Securityvulns - Page 19 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/05/11 12:0 a.m.•64 views

CSRF to add admin user Vulnerability In Manage Engine Device Expert

=============================================================================== CSRF to add admin user Vulnerability In Manage Engine Device Expert =============================================================================== . contents:: Table Of Content Overview ======== Title : CSRF to add...

securityvulns•added 2015/05/11 12:0 a.m.•49 views

[security bulletin] HPSBGN03328 rev.1 - Network Virtualization for HP LoadRunner and Performance Center, Remote Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04657310 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04657310 Version: 1 HPSBGN03328 rev....

7.8CVSS0.3AI score0.02875EPSS

securityvulns•added 2015/05/11 12:0 a.m.•68 views

Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network Configuration

Title:- Cross-Site Request Forgery CSRF Vulnerability in ManageEngine Network Configuration Management Author: Kaustubh G. Padwad Vendor: ZOHO Corp Product: ManageEngine Network Configuration Manager Tested Version: : Network Configuration Manager Build 11000 Severity: HIGH About the Product:...

securityvulns•added 2015/05/11 12:0 a.m.•50 views

[security bulletin] HPSBPI03315 rev.1 - HP Capture and Route Software, Remote Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04633710 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04633710 Version: 1 HPSBPI03315 rev....

2.7CVSS0.1AI score0.00545EPSS

securityvulns•added 2015/05/11 12:0 a.m.•118 views

[ MDVSA-2015:228 ] nodejs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:228 http://www.mandriva.com/en/support/security/ Package : nodejs Date : May 6, 2015 Affected: Business Server 2.0 Problem Description: Updated nodejs package fixes security vulnerability: It was found that...

10CVSS3.8AI score0.03242EPSS

securityvulns•added 2015/05/11 12:0 a.m.•97 views

Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability

Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability. Vendor: http://www.sqlbuddy.com Release Date: ============= 05-08-2015 Source: ==================================== http://hyp3rlinx.altervista.org/advisories/AS-SQLBUDDY0508.txt Product: =============================== sqlbuddy...

securityvulns•added 2015/05/11 12:0 a.m.•48 views

CSRF/XSS In Ad_Button Wordpress

================================================================ CSRF/Stored XSS Vulnerability in Ad Buttons Plugin ================================================================ . contents:: Table Of Content Overview ======== Title :CSRF and Stored XSS Vulnerability in Ad Buttons Wordpress...

securityvulns•added 2015/05/11 12:0 a.m.•49 views

[SECURITY] [DSA 3254-1] suricata security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3254-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 09, 2015 http://www.debian.org/security/faq -...

5CVSS1.3AI score0.01134EPSS

securityvulns•added 2015/05/11 12:0 a.m.•56 views

[CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities

Advisory Information Title: InFocus IN3128HD Projector Multiple Vulnerabilities Advisory ID: CORE-2015-0008 Advisory URL: http://www.coresecurity.com/advisories/infocus-in3128hd-projector-multiple-vulnerabilities Date published: 2015-04-27 Date of last update: 2015-04-22 Vendors contacted:...

10CVSS6.8AI score0.03235EPSS

securityvulns•added 2015/05/11 12:0 a.m.•34 views

Remote File Upload Vulnerability in WordPress Ultimate Product Catalogue Plugin

Product Description: ------------------- Ultimate Product Catalog plugin is designed to help WordPress sites administrators display products quickly and easily in an attractive and customizable layout, making your catalogue easy to browse, sort and update with categories, sub-categories, and tags...

securityvulns•added 2015/05/11 12:0 a.m.•149 views

Alienvault OSSIM/USM Multiple Vulnerabilities

Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...

securityvulns•added 2015/05/11 12:0 a.m.•73 views

[USN-2548-1] Batik vulnerability

========================================================================== Ubuntu Security Notice USN-2548-1 March 25, 2015 batik vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

6.4CVSS0.5AI score0.16677EPSS

securityvulns•added 2015/05/11 12:0 a.m.•59 views

[ MDVSA-2015:230 ] squid

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:230 http://www.mandriva.com/en/support/security/ Package : squid Date : May 6, 2015 Affected: Business Server 2.0 Problem Description: Updated squid packages fix security vulnerability: Squid configured with...

2.6CVSS7.7AI score0.11402EPSS

securityvulns•added 2015/05/11 12:0 a.m.•52 views

[SECURITY] [DSA 3202-1] mono security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3202-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 22, 2015 http://www.debian.org/security/faq -...

7.5CVSS2.2AI score0.03539EPSS

securityvulns•added 2015/05/11 12:0 a.m.•40 views

mono security vulnerabilities

Multiple TLS related vulnerabilities...

7.5CVSS1.6AI score0.03539EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•48 views

Wordpress plugin Simple Ads Manager - Arbitrary File Upload

Vulnerability title: Wordpress plugin Simple Ads Manager - Arbitrary File Upload Product: Wordpress plugin Simple Ads Manager Vendor: https://profiles.wordpress.org/minimus/ Affected version: Simple Ads Manager 2.5.94 Download link: https://wordpress.org/plugins/simple-ads-manager/ CVE ID:...

7.5CVSS0.14451EPSS

securityvulns•added 2015/05/11 12:0 a.m.•153 views

CSRF & XSS Wing FTP Server Admin <= v4.4.5

Wing FTP Server Admin 4.4.5 - CSRF & Cross Site Scripting Vulnerabilities Release Date: ============= 2015-04-28 Source: ==================================== http://hyp3rlinx.altervista.org/advisories/AS-WFTP0328.txt Common Vulnerability Scoring System: ==================================== Overal...

securityvulns•added 2015/05/11 12:0 a.m.•70 views

vPhoto-Album v4.2 iOS - File Include Web Vulnerability

Document Title: =============== vPhoto-Album v4.2 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1477 Release Date: ============= 2015-05-05 Vulnerability Laboratory ID VL-ID: ==================================== 147...

securityvulns•added 2015/05/11 12:0 a.m.•58 views

CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS

=============================================================================== CSRF/Stored XSS Vulnerability in AB Google Map Travel AB-MAP Wordpress Plugin =============================================================================== . contents:: Table Of Content Overview ======== Title :Stor...

6.8CVSS5.7AI score0.03859EPSS

securityvulns•added 2015/05/11 12:0 a.m.•77 views

[security bulletin] HPSBGN03329 rev.1 - HP SDN VAN Controller, Remote Denial of Service (DoS), Distributed Denial of Service (DDoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04657823 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04657823 Version: 1 HPSBGN03329 rev....

7.8CVSS0.2AI score0.83175EPSS

securityvulns•added 2015/05/11 12:0 a.m.•63 views

HP SDN VAN Controller DoS

No description provided...

7.8CVSS1AI score0.83175EPSS

Exploits8References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•27 views

HP Capture and Route information disclosure

No description provided...

2.7CVSS0.2AI score0.00545EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•29 views

EMC RSA Identity Management and Governance password reset

Weak password reset procedure...

7.5CVSS2.8AI score0.02668EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•326 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.65927EPSS

Exploits39References44Affected Software32

securityvulns•added 2015/05/11 12:0 a.m.•271 views

[SYSS-2014-007] FrontRange DSM - Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-007 Product: FrontRange DSM Vendor: FrontRange Solutions USA Inc. and/or its affiliates Affected Versions: v7.2.1.2020, v7.2.2.2331 Tested Versions: v7.2.1.2020, v7.2.2.2331 Vulnerability Type: Use of Hard-coded Cryptographic...

securityvulns•added 2015/05/11 12:0 a.m.•277 views

Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429

Information -------------------- Advisory by Netsparker. Name: DOM XSS Vulnerability in Twenty Fifteen WordPress Theme Affected Software : WordPress Affected Versions: 4.2.1 and probably below Vendor Homepage : https://wordpress.org/ and https://wordpress.org/themes/twentyfifteen/ Vulnerability...

4.3CVSS6.7AI score0.03803EPSS

securityvulns•added 2015/05/11 12:0 a.m.•73 views

[CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL

tl;dr heap and integer overflows in ICU, many packages affected, unknown if these can be exploited or not - everyone names vulns nowadays, so I name these I-C-U-FAIL. Hi, I have found two vulnerabilities in the ICU library while fuzzing LibreOffice, full details in the advisory below. Disclosure ...

7.5CVSS0.2AI score0.24286EPSS

securityvulns•added 2015/05/11 12:0 a.m.•58 views

[SECURITY] [DSA 3250-1] wordpress security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3250-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini May 04, 2015 http://www.debian.org/security/faq -...

4.3CVSS1.6AI score0.17945EPSS

securityvulns•added 2015/05/11 12:0 a.m.•103 views

[ MDVSA-2015:216 ] ntop

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:216 http://www.mandriva.com/en/support/security/ Package : ntop Date : April 29, 2015 Affected: Business Server 1.0 Problem Description: Updated ntop package fixes security vulnerability: Lack of filtering i...

4.3CVSS6.3AI score0.02094EPSS

securityvulns•added 2015/05/11 12:0 a.m.•26 views

Network Virtualization for HP LoadRunner and Performance Center information disclosure

No description provided...

7.8CVSS1.2AI score0.02875EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•34 views

HP Operations Orchestration authentication bypass

No description provided...

7.5CVSS1.4AI score0.04111EPSS

Exploits0References1

securityvulns•added 2015/05/11 12:0 a.m.•45 views

CSRF/XSSIn Ad_InSerter Wordpress

================================================================ CSRF/Stored XSS Vulnerability in Ad Inserter Plugin ================================================================ . contents:: Table Of Content Overview ======== Title :CSRF and Stored XSS Vulnerability in Ad Inserter Wordpress...

securityvulns•added 2015/05/11 12:0 a.m.•29 views

F5 BIG-IQ Enumeration of users and Information Disclosure

Hi, I'm testing BIG-IQ v 0.0.7028, no the last HF but i don't see the bug fix in the HF1 the new mngmt of F5 BIG-IP, i see that you are loggout and join to the next link LINK : where $user is the user https://127.0.0.1/mgmt/shared/authz/users/$user/ When i open this link and try some diff users...

securityvulns•added 2015/05/11 12:0 a.m.•33 views

HP TippingPoint Security Management System / TippingPoint Virtual Security Management System code execution

Code execution via web interface...

7.5CVSS2.8AI score0.08661EPSS

Exploits0References1Affected Software2

securityvulns•added 2015/05/11 12:0 a.m.•50 views

Filezilla FTP server bounce attack

DATA connection IP address is not restricted...

Exploits0References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•56 views

libicu security vulnerabilities

Buffer overflow, integer overflow...

7.5CVSS3.9AI score0.24286EPSS

Exploits4References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•44 views

[security bulletin] HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS), Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04626974 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04626974 Version: 1 HPSBGN03308 rev....

7.5CVSS0.3AI score0.08661EPSS

securityvulns•added 2015/05/11 12:0 a.m.•41 views

CSRF/XSS In Ultimate Profile Builder by CMSLive Wordpress Plugin

================================================================ CSRF/Stored XSS Vulnerability in Ultimate profile Builder Plugin ================================================================ . contents:: Table Of Content Overview ======== Title :CSRF and Stored XSS Vulnerability in Ultimate...

securityvulns•added 2015/05/11 12:0 a.m.•48 views

Wordpress plugin Simple Ads Manager - SQL Injection

Vulnerability title: Wordpress plugin Simple Ads Manager - SQL Injection Product: Wordpress plugin Simple Ads Manager Vendor: https://profiles.wordpress.org/minimus/ Affected version: Simple Ads Manager 2.5.94 and 2.5.96 Download link: https://wordpress.org/plugins/simple-ads-manager/ CVE ID:...

7.5CVSS5.4AI score0.06259EPSS

securityvulns•added 2015/05/11 12:0 a.m.•48 views

Apache libbatik XXE

XXE on SVG parsing...

6.4CVSS3.5AI score0.16677EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•103 views

Code Injection in Epicor Retail Store 3.2.03.01.008

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Title: Code Injection in Epicor Retail Store Help System CVE: CVE-2015-2210 Vendor: Epicor Product: CRS Retail Store v3.2.03.01.008 Affected version: 3.2.03.01.008 Reported by: Zeng Xianbo Joseph [email protected] Issue identified by: Zeng...

7.2CVSS0.2AI score0.00632EPSS

securityvulns•added 2015/05/11 12:0 a.m.•75 views

[security bulletin] HPSBHF03151 rev.1 - HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4), Chassis Management (iLO CM), Remote Denial of Service, Remote Execution of Code, Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04486432 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04486432 Version: 1 HPSBHF03151 rev....

10CVSS1.1AI score0.12883EPSS

securityvulns•added 2015/05/11 12:0 a.m.•182 views

Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8

Title: Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 Author: Larry W. Cashdollar, @larry0 Date: 2015-03-29 Download Site: https://wordpress.org/support/plugin/videowhisper-video-conference-integration Vendor: http://www.videowhisper.com/...

securityvulns•added 2015/05/11 12:0 a.m.•91 views

Instant v2.0 SQL Injection Vulnerability

========================================================================================== Instant v2.0 SQL Injection Vulnerability ==========================================================================================...

securityvulns•added 2015/05/11 12:0 a.m.•36 views

Cisco UCS Central code execution

Code execution via web interface...

10CVSS3.9AI score0.04514EPSS

Exploits0Affected Software1

securityvulns•added 2015/05/11 12:0 a.m.•115 views

Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities

Document Title: =============== Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1482 Release Date: ============= 2015-05-08 Vulnerability Laboratory ID VL-ID: ==================================== 1482...

securityvulns•added 2015/05/11 12:0 a.m.•42 views

Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin

Title: Stored XSS Vulnerability in Add Link to Facebook Wordpress Plugin Author: Rohit Kumar Plugin Homepage: http://wordpress.org/extend/plugins/add-link-to-facebook/ Severity: Medium Version Affected: Version 1.215 and mostly prior to it. Version Tested: Version 1.215 Version Patched : 1.215...

securityvulns•added 2015/05/11 12:0 a.m.•74 views

Arbitrary Variable Overwrite in eShop WordPress Plugin

Advisory ID: HTB23255 Product: eShop WordPress plugin Vendor: Rich Pedley Vulnerable Versions: 6.3.11 and probably prior Tested Version: 6.3.11 Advisory Publication: April 15, 2015 without technical details Vendor Notification: April 15, 2015 Public Disclosure: May 6, 2015 Vulnerability Type: Cod...

4.3CVSS0.2AI score0.01291EPSS

securityvulns•added 2015/05/11 12:0 a.m.•44 views

SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability

Document Title: =============== SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1359 Release Date: ============= 2015-04-23 Vulnerability Laboratory ID VL-ID:...

securityvulns•added 2015/05/11 12:0 a.m.•32 views

ESA-2015-078: RSA® Identity Management and Governance (IMG) Insecure Password Reset Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-078: RSA® Identity Management and Governance IMG Insecure Password Reset Vulnerability EMC Identifier: ESA-2015-078 CVE Identifier: CVE-2015-0532 Severity Rating: CVSSv2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected Products: - RSA...

7.5CVSS0.1AI score0.02668EPSS

Total number of security vulnerabilities47153