уязвимости в Register Plus для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною многочисленных Cross-Site Scripting уязвимостях в плагине Register Plus для WordPress. XSS persistent WASC-08: При включенных опциях Enable Invitation Codes и Enable Invitation Tracking Dashboard Widget и коде scriptalertdocument.cookie/script в...

securityvulns•added 2011/08/03 12:0 a.m.•74 views

cgcraft llc (collections.php?id) Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities cgcraft llc collections.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.cgcraft.com/ Persian Gulf 4 Ever! Dork : "website by cgCraft llc"...

securityvulns•added 2011/08/03 12:0 a.m.•133 views

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-245 July 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Sybase -- Affected Products: Sybase Adaptive Server ...

securityvulns•added 2011/08/03 12:0 a.m.•73 views

Multiple XSS in HESK

Vulnerability ID: HTB23030 Reference: http://www.htbridge.ch/advisory/multiplexssinhesk.html Product: HESK Vendor: Klemen Stirn http://www.hesk.com/ Vulnerable Version: 2.2 and probably prior Tested on: 2.2 Vendor Notification: 06 July 2011 Vulnerability Type: XSS Cross Site Scripting Risk level:...

securityvulns•added 2011/08/03 12:0 a.m.•106 views

Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability Advisory ID: cisco-sa-20110729-tp Revision 1.0 For Public Release 2011 July 29 1600 UTC GMT...

10CVSS0.3AI score0.01169EPSS

securityvulns•added 2011/08/03 12:0 a.m.•91 views

ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability

ZDI-11-244: 0day FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-244 July 28, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Flexera Software -- Affected Products: Flexera Software FlexNet License Serv...

securityvulns•added 2011/08/03 12:0 a.m.•36 views

n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.001 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Stack-Based Buffer Overflow in Citrix XML Service Risk:...

securityvulns•added 2011/08/03 12:0 a.m.•108 views

ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability

ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-246 July 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Sybase -- Affected Products: Sybase Adaptive Server --...

securityvulns•added 2011/08/03 12:0 a.m.•75 views

NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write

======= Summary ======= Name: LibAVCodec AMV Out of Array Write Release Date: 31 July 2011 Reference: NGS00068 Discoverer: Dominic Chell [email protected] Vendor: VideoLAN Vendor Reference: CVE-2011-1931 Systems Affected: VLC media player 1.1.9 and earlier releases Risk: High Status:...

6.8CVSS9.4AI score0.02339EPSS

securityvulns•added 2011/08/01 12:0 a.m.•58 views

Oracle / Sun / Peoplesoft applications multiple security vulnerabilities

Quarterly critical patch update closes 78 different vulnerabilities in all major applications...

10CVSS2.3AI score0.67861EPSS

Exploits20References6Affected Software14

securityvulns•added 2011/08/01 12:0 a.m.•24 views

EMC Captiva eInput security vulnerabilities

Crossite scripting, unsafe ActiveX methods...

5.8CVSS2.1AI score0.00506EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•33 views

Wireshark sniffer DoS

Crash on IKE packet parsing...

Exploits0References2Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•31 views

HP Data Protector Media Management Daemon DoS

No description provided...

7.8CVSS1.7AI score0.02687EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•28 views

ClamAV antivirus DoS

No description provided...

5CVSS1.8AI score0.07432EPSS

Exploits0References1

securityvulns•added 2011/08/01 12:0 a.m.•23 views

Cisco SA 500 security vulnerabilities

SQL injection, privilege escalation...

9CVSS4.1AI score0.00632EPSS

Exploits0References2Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•61 views

WebKit / Apple Safari / Google Chrome multiple security vulnerabilities

WebKit and Apple libraries multiple security vulnerabilities...

10CVSS2AI score0.7624EPSS

Exploits33References11Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•22 views

HP OpenView Performance Agent DoS

It's possible to remove arbitrary files via TCP/383 HTTP request...

6.4CVSS1.8AI score0.0084EPSS

Exploits1References2Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•34 views

libsoup library directory traversal

Directory traversal in Web request handling...

5CVSS2.3AI score0.00853EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•23 views

EMC Data Protection Advisor information leakage

Cleartext passwords are stored in user readable files...

2.1CVSS2.5AI score0.00075EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/08/01 12:0 a.m.•32 views

Linux DBus DoS

Byteorder is not checked in some messages...

4.6CVSS1.8AI score0.00098EPSS

Exploits0References1Affected Software1

Total number of security vulnerabilities47153