Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/06/19 12:0 a.m.55 views

iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability

iDefense Security Advisory 06.14.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 14, 2011 I. BACKGROUND Adobe Shockwave Player is a popular Web browser plug-in. It is available for multiple Web browsers and platforms, including Windows, and MacOS. Shockwave Player enables Web browse...

9.3CVSS0.4AI score0.07878EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.58 views

ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability

ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-218 June 14, 2011 -- CVE ID: CVE-2011-2095 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe Reader ...

9.3CVSS1.1AI score0.08701EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.54 views

ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability

ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-204 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Playe...

9.3CVSS0.6AI score0.07476EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.58 views

ZDI-11-220: Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability

ZDI-11-220: Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-220 June 15, 2011 -- CVE ID: CVE-2011-0335 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products:...

9.3CVSS0.4AI score0.03575EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.45 views

ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability

ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-209 June 14, 2011 -- CVE ID: CVE-2011-0335 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player ...

9.3CVSS0.2AI score0.03575EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.49 views

ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability

ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-202 June 14, 2011 -- CVE ID: CVE-2011-2119 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...

9.3CVSS0.3AI score0.03575EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.76 views

[USN-1153-1] libxml2 vulnerability

========================================================================== Ubuntu Security Notice USN-1153-1 June 16, 2011 libxml2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

9.3CVSS0.4AI score0.13727EPSS
Exploits1
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.53 views

Adobe Shockwave Player multiple security vulnerabilities

Multiple memory corruptions, buffer overflow, code execution...

9.3CVSS3.9AI score0.08464EPSS
Exploits0References30Affected Software1
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.60 views

ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability

ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-214 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...

9.3CVSS0.6AI score0.07476EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.66 views

CORE-2011-0203 - MS HyperV Persistent DoS Vulnerability

Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ MS HyperV Persistent DoS Vulnerability 1. Advisory Information Title: MS HyperV Persistent DoS Vulnerability Advisory ID: CORE-2011-0203 Advisory URL:...

4.9CVSS0.2AI score0.02644EPSS
Exploits6
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.65 views

TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability

TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-10 June 15, 2011 -- CVE ID: CVE-2011-0335 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player ...

9.3CVSS1.6AI score0.03575EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.65 views

iDefense SecurityiDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerabilityr Signedness Vulnerability

iDefense Security Advisory 06.14.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 14, 2011 I. BACKGROUND Adobe Shockwave Player is a popular Web browser plug-in. It is available for multiple Web browsers and platforms, including Windows, and MacOS. Shockwave Player enables Web browse...

9.3CVSS0.03575EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.99 views

NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability

NSFOCUS Security AdvisorySA2011-01 Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability Release Date: 2011-06-15 CVE ID: CVE-2011-1250 http://www.nsfocus.com/en/advisories/1101.html Affected Software and System: ============================= Microsoft Internet...

9.3CVSS6.5AI score0.21586EPSS
Exploits1
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.51 views

[BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution

Affected Vendors: Adobe Affected Products: Shockwave Player CVE ID: CVE-2011-2122 Risk Level: High Vulnerability: Memory Corruption Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interacti...

9.3CVSS1AI score0.0441EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.76 views

[USN-1152-1] libvirt vulnerabilities

========================================================================== Ubuntu Security Notice USN-1152-1 June 16, 2011 libvirt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.4CVSS0.9AI score0.01199EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.32 views

Microsoft Hyper-V DoS

Hang on VMBus commands processing...

4.7CVSS1.3AI score0.02644EPSS
Exploits6References1
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.57 views

CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ IBM WebSphere Application Server Cross-Site Request Forgery 1. Advisory Information Title: IBM WebSphere Application Server Cross-Site Request Forgery Advisory ID:...

6.8CVSS6.5AI score0.02096EPSS
Exploits6
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.27 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.6AI score0.26037EPSS
Exploits2References11Affected Software11
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.132 views

TPTI-11-06: Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability

TPTI-11-06: Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-06 June 15, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...

10CVSS1.7AI score0.06277EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.38 views

Oracle Java multiple security vulnerabilities

Multiple integer overflows on ICC profiles parsing. Java Web Start shell commands execution...

10CVSS5AI score0.06277EPSS
Exploits0References20Affected Software2
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.52 views

ZDI-11-222: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability

ZDI-11-222: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-222 June 15, 2011 -- CVE ID: CVE-2011-2113 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected...

9.3CVSS0.7AI score0.05991EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.48 views

HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability

Vulnerability ID: HTB23012 Reference: http://www.htbridge.ch/advisory/gogagoyoutubevideoconverteractivexcontroldownloadbufferoverflowvulnerability.html Product: Gogago YouTube Video Converter Vendor: Gogago http://www.gogago.net/ Vulnerable Version: 1.1.6 3/29/2011 and probably prior Tested on:...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.44 views

HTB23004: Multiple Vulnerabilities in e107

Vulnerability ID: HTB23004 Reference: http://www.htbridge.ch/advisory/multiplevulnerabilitiesine1071.html Product: e107 website system Vendor: e107 http://e107.org/ Vulnerable Version: 0.7.25 and probably prior Tested on: 0.7.25 Vendor Notification: 25 May 2011 Vulnerability Type: Multiple...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.51 views

New CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about new security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and this modem was bough a...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.67 views

ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability

ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-215 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave...

9.3CVSS0.6AI score0.07476EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.53 views

HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS

Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.60 views

Adobe Flash Player memory corruption

No description provided...

10CVSS1.7AI score0.86421EPSS
Exploits11Affected Software1
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.39 views

HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog

Vulnerability ID: HTB23008 Reference: http://www.htbridge.ch/advisory/multiplexssinminiblog.html Product: miniblog Vendor: spyka Web Group http://www.spyka.net Vulnerable Version: 1.0.0 and probably prior Tested on: 1.0.0 Vendor Notification: 25 May 2011 Vulnerability Type: XSS Cross Site Scripti...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.48 views

HTB23005: Multiple XSS in N-13 News

Vulnerability ID: HTB23005 Reference: http://www.htbridge.ch/advisory/multiplexssinn13news.html Product: N-13 News Vendor: Network-13 http://network-13.com/ Vulnerable Version: 4.0.1 and probably prior Tested on: 4.0.1 Vendor Notification: 25 May 2011 Vulnerability Type: XSS Cross Site Scripting...

6AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.52 views

DoS, CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about new security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Denial of Service, Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and thi...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.58 views

ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability

ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-217 June 14, 2011 -- CVE ID: CVE-2011-2109 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...

9.3CVSS0.5AI score0.08464EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.47 views

ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code Execution Vulnerability

ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-216 June 14, 2011 -- CVE ID: CVE-2011-0335 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave...

9.3CVSS0.4AI score0.03575EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.61 views

ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability

ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-203 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwa...

9.3CVSS0.6AI score0.07476EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.42 views

Microsoft .Net Framework multiple security vulnerabilities

Array index overflow, JIT compiler code execution...

9.3CVSS3.1AI score0.20096EPSS
Exploits3Affected Software1
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.32 views

Microsoft Forefront Threat Management Gateway Firewall Client memory corruption

Buffer overflow in NSPLookupServiceNext...

10CVSS3.3AI score0.48368EPSS
Exploits1
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.44 views

New CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about new security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and this modem was bough a...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.48 views

Microsoft Excel multiple security vulnerabilities

Multiple vulnerabilities on different record types parsing...

9.3CVSS2.8AI score0.28222EPSS
Exploits10Affected Software1
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.43 views

Microsoft XML Editor information leakage

Information leakage via .disco files...

4.3CVSS2.4AI score0.15254EPSS
Exploits1Affected Software3
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.106 views

phion netfence / Barracuda NG Firewall: Remote Command Execution with root Privileges

Security Advisory --------------------------------------- Vulnerable Software: Barracuda NG Firewall / phion netfence Homepage: http://www.barracudanetworks.com/ Found by: Wolfgang Neudorfer, Lukas Nothdurfter Impact: Remote Command Execution with root Privileges Severity: Critical Product...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.38 views

Microsoft Certificate Services crossite scripting

Crossite scripting in Active Directory Certificate Services Web Enrollment...

4.3CVSS1.5AI score0.0515EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.55 views

Javascript Injection in Microsoft Lync 4.0.7577.0

============================================================================ Foofus.net Security Advisory: foofus-20110610 ============================================================================ Title: Javascript Injection in Microsoft Lync Version: 4.0.7577.0 Vendor: Microsoft Release Date:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.39 views

Barracuda NG Firewall / phion netfence code execution

Unescaped shell characters vulnerability during authentication...

4.2AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.46 views

New CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about new security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and this modem was bough a...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.35 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

5CVSS1.6AI score0.02289EPSS
Exploits1References2Affected Software2
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.57 views

[SECURITY] [DSA 2259-1] fex security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2259-1 [email protected] http://www.debian.org/security/ Nico Golde June 12, 2011 http://www.debian.org/security/faq -...

5CVSS1.1AI score0.02289EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/11 12:0 a.m.71 views

[SECURITY] [DSA 2254-1] oprofile security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------------- Debian Security Advisory DSA 2254-1 [email protected] http://www.debian.org/security/ Luciano Bello June 3, 2011 http://www.debian.org/security/faq -...

7.2CVSS1.8AI score0.01367EPSS
Exploits1
securityvulns
securityvulns
added 2011/06/11 12:0 a.m.36 views

TRENDnet / Digicom / iPUX / ZoneNet / AirLink101 IP camera products multiple security vulnerabilities

Undocumented productmaker:ftvsbannedcode account may access camera via Web interface. Different vulnerabilities allows to obtain full administrative access via this account...

4.4AI score
Exploits0References1
securityvulns
securityvulns
added 2011/06/11 12:0 a.m.38 views

Novell iPrint multiple security vulnerabilities

Code execution via op-printer-list-all-jobs URI handler and cookie, Multiple ActiveX code execution vulnerabilities...

9.3CVSS2.9AI score0.05869EPSS
Exploits0References10Affected Software1
securityvulns
securityvulns
added 2011/06/11 12:0 a.m.53 views

ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability

ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-178 June 6, 2011 -- CVE ID: CVE-2011-1705 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Novell -- Affected Products: Novell iPrint --...

9.3CVSS0.5AI score0.05869EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/11 12:0 a.m.55 views

ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability

ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-181 June 6, 2011 -- CVE ID: CVE-2011-1707 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Novell -- Affected Products: Novell iPrint --...

9.3CVSS0.6AI score0.04883EPSS
Exploits0
Total number of security vulnerabilities47153