Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•60 views

[SECURITY] [DSA 2285-1] mapserver security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2285-1 [email protected] http://www.debian.org/security/ Nico Golde July 26, 2011 http://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.0522EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•45 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.0522EPSS
Exploits0References19Affected Software6
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•49 views

[SECURITY] [DSA 2281-1] opie security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2281-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 21, 2011 http://www.debian.org/security/faq -...

9.3CVSS1.7AI score0.21992EPSS
Exploits7
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•49 views

Apple iWork multiple security vulnerabilities

Memory corruptions on Word and Excel files processing...

6.8CVSS2AI score0.05472EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•75 views

APPLE-SA-2011-07-20-2 iWork 9.1 Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-20-2 iWork 9.1 Update iWork 9.1 Update is now available and addresses the following: Numbers Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Excel file may lead to an unexpected application termination or...

6.8CVSS0.7AI score0.05472EPSS
Exploits5
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•52 views

Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability Advisory ID: cisco-sa-20110720-asr9k Revision 1.0 For Public Release 2011 July 20 1600 UTC GMT...

7.8CVSS0.3AI score0.01702EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•116 views

Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Indonesia Web Design link-directory.php?cid link-directory.php?pid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.webhostingbali.com/ Persian Gulf 4 Ever! Dork : "Powere...

3.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•44 views

Shibboleth / opensaml signature wrapping attacks

It's possible to spoof signed content...

5.8CVSS1.6AI score0.02291EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•92 views

Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Funnel Web items.php?&catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.funnel-web.com.au/ Persian Gulf 4 Ever! Dork : "Web site design by Funnel Web" "inurl:items.ph...

2.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•82 views

CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability CobraScripts searchresult.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://cobrascripts.com/ Persian Gulf 4 Ever! Dork : "Powered by CobraScripts"...

3.2AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•22 views

HTC Android devices directory traversal

OBEX FTP bluetooth request directory traversal...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•74 views

TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain

Trustwave's SpiderLabs Security Advisory TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain https://www.trustwave.com/spiderlabs/advisories/TWSL2011-007.txt Published: 2011-07-25 Version: 1.0 Vendor: Apple http://www.apple.com Product: iOS Version affected: Versions Prior to...

7.5CVSS0.2AI score0.06387EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•137 views

Funnel Web (directory.php?cid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Funnel Web directory.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.funnel-web.com.au/ Persian Gulf 4 Ever! Dork : "Web site design by Funnel Web"...

2.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•42 views

libsndfile buffer overflow

Buffer overflow on Ensoniq PARIS Audio Format PAF parsing...

6.8CVSS5.2AI score0.04647EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•36 views

logrotate multiple security vulnerabilities

Race conditions, unfiltered shell characters vulnerability, DoS...

6.9CVSS3.1AI score0.00412EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•48 views

[ MDVSA-2011:118 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:118 http://www.mandriva.com/security/ Package : wireshark Date : July 24, 2011 Affected: 2010.1, Enterprise Server 5.0 Problem Description: This advisory updates wireshark to the latest version 1.2.18, fixin...

4.3CVSS7.4AI score0.02496EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•36 views

opie security vulnerabilities

Privilege escalation, off-by-one buffer overflow...

7.2CVSS4.2AI score0.00534EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•56 views

[USN-1175-1] libpng vulnerabilities

========================================================================== Ubuntu Security Notice USN-1175-1 July 26, 2011 libpng vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS0.9AI score0.04227EPSS
Exploits2
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•37 views

libpng library multiple security vulnerabilities

Multiple vulnerabilities on PNG parsing...

6.8CVSS3AI score0.04227EPSS
Exploits2References1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•111 views

[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1

---------------------------------------------------------------------- PT-2011-08 Positive Technologies Security Advisory Multiple vulnerabilities in Dlink DPH 150SE/E/F1 ---------------------------------------------------------------------- --- Vulnerable platform Dlink DPH 150s IP Phone Firmwar...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•53 views

[SECURITY] [DSA 2284-1] opensaml2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2284-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 25, 2011 http://www.debian.org/security/faq -...

5.8CVSS1.6AI score0.02291EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•52 views

APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone iOS 4.2.10 Software Update for iPhone is now available and addresses the following: Data Security Available for: iOS 4.2.5 through 4.2.9 for iPhone 4 CDMA Impact: An attacker with a privilege...

7.5CVSS0.2AI score0.06387EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•55 views

Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability

Exploit Title: Vbulletin 4.0.x = 4.1.3 messagegroupid SQL injection Vulnerability 0-day Google Dork: intitle: powered by Vbulletin 4 Date: 20/07/2011 Author: FB1H2S Software Link: urlhttp://www.vbulletin.com//url Version: 4.x.x Tested on: relevant os CVE : urlhttp://members.vbulletin.com//url...

8.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•27 views

D-link DPH 150SE/E/F1 IP Phones multiple security vulnerabilities

Multiple web interface unauthorized access possibilities...

2.9AI score
Exploits0References1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•36 views

Wireshark sniffer DoS

Infinite loop on Lucent/Ascend files parsing...

4.3CVSS2.7AI score0.02496EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•77 views

HTC / Android OBEX FTP Service Directory Traversal Vulnerability

Title: HTC / Android OBEX FTP Service Directory Traversal Author: Alberto Moreno Tablado Vendor: HTC Products: - HTC devices running Android 2.1 - HTC devices running Android 2.2 References:...

8.5CVSS8.6AI score0.30252EPSS
Exploits2
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•58 views

Multiple CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about new multiple security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and this modem wa...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•40 views

[ MDVSA-2011:119 ] libsndfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:119 http://www.mandriva.com/security/ Package : libsndfile Date : July 25, 2011 Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability was discovered and correcte...

6.8CVSS7AI score0.04647EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•62 views

Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities

Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting XSS Vulnerabilities 1. OVERVIEW Joomla! 1.7.0-RC and versions of 1.6.x are vulnerable to multiple Cross Site Scripting issues. 2. BACKGROUND Joomla is a free and open source content management system CMS for publishing content on the Worl...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•59 views

[PT-2011-05] Cross-Site Scripting in Koha Library Software

---------------------------------------------------------------------- PT-2011-05 Positive Technologies Security Advisory Cross-Site Scripting in Koha Library Software ---------------------------------------------------------------------- --- Vulnerable software Koha Library Software version 3.2....

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•61 views

XSS in Tiki Wiki CMS Groupware

Vulnerability ID: HTB23027 Reference: http://www.htbridge.ch/advisory/xssintikiwikicmsgroupware.html Product: Tiki Wiki CMS Groupware Vendor: info.tiki.org http://info.tiki.org Vulnerable Version: 7.0 and probably prior Tested on: 7.0 Vendor Notification: 29 June 2011 Vulnerability Type: XSS Cros...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•38 views

Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation

===============================ADVISORY=============================== Advisory: Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation Advisory ID: DSEC-2011-0001 Author: Neil Kettle, Digit Security Ltd Affected Software: Securstar DriveCrypt Vendor URL:...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•43 views

FreeRADIUS OCSP vulnerability

Revoked certificate may be used due to validation error...

5.8CVSS2AI score0.01847EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•89 views

PHP-Barcode 0.3pl1 Remote Code Execution

PHP-Barcode 0.3pl1 Remote Code Execution ================================= The input passed to the code parameter is not sanitized and is used on a popen function. This allows remote command execution and also allows to see environment vars: Windows...

1.2AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•58 views

Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities Advisory ID: cisco-sa-20110720-sa500 Revision 1.0 For Public Release 2011 July 20 1600 UTC GMT...

9CVSS0.5AI score0.022EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•47 views

[PT-2011-25] SQL injection vulnerabilities in Support Incident Tracker

---------------------------------------------------------------------- PT-2011-25 Positive Technologies Security Advisory SQL injection vulnerabilities in Support Incident Tracker ---------------------------------------------------------------------- --- Vulnerable software SiT! Version 3.63p1 an...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•32 views

Cisco ASR 9000 DoS

Crash on IP packet processing...

7.8CVSS2.5AI score0.01702EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•76 views

DotComEgypt (products.php?cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability DotComEgypt products.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dotcomegypt.com/ Persian Gulf 4 Ever! Dork : "Powered by DotCom" "inurl:products.php?catid=...

4.3AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•30 views

Likewise Open SQL injection

Privilege escalation is possible...

5.8CVSS3.3AI score0.0072EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•45 views

Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Funnel Web selectedproduct.php?t AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.funnel-web.com.au/ Persian Gulf 4 Ever! Dork : "Web site design by Funnel Web"...

2.7AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•97 views

Funnel Web (pages.php?page) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Funnel Web pages.php?page AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.funnel-web.com.au/ Persian Gulf 4 Ever! Dork : "Web site design by Funnel Web"...

2.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•74 views

[USN-1172-1] logrotate vulnerabilities

========================================================================== Ubuntu Security Notice USN-1172-1 July 21, 2011 logrotate vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.9CVSS0.5AI score0.00412EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•48 views

phpMyAdmin 3.x Conditional Session Manipulation

phpMyAdmin 3.x Conditional Session Manipulation Advisory from ???????????????????????????????????????????????.??? ??':????:'?????????????????????????????????????????::?????'??'.? ????'.??.'?????????????????????????????????????????????????????? ?????'..'???????..???..?????????:':??????????...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•302 views

Precision (products.php?cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Precision products.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.groupprecision.com/ Persian Gulf 4 Ever! Dork : "powered by Precision"...

3.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•57 views

[DSB-2011-01] Security Advisory FreeRADIUS 2.1.11

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 DFN-CERT Services GmbH - Security Advisory ========================================== Advisory: DSB-2011-01 Version: 1.0 Released on: 2011-07-22 Updated on: 2011-07-22 Product: FreeRADIUS 2.1.11 2011-06-29 Summary - ------- FreeRADIUS is a RADIUS serv...

5.8CVSS0.01847EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•67 views

[USN-1171-1] Likewise Open vulnerability

========================================================================== Ubuntu Security Notice USN-1171-1 July 20, 2011 likewise-open vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

5.8CVSS0.2AI score0.0072EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•62 views

APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update iOS 4.3.5 Software Update is now available and addresses the following: Data Security Available for: iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 GSM, iOS 3.1 through 4.3.4 for iPod touch 3rd...

7.5CVSS0.1AI score0.06387EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•19 views

Elitecore Cyberoam UTM crossite scripting

Crossite scripting in Web interface...

1.6AI score
Exploits0References1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•39 views

kvm code execution

virtio commands processing code execution...

7.4CVSS3.4AI score0.01903EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
•added 2011/07/26 12:0 a.m.•21 views

Securstar DriveCrypt multiple security vulnerabilities

DoS, information leakage, privilege escalation...

3AI score
Exploits0References1Affected Software1
Total number of security vulnerabilities47153