Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/05/30 12:0 a.m.51 views

FreeBSD Security Advisory FreeBSD-SA-11:02.bind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:02.bind Security Advisory The FreeBSD Project Topic: BIND remote DoS with large RRSIG RRsets and negative caching Category: contrib Module: bind Announced:...

5CVSS7.8AI score0.24638EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.100 views

CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. These attacks should be conducted on modem owner, which is logged into control panel. Taking into...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.41 views

New CSRF and XSS vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and this modem was bough at...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.42 views

Google Chrome multiple security vulnerabilities

Memory corruptions, privilege escalation race conditions, DoS...

9.3CVSS3AI score0.04375EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.96 views

[SECURITY] CVE-2011-1026: Apache Archiva Multiple CSRF vulnerability

CVE-2011-1026: Apache Archiva Multiple CSRF vulnerability Severity: High Vendor: The Apache Software Foundation Versions Affected: Archiva 1.3.0 - 1.3.4 The unsupported versions Archiva 1.0 - 1.2.2 are also affected. Description: An attacker can build a simple html page containing a hidden Image...

6.8CVSS1.3AI score0.02117EPSS
Exploits4
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.60 views

[USN-1138-1] DBus-GLib vulnerability

========================================================================== Ubuntu Security Notice USN-1138-1 May 26, 2011 dbus-glib vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

3.6CVSS0.5AI score0.00397EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.47 views

CSRF vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Cross-Site Request Forgery vulnerabilities. In April I've already drew attention of Ukrtelecom's representative and this modem was bough at Ukrtelecom about multiple...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.41 views

ISC bind named DNS server DoS

Large RRSIG in negative response leads to assert...

5CVSS2.4AI score0.24638EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.42 views

[SECURITY] [DSA 2243-1] unbound security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2243-1 [email protected] http://www.debian.org/security/ Florian Weimer May 27, 2011 http://www.debian.org/security/faq -...

5CVSS1.3AI score0.02701EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.23 views

Unbound DNS server DoS

DoS against DNSSEC signed zone...

5CVSS1.4AI score0.02701EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.49 views

Vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Predictable Resource Location and Brute Force vulnerabilities. Predictable Resource Location WASC-34: http://192.168.1.1 web server on 80 and 8008 ports. The control...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.76 views

[SECURITY] [DSA 2246-1] mahara security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2246-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 29, 2011 http://www.debian.org/security/faq -...

6.8CVSS0.6AI score0.02529EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.36 views

[USN-1138-2] NetworkManager and ModemManager update

========================================================================== Ubuntu Security Notice USN-1138-2 May 27, 2011 network-manager, modemmanger update ========================================================================== A security issue affects these releases of Ubuntu and its...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.379 views

2245

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2245-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 29, 2011 http://www.debian.org/security/faq -...

9.3CVSS5.4AI score0.04375EPSS
Exploits6
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.59 views

[SECURITY] [DSA 2241-1] qemu-kvm security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2241-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24, 2011 http://www.debian.org/security/faq -...

7.4CVSS1.9AI score0.0075EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.82 views

Remote Password Disclosure Vulnerability in RXS-3211 IP Camera + others

-==Description==- The RXS-3211 IP camera, among others, is vulnerable to remote password disclosure, which can be exploited by an unauthenticated attacker with a single UDP packet. The problem exists in the camera management protocol used by the devices, which sends the administrator password and...

2.1AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.32 views

Cisco RVS4000 / Cisco WRVS4400N routers multiple security vulnerabilities

Code execution, information leakage via Web interface...

9.3CVSS4.5AI score0.03396EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.75 views

[SECURITY] [DSA 2240-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2240-1 [email protected] http://www.debian.org/security/ dann frazier May 24, 2011 http://www.debian.org/security/faq -...

7.8CVSS1.3AI score0.04364EPSS
Exploits21
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.24 views

Cisco Content Delivery System DoS

Internet Streamer URL processing crash...

7.8CVSS2.2AI score0.0121EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.60 views

[USN-1136-1] rdesktop vulnerability

========================================================================== Ubuntu Security Notice USN-1136-1 May 25, 2011 rdesktop vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

4.3CVSS0.6AI score0.01094EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.64 views

Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities Advisory ID: cisco-sa-20110525-rvs4000 Revision 1.0 For Public Release 2011 May 25 1600 UTC GMT...

9.3CVSS0.9AI score0.03396EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.45 views

Talsoft S.R.L. Security Advisory - WordPress User IDs and User Names Disclosure

----------------------------------------------------------------------- Talsoft S.R.L. Security Advisory WordPress User IDs and User Names Disclosure ----------------------------------------------------------------------- I. Advisory information Title: WordPress User IDs and User Names Disclosure...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.37 views

rdesktop directory traversal

Directory traversal in disk redirection feature...

4.3CVSS2.4AI score0.01094EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.221 views

Rosewill RXS-3211 IP camera information leakage

It's possible to retrieve administration password via UDP/13364 request...

3.5AI score
Exploits0References1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.40 views

KVM security vulnerabilities

DoS on guest system I/O processing...

7.4CVSS2.2AI score0.01305EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.48 views

iDefense Security Advisory 05.24.11: IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow

iDefense Security Advisory 05.24.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 24, 2011 I. BACKGROUND IBM Corp.'s Lotus Notes software is an integrated desktop client option for accessing e-mail, calendars and applications on an IBM Corp. Lotus Domino server. More information can ...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.45 views

iDefense Security Advisory 05.24.11: IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow

iDefense Security Advisory 05.24.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 24, 2011 I. BACKGROUND IBM Corp.'s Lotus Notes software is an integrated desktop client option for accessing e-mail, calendars and applications on an IBM Corp. Lotus Domino server. More information can ...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.32 views

iDefense Security Advisory 05.24.11: IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow

iDefense Security Advisory 05.24.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 24, 2011 I. BACKGROUND IBM Corp.'s Lotus Notes software is an integrated desktop client option for accessing e-mail, calendars and applications on an IBM Corp. Lotus Domino server. More information can ...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.52 views

[CVE-REQUEST] Plone XSS and permission errors

Hello all, As a member of the Plone security response team I hereby notify you that we have been made aware of three distinct security holes in Plone and are requesting CVE identifiers. 1. Reflected XSS attack A crafted URL can display arbitrary HTML output 2. Persistent XSS attack Certain valid...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.59 views

iDefense Security Advisory 05.24.11: IBM Lotus Notes RTF Attachment Viewer Stack Buffer Overflow

iDefense Security Advisory 05.24.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 24, 2011 I. BACKGROUND IBM Corp.'s Lotus Notes software is an integrated desktop client option for accessing e-mail, calendars and applications on an IBM Corp. Lotus Domino server. More information can ...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.56 views

Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability Advisory ID: cisco-sa-20110525-iosxr Revision 1.0 For Public Release 2011 May 25 1600 UTC GMT +--------------------------------------------------------- Summary ======= Cisco IOS...

7.8CVSS0.4AI score0.01205EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.56 views

Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability Advisory ID: cisco-sa-20110525-iosxr-ssh Revision 1.0 For Public Release 2011 May 25 1600 UTC GMT...

7.8CVSS0.6AI score0.01205EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.46 views

CORE-2010-0908: Lotus Notes XLS viewer malformed BIFF record heap overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Lotus Notes XLS viewer malformed BIFF record heap overflow 1. Advisory Information Title: Lotus Notes XLS viewer malformed BIFF record heap overflow Advisory ID:...

9.3CVSS0.3AI score0.06867EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.67 views

Linux kernel security vulnerabilities

DoS via InfiniBand, DoS via InfinyBand disks, multiple DoS conditions, memory corruptions and information leaks, buffer overflow in IrDA, DoS via VLANs, CIFS authentication bypass, DoS via GRE...

7.8CVSS3.9AI score0.04364EPSS
Exploits24References2Affected Software1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.53 views

Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability Advisory ID: cisco-sa-20110525-iosxrspa Revision 1.0 For Public Release 2011 May 25 1600 UTC GMT...

7.8CVSS0.2AI score0.0121EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.38 views

IBM Lotus Notes multiple security vulnerabilities

Memory corruptions on BIFF, Applix, Microsoft Office, RTF and LZH files formats parsing...

9.3CVSS3.1AI score0.06867EPSS
Exploits1References5Affected Software1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.70 views

Cisco Security Advisory: Cisco Content Delivery System Internet Streamer: Web Server Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Content Delivery System Internet Streamer: Web Server Vulnerability Advisory ID: cisco-sa-20110525-spcdn Revision 1.0 For Public Release 2011 May 25 1600 UTC GMT...

7.8CVSS0.4AI score0.0121EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.38 views

Cisco IOS XR multiple security vulnerabilities

DoS on IP packets parsing including routed ones, DoS against SSH, DoS against SPA...

7.8CVSS2.4AI score0.0121EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.62 views

[ MDVSA-2011:101 ] dovecot

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:101 http://www.mandriva.com/security/ Package : dovecot Date : May 26, 2011 Affected: 2009.0, 2010.1, Enterprise Server 5.0 Problem Description: A vulnerability has been identified and fixed in dovecot:...

5CVSS5.3AI score0.0325EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.29 views

Dovecot DoS

Crash on NUL character in headers...

5CVSS2AI score0.0325EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.120 views

[USN-1137-1] Eucalyptus vulnerability

========================================================================== Ubuntu Security Notice USN-1137-1 May 26, 2011 eucalyptus, rampart vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

6.5CVSS0.6AI score0.02174EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.32 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.02174EPSS
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.40 views

HTB22987: Multiple XSS in phpScheduleIt

Vulnerability ID: HTB22987 Reference: http://www.htbridge.ch/advisory/multiplexssinphpscheduleit.html Product: phpScheduleIt Vendor: php.brickhost.com Vulnerable Version: 1.2.12 Vendor Notification: 05 May 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tech Brid...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.22 views

Cisco routers Router Advertisement Guarding protection bypass

It's possible to bypass protection with fragmented ICMPv6 packet...

3.4AI score
Exploits0References1
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.96 views

PR10-11: Multiple XSS injection vulnerabilities and a offsite redirection flaw within HP System Management Homepage (Insight Manager)

PR10-11: Multiple XSS injection vulnerabilities and a offsite redirection flaw within HP System Management Homepage Insight Manager Vulnerability found: 6th June 2010 Date Published 20th May 2011 Severity: Medium Description: XSS vulnerabilities have been found within HP System Management; Arisin...

5CVSS0.1AI score0.02255EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.62 views

VUPEN Security Research - 7T Interactive Graphical SCADA System (IGSS) Remote Memory Corruption

VUPEN Security Research - 7T Interactive Graphical SCADA System ODBC Remote Memory Corruption http://www.vupen.com/english/research.php I. BACKGROUND --------------------- 7T Interactive Graphical SCADA System IGSS is a state-of-the art SCADA system used for monitoring and controlling industrial...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.33 views

FPD и XSS уязвимости в Easy Contact для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Full path disclosure и Cross-Site Scripting уязвимостях в плагине Easy Contact для WordPress. Full path disclosure WASC-13: http://site/wp-content/plugins/easy-contact/econtact.php http://site/wp-content/plugins/easy-contact/econtact-menu.php XSS...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.31 views

Gadu-Gadu 0-Day Remote Code Execution

Vendor: Gadu-Gadu http://gadu-gadu.pl Vulnerable Version: All Vulnerability Type: XSS, Remote Code Execution Risk level: Very High Credit: Kacper Szczesniak [email protected] Vulnerability Details: Gadu-Gadu improperly handles file transfer requests. It's possible to place 255 chars of HTML co...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.37 views

[SECURITY] [DSA 2239-1] libmojolicious-perl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2239-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24, 2011 http://www.debian.org/security/faq -...

10CVSS1.7AI score0.02078EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/25 12:0 a.m.71 views

[USN-1133-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1133-1 May 24, 2011 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

7.1CVSS0.8AI score0.03521EPSS
Exploits3
Total number of security vulnerabilities47153