Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2011/07/14 12:0 a.m.•26 views

OpenOffice memory corruption

Memory corruption on .lwp files import...

2.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/14 12:0 a.m.•23 views

Sybase Advantage Server buffer overflow

Off-by-one overflow on TCP/6262, UDP/6262 traffic parsing. Format string vulnerability on TCP/5001 traffic processing...

4.8AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
•added 2011/07/14 12:0 a.m.•55 views

[USN-1169-1] APT vulnerability

========================================================================== Ubuntu Security Notice USN-1169-1 July 13, 2011 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.3CVSS0.7AI score0.01686EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/14 12:0 a.m.•51 views

Paltalk Messenger ActiveX Control Multiple Insecure Methods

Vulnerability ID: HTB23026 Reference: http://www.htbridge.ch/advisory/paltalkmessengeractivexcontrolmultipleinsecuremethods.html Product: Paltalk Messenger Vendor: Paltalk http://www.paltalk.com Vulnerable Version: 10.0 and probably prior Tested on: 10.0 Vendor Notification: 22 June 2011...

0.7AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/14 12:0 a.m.•37 views

Wireshark 1.4.0 Malformed IKE Packet Denial of Service

Wireshark 1.4.0 Malformed IKE Packet Denial of Service ------------------------------------------------------------------ I. Summary A flaw has been identified in Wireshark 1.4.0 when send a specific malformed IKE packet that will cause a denial of service...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/14 12:0 a.m.•39 views

bcksrvr format string in Sybase Adaptive Server 15.5

Luigi Auriemma Application: Sybase Adaptive Server http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise Versions: = 15.5 Platforms: Solaris, Windows, Linux, AIX, HP Bug: format string in bcksrvr Exploitation: remote, versus server Date: 27 Jun 2011 found 28 Oct 2010 Author:...

7AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/14 12:0 a.m.•26 views

[SECURITY] [DSA 2275-1] openoffice.org security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2275-1 [email protected] http://www.debian.org/security/ Nico Golde July 7, 2011 http://www.debian.org/security/faq -...

1.9AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•61 views

ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability

ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-235 July 12, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Trend Micro -- Affected Products: Trend Micro Control Manager --...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•88 views

phpMyAdmin 3.x preg_replace RCE POC

I'm flooded with requests for a POC and many doubt that these vulnerabilities are exploitable. And since this vulnerability is rather technically interesting I believe many could learn from it. http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•59 views

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-234 July 11, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Trend Micro -- Affected Products: Trend Micro Control Manager -...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•55 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.12879EPSS
Exploits18References5Affected Software4
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•19 views

TrendMicro Control Manager security vulnerabilities

Integer overflow on TCP/20801 request handling. SQL injection...

2.4AI score
Exploits0References2
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•58 views

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability

ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-234 July 11, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Trend Micro -- Affected Products: Trend Micro Control Manager -...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•1234 views

ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability

ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-233 July 7, 2011 -- CVE ID: CVE-2011-0549 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Symantec -- Affected Products: Symantec Web Gateway -- TippingPointTM...

7.5CVSS0.4AI score0.02237EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•27 views

Microsoft Visio insecure DLL loading

Unsafe DLL loading on associated files opening...

9.3CVSS2.5AI score0.1364EPSS
Exploits2Affected Software1
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•81 views

phpMyAdmin 3.x Multiple Remote Code Executions

phpMyAdmin 3.x Multiple Remote Code Executions Advisory from . '::'::''. '..' &16...

7.5CVSS1.4AI score0.12879EPSS
Exploits18
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•63 views

Microsoft Windows multiple security vulnerabilities

Uninitialized memory reference in Bluetooth stack, multiple memory handling vulnerabilities in Windows kernel, multiple privilege escalations in CSRSS...

8.3CVSS4.4AI score0.05948EPSS
Exploits11Affected Software1
securityvulns
securityvulns
•added 2011/07/13 12:0 a.m.•57 views

Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss)

=================================================================== Tugux CMS 1.2 Multiple vulnerability BLIND sql & xss =================================================================== Software: Tugux CMS Vendor: www.tugux.com Vuln Type: BLind SQL Injection Download link:...

7.7AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•39 views

Cisco Content Services Gateway DoS

Device may be crashed via ICMP packets...

7.8CVSS3.6AI score0.01916EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•27 views

HP-UX Dynamic Loader Privilege Escalation

No description provided...

6.8CVSS2.2AI score0.0031EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•109 views

Aruba Airwave / ArubaOS crossite scripting

Crossite scripting with SSID...

1.7AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•18 views

HP OpenView Communication Broker arbitrary files deletion

Arbitrary files deletion via TCP/383 service...

3AI score
Exploits0References1
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•64 views

Security Advisory: CVE-2011-2516

Please be advised that a security issue affecting the Apache XML Security Library for C++ has been identified and an updated version released to address the issue. The full text of the advisory is below, and a signed version can be found at: http://santuario.apache.org/secadv/CVE-2011-2516.txt --...

5CVSS0.3AI score0.0772EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•18 views

Blue Coat Authentication and Authorization Agent buffer overflow

Buffer overflow during TCP/16102 authentication process...

4.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•39 views

aTube Catcher ActiveX Control Insecure Method

Vulnerability ID: HTB23013 Reference: http://www.htbridge.ch/advisory/atubecatcheractivexcontrolsavedecryptedinsecuremethod.html Product: aTube Catcher Vendor: Diego Uscanga http://atube-catcher.dsnetwb.com Vulnerable Version: 2.3.570 and probably prior Tested on: 2.3.570 Vendor Notification: 01...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•69 views

NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability

======= Summary ======= Name: Blue Coat BCAAA Remote Code Execution Vulnerability Release Date: 5 July 2011 Reference: NGS00060 Discoverer: Paul Harrington [email protected] Vendor: Blue Coat Systems Inc Vendor Reference: 2-358686722 Systems Affected: All versions of BCAAA associated...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•82 views

Aruba Advisory AID-070611 Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ADVISORY NUMBER AID-070611 Advisory 1: TITLE Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces. SUMMARY A persistent Cross Site Scripting vulnerability XSS was discovered where an attacker could plant an AP with...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•89 views

Arbitrary files deletion in HP OpenView Communication Broker

Luigi Auriemma Application: HP OpenView Communication Broker http://www8.hp.com/us/en/software/enterprise-software.html Versions: ovbbccb.exe = 11.0.43.0 Platforms: Windows, Linux, Solaris, HP-UX, AIX Bug: arbitrary files deletion Exploitation: remote, versus server Date: 27 Jun 2011 found 01 Jun...

1.7AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•27 views

Apache Santuario library buffer overflow

Buffer overflow on oversized key...

5CVSS5.3AI score0.0772EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•55 views

[security bulletin] HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02904002 Version: 1 HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon a...

6.8CVSS0.5AI score0.0031EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•44 views

Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability Advisory ID: cisco-sa-20110706-csg Revision 1.0 For Public Release 2011 July 06 1600 UTC GMT +-------------------------------------------------------------------...

7.8CVSS1AI score0.01916EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•28 views

IDrive Online Backup ActiveX control Insecure Method

Vulnerability ID: HTB23025 Reference: http://www.htbridge.ch/advisory/idriveonlinebackupactivexcontrolinsecuremethod.html Product: IDrive Online Backup Vendor: Pro Softnet Corporation http://www.idrive.com Vulnerable Version: 3.4.0 and probably prior Tested on: 3.4.0 Vendor Notification: 15 June...

0.7AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•22 views

IDrive Online Backup ActiveX unsafe method

Unsafe SaveToFile method...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•70 views

MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-005 MIT krb5 Security Advisory 2011-005 Original release: 2011-07-05 Topic: FTP daemon fails to set effective group ID CVE-2011-1526 CVSSv2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:O/RC:C CVSSv2 Base Score: 6.5 Access Vector: Network...

6.5CVSS5.8AI score0.03938EPSS
Exploits0
securityvulns
securityvulns
•added 2011/07/11 12:0 a.m.•19 views

aTube Catcher ActiveX insecure method

Isnecure ChilkatCrypt2.ChilkatOmaDrm.1 method allows to corrupt files...

2.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/09 12:0 a.m.•41 views

Integer overflow in foobar2000 1.1.7

Luigi Auriemma Application: foobar2000 http://www.foobar2000.org Versions: = 1.1.7 Platforms: Windows Bug: integer overflow Date: 03 Jul 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix =============== 1 Introduction ===============...

Exploits0
securityvulns
securityvulns
•added 2011/07/09 12:0 a.m.•49 views

foobar2000 integer overflow

Integer overflow on WAV parsing...

4.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/09 12:0 a.m.•42 views

ISC bind named DNS server DoS

Crash on request processing...

5CVSS1.5AI score0.19265EPSS
Exploits2References3Affected Software1
securityvulns
securityvulns
•added 2011/07/09 12:0 a.m.•69 views

Security Advisory: CVE-2011-2465 ISC BIND 9 Remote Crash with Certain RPZ Configurations

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ISC BIND 9 Remote Crash with Certain RPZ Configurations Two defects were discovered in ISC's BIND 9 code. These defects only affect BIND 9 servers which have recursion enabled and which use a specific feature of the software known as Response Policy...

5CVSS8.6AI score0.19265EPSS
Exploits2
securityvulns
securityvulns
•added 2011/07/09 12:0 a.m.•59 views

Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers A specially constructed packet will cause BIND 9 "named" to exit, affecting DNS service. CVE: CVE-2011-2464 Document Version: 2.0 Posting date: 05 Jul 2011 Progra...

5CVSS0.6AI score0.19265EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•58 views

[security bulletin] HPSB3C02687 SSRT100377 rev.1 - HP Intelligent Management Center User Access Manager (UAM) and Endpoint Admission Defense (EAD), Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02901775 Version: 1 HPSB3C02687 SSRT100377 rev.1 - HP Intelligent Management Center User Access Manager UAM and Endpoint Admission Defense EAD, Remote Execution of Arbitrary Code NOTICE: The...

10CVSS0.8AI score0.25787EPSS
Exploits4
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•32 views

HP Intelligent Management Center User Access Manager code execution

Buffer overflow on TCP/9090 data processing...

10CVSS3.8AI score0.25787EPSS
Exploits4References2Affected Software1
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•45 views

Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2

Luigi Auriemma Application: Novell ZenWorks Handheld Management http://www.novell.com/products/zenworks/handhelds/ Versions: = 7.0.2.61213 Platforms: Windows, Linux, NetWare Bug: upload directory traversal Exploitation: remote, versus server Date: 27 Jun 2011 found 25 Apr 2011 Author: Luigi...

7AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•60 views

ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability

ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-230 June 29, 2011 -- CVE ID: CVE-2011-0211 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktim...

6.8CVSS0.7AI score0.02924EPSS
Exploits2
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•24 views

Novell ZenWorks Handheld Management directory traversal

Directory traversal on TCP/2398 request processing...

2.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•51 views

[USN-1163-1] Bind vulnerability

========================================================================== Ubuntu Security Notice USN-1163-1 July 05, 2011 bind9 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

5CVSS0.2AI score0.19265EPSS
Exploits1
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•33 views

Cisco VPN client weak permissons

Weak installation permissions allow unprivileged user to overwrite executable...

4.1AI score
Exploits0References1
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•53 views

NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow

======= Summary ======= Name: Apple Mac OS X ImageIO TIFF Integer Overflow Release Date: 28 June 2011 Reference: NGS00057 Discoverer: Dominic Chell [email protected] Vendor: Apple Vendor Reference: 142522746 Systems Affected: Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through...

6.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•19 views

WinAmp multiple security vulnerabilities

Multiple vulnerabilities on FLV and MIDI files parsing...

2.8AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
•added 2011/07/06 12:0 a.m.•155 views

SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress

SEC Consult Vulnerability Lab Security Advisory 20110701-0 ======================================================================= title: Multiple SQL Injection Vulnerabilities product: WordPress vulnerable version: 3.1.3/3.2-RC1 and probably earlier versions fixed version: 3.1.4/3.2-RC3 impact:...

0.8AI score
Exploits0
Total number of security vulnerabilities47153