Securityvulns - Page 181 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2011/07/14 12:0 a.m.•20 views

PalTalk messenger ActiveX insecure methods

It's possible to save files into arbitrary locations...

Exploits0References1

securityvulns•added 2011/07/14 12:0 a.m.•27 views

apt GPG signature check vulnerability

GPG sugnatures are incorrectly validated...

4.3CVSS1.9AI score0.00145EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/07/14 12:0 a.m.•34 views

Wireshark 1.4.0 Malformed IKE Packet Denial of Service

Wireshark 1.4.0 Malformed IKE Packet Denial of Service ------------------------------------------------------------------ I. Summary A flaw has been identified in Wireshark 1.4.0 when send a specific malformed IKE packet that will cause a denial of service...

securityvulns•added 2011/07/14 12:0 a.m.•37 views

bcksrvr format string in Sybase Adaptive Server 15.5

Luigi Auriemma Application: Sybase Adaptive Server http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise Versions: = 15.5 Platforms: Solaris, Windows, Linux, AIX, HP Bug: format string in bcksrvr Exploitation: remote, versus server Date: 27 Jun 2011 found 28 Oct 2010 Author:...

securityvulns•added 2011/07/14 12:0 a.m.•53 views

[USN-1169-1] APT vulnerability

========================================================================== Ubuntu Security Notice USN-1169-1 July 13, 2011 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.3CVSS0.7AI score0.00145EPSS

securityvulns•added 2011/07/14 12:0 a.m.•25 views

[SECURITY] [DSA 2275-1] openoffice.org security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2275-1 [email protected] http://www.debian.org/security/ Nico Golde July 7, 2011 http://www.debian.org/security/faq -...

securityvulns•added 2011/07/14 12:0 a.m.•50 views

Paltalk Messenger ActiveX Control Multiple Insecure Methods

Vulnerability ID: HTB23026 Reference: http://www.htbridge.ch/advisory/paltalkmessengeractivexcontrolmultipleinsecuremethods.html Product: Paltalk Messenger Vendor: Paltalk http://www.paltalk.com Vulnerable Version: 10.0 and probably prior Tested on: 10.0 Vendor Notification: 22 June 2011...

securityvulns•added 2011/07/13 12:0 a.m.•27 views

Microsoft Visio insecure DLL loading

Unsafe DLL loading on associated files opening...

9.3CVSS2.5AI score0.26525EPSS

Exploits2Affected Software1

securityvulns•added 2011/07/13 12:0 a.m.•54 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.37008EPSS

Exploits18References5Affected Software4

securityvulns•added 2011/07/13 12:0 a.m.•59 views

Microsoft Windows multiple security vulnerabilities

Uninitialized memory reference in Bluetooth stack, multiple memory handling vulnerabilities in Windows kernel, multiple privilege escalations in CSRSS...

8.3CVSS4.4AI score0.0263EPSS

Exploits11Affected Software1

securityvulns•added 2011/07/13 12:0 a.m.•19 views

TrendMicro Control Manager security vulnerabilities

Integer overflow on TCP/20801 request handling. SQL injection...

Exploits0References2

securityvulns•added 2011/07/13 12:0 a.m.•56 views

Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss)

=================================================================== Tugux CMS 1.2 Multiple vulnerability BLIND sql & xss =================================================================== Software: Tugux CMS Vendor: www.tugux.com Vuln Type: BLind SQL Injection Download link:...

securityvulns•added 2011/07/13 12:0 a.m.•60 views

ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability

ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-235 July 12, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Trend Micro -- Affected Products: Trend Micro Control Manager --...

securityvulns•added 2011/07/13 12:0 a.m.•86 views

phpMyAdmin 3.x preg_replace RCE POC

I'm flooded with requests for a POC and many doubt that these vulnerabilities are exploitable. And since this vulnerability is rather technically interesting I believe many could learn from it. http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html...

securityvulns•added 2011/07/13 12:0 a.m.•59 views

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-234 July 11, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Trend Micro -- Affected Products: Trend Micro Control Manager -...

securityvulns•added 2011/07/13 12:0 a.m.•1232 views

ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability

ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-233 July 7, 2011 -- CVE ID: CVE-2011-0549 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Symantec -- Affected Products: Symantec Web Gateway -- TippingPointTM...

7.5CVSS0.4AI score0.011EPSS

securityvulns•added 2011/07/13 12:0 a.m.•57 views

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-234 July 11, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Trend Micro -- Affected Products: Trend Micro Control Manager -...

securityvulns•added 2011/07/13 12:0 a.m.•80 views

phpMyAdmin 3.x Multiple Remote Code Executions

phpMyAdmin 3.x Multiple Remote Code Executions Advisory from . '::'::''. '..' &16...

7.5CVSS1.4AI score0.37008EPSS

securityvulns•added 2011/07/11 12:0 a.m.•25 views

HP-UX Dynamic Loader Privilege Escalation

No description provided...

6.8CVSS2.2AI score0.0004EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/07/11 12:0 a.m.•38 views

Cisco Content Services Gateway DoS

Device may be crashed via ICMP packets...

7.8CVSS3.6AI score0.02182EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/07/11 12:0 a.m.•18 views

HP OpenView Communication Broker arbitrary files deletion

Arbitrary files deletion via TCP/383 service...

Exploits0References1

securityvulns•added 2011/07/11 12:0 a.m.•19 views

aTube Catcher ActiveX insecure method

Isnecure ChilkatCrypt2.ChilkatOmaDrm.1 method allows to corrupt files...

Exploits0References1Affected Software1

securityvulns•added 2011/07/11 12:0 a.m.•21 views

IDrive Online Backup ActiveX unsafe method

Unsafe SaveToFile method...

Exploits0References1Affected Software1

securityvulns•added 2011/07/11 12:0 a.m.•109 views

Aruba Airwave / ArubaOS crossite scripting

Crossite scripting with SSID...

Exploits0References1Affected Software2

securityvulns•added 2011/07/11 12:0 a.m.•27 views

Apache Santuario library buffer overflow

Buffer overflow on oversized key...

5CVSS5.3AI score0.07303EPSS

Exploits1References1Affected Software1

securityvulns•added 2011/07/11 12:0 a.m.•18 views

Blue Coat Authentication and Authorization Agent buffer overflow

Buffer overflow during TCP/16102 authentication process...

Exploits0References1Affected Software1

securityvulns•added 2011/07/11 12:0 a.m.•52 views

[security bulletin] HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02904002 Version: 1 HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon a...

6.8CVSS0.5AI score0.0004EPSS

securityvulns•added 2011/07/11 12:0 a.m.•42 views

Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability Advisory ID: cisco-sa-20110706-csg Revision 1.0 For Public Release 2011 July 06 1600 UTC GMT +-------------------------------------------------------------------...

7.8CVSS1AI score0.02182EPSS

securityvulns•added 2011/07/11 12:0 a.m.•25 views

IDrive Online Backup ActiveX control Insecure Method

Vulnerability ID: HTB23025 Reference: http://www.htbridge.ch/advisory/idriveonlinebackupactivexcontrolinsecuremethod.html Product: IDrive Online Backup Vendor: Pro Softnet Corporation http://www.idrive.com Vulnerable Version: 3.4.0 and probably prior Tested on: 3.4.0 Vendor Notification: 15 June...

securityvulns•added 2011/07/11 12:0 a.m.•69 views

MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-005 MIT krb5 Security Advisory 2011-005 Original release: 2011-07-05 Topic: FTP daemon fails to set effective group ID CVE-2011-1526 CVSSv2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:O/RC:C CVSSv2 Base Score: 6.5 Access Vector: Network...

6.5CVSS5.8AI score0.00323EPSS

securityvulns•added 2011/07/11 12:0 a.m.•69 views

NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability

======= Summary ======= Name: Blue Coat BCAAA Remote Code Execution Vulnerability Release Date: 5 July 2011 Reference: NGS00060 Discoverer: Paul Harrington [email protected] Vendor: Blue Coat Systems Inc Vendor Reference: 2-358686722 Systems Affected: All versions of BCAAA associated...

securityvulns•added 2011/07/11 12:0 a.m.•86 views

Arbitrary files deletion in HP OpenView Communication Broker

Luigi Auriemma Application: HP OpenView Communication Broker http://www8.hp.com/us/en/software/enterprise-software.html Versions: ovbbccb.exe = 11.0.43.0 Platforms: Windows, Linux, Solaris, HP-UX, AIX Bug: arbitrary files deletion Exploitation: remote, versus server Date: 27 Jun 2011 found 01 Jun...

securityvulns•added 2011/07/11 12:0 a.m.•62 views

Security Advisory: CVE-2011-2516

Please be advised that a security issue affecting the Apache XML Security Library for C++ has been identified and an updated version released to address the issue. The full text of the advisory is below, and a signed version can be found at: http://santuario.apache.org/secadv/CVE-2011-2516.txt --...

5CVSS0.3AI score0.07303EPSS

securityvulns•added 2011/07/11 12:0 a.m.•38 views

aTube Catcher ActiveX Control Insecure Method

Vulnerability ID: HTB23013 Reference: http://www.htbridge.ch/advisory/atubecatcheractivexcontrolsavedecryptedinsecuremethod.html Product: aTube Catcher Vendor: Diego Uscanga http://atube-catcher.dsnetwb.com Vulnerable Version: 2.3.570 and probably prior Tested on: 2.3.570 Vendor Notification: 01...

securityvulns•added 2011/07/11 12:0 a.m.•81 views

Aruba Advisory AID-070611 Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ADVISORY NUMBER AID-070611 Advisory 1: TITLE Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces. SUMMARY A persistent Cross Site Scripting vulnerability XSS was discovered where an attacker could plant an AP with...

securityvulns•added 2011/07/09 12:0 a.m.•48 views

foobar2000 integer overflow

Integer overflow on WAV parsing...

Exploits0References1Affected Software1

securityvulns•added 2011/07/09 12:0 a.m.•42 views

ISC bind named DNS server DoS

Crash on request processing...

5CVSS1.5AI score0.16206EPSS

Exploits2References3Affected Software1

securityvulns•added 2011/07/09 12:0 a.m.•39 views

Integer overflow in foobar2000 1.1.7

Luigi Auriemma Application: foobar2000 http://www.foobar2000.org Versions: = 1.1.7 Platforms: Windows Bug: integer overflow Date: 03 Jul 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix =============== 1 Introduction ===============...

securityvulns•added 2011/07/09 12:0 a.m.•68 views

Security Advisory: CVE-2011-2465 ISC BIND 9 Remote Crash with Certain RPZ Configurations

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ISC BIND 9 Remote Crash with Certain RPZ Configurations Two defects were discovered in ISC's BIND 9 code. These defects only affect BIND 9 servers which have recursion enabled and which use a specific feature of the software known as Response Policy...

5CVSS8.6AI score0.16206EPSS

securityvulns•added 2011/07/09 12:0 a.m.•55 views

Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers A specially constructed packet will cause BIND 9 "named" to exit, affecting DNS service. CVE: CVE-2011-2464 Document Version: 2.0 Posting date: 05 Jul 2011 Progra...

5CVSS0.6AI score0.16206EPSS

securityvulns•added 2011/07/06 12:0 a.m.•29 views

HP Intelligent Management Center User Access Manager code execution

Buffer overflow on TCP/9090 data processing...

10CVSS3.8AI score0.4584EPSS

Exploits4References2Affected Software1

securityvulns•added 2011/07/06 12:0 a.m.•22 views

Novell ZenWorks Handheld Management directory traversal

Directory traversal on TCP/2398 request processing...

Exploits0References1Affected Software1

securityvulns•added 2011/07/06 12:0 a.m.•26 views

OpenSSH buffer overflow

Buffer overflow on oversized username if pamopie is enabled...

Exploits0References1Affected Software1

securityvulns•added 2011/07/06 12:0 a.m.•78 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Exploits0References5Affected Software3

securityvulns•added 2011/07/06 12:0 a.m.•40 views

HP OpenView Storage Data Protector multiple security vulnerabilities

Multiple vulnerabilities in TCP/5555 service...

10CVSS1.5AI score0.89159EPSS

Exploits30References3Affected Software1

securityvulns•added 2011/07/06 12:0 a.m.•19 views

WinAmp multiple security vulnerabilities

Multiple vulnerabilities on FLV and MIDI files parsing...

Exploits0References2Affected Software1

securityvulns•added 2011/07/06 12:0 a.m.•165 views

PHP directory traversal

Directory traversal in RFC 1867 files upload...

6.4CVSS2.9AI score0.11671EPSS

Exploits1Affected Software1

securityvulns•added 2011/07/06 12:0 a.m.•34 views

NetBSD network functions buffer overflow

Buffer overflow on oversized argument in getservbyname and getservbyport...

Exploits2References1Affected Software1

securityvulns•added 2011/07/06 12:0 a.m.•32 views

Cisco VPN client weak permissons

Weak installation permissions allow unprivileged user to overwrite executable...

Exploits0References1

securityvulns•added 2011/07/06 12:0 a.m.•154 views

SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress

SEC Consult Vulnerability Lab Security Advisory 20110701-0 ======================================================================= title: Multiple SQL Injection Vulnerabilities product: WordPress vulnerable version: 3.1.3/3.2-RC1 and probably earlier versions fixed version: 3.1.4/3.2-RC3 impact:...

Total number of security vulnerabilities47153