Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/05/03 12:0 a.m.74 views

HTB22967: Multiple SQL Injection in Shutter

Vulnerability ID: HTB22967 Reference: http://www.htbridge.ch/advisory/sqlinjectioninshutter.html Product: Shutter Vendor: http://shutter.tenfourzero.net/ http://shutter.tenfourzero.net/ Vulnerable Version: 0.1.4 Vendor Notification: 19 April 2011 Vulnerability Type: SQL Injection Risk level: High...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.55 views

Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability Document ID: 112916 Advisory ID: cisco-sa-20110427-wlc Revision 1.0 For Public Release 2011 April 27 1600 UTC GMT...

7.8CVSS0.4AI score0.10378EPSS
Exploits5
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.64 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

5CVSS1.6AI score0.0453EPSS
Exploits5References12Affected Software9
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.24 views

Embarcadero Interbase buffer overflow

Stack buffer overflow on connect request processing...

4.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.62 views

HTB22958: XSS in phpGraphy

Vulnerability ID: HTB22958 Reference: http://www.htbridge.ch/advisory/xssinphpgraphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ http://phpgraphy.sourceforge.net/ Vulnerable Version: 0.9.13b Vendor Notification: 14 April 2011 Vulnerability Type: XSS Cross Site Scripting Risk...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.40 views

SAP WebAS multiple security vulnerabilities

Crossite scripting, form redirection...

1.1AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.73 views

TeamSHATTER Security Advisory: Oracle Malformed Network Package Spins CPU

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory April 21, 2011 Risk Level: High Affected versions: Oracle Database Server version 10gR1, 10gR2, 11gR1 and 11gR2 on Windows platform Remote exploitable: Yes Credits: This vulnerability was discovered and researched by...

5CVSS0.1AI score0.01748EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.48 views

XSS, Redirector и IAA уязвимости в MyBB

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, URL Redirector Abuse и Insufficient Anti-automation уязвимостях в MyBB. Для XSS и URL Redirector Abuse используется рабочий аккаунт на уязвимом сайте. О подобных атаках я писал в статье Атаки на незащищённые логин формы...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.25 views

EMC RSA Data Loss Prevention crossite scripting

No description provided...

4.3CVSS2.5AI score0.01053EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.42 views

[Onapsis Security Advisory 2011-004] SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-004: SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.88 views

OSI Security: LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability

LANSA aXes Web Terminal TN5250 Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/lansa-axes-web-terminal-tn5250-cross-site-scripting Release Date: 30-Apr-2011 Software: LANSA - aXes http://www.lansa.com http://www.axeslive.com "Transform your 5250 applications into GUI...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.40 views

ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention Advisories Updated April 25, 2011 Summary: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA...

4.3CVSS0.3AI score0.01053EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.33 views

Cisco Wireless LAN Controller DoS

Crash on ICMP processing...

7.8CVSS2AI score0.10378EPSS
Exploits5References1Affected Software2
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.38 views

ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability

ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-153 April 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Embarcadero -- Affected Products: Embarcadero Interbase -- TippingPointT...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.63 views

HTB22965: Multiple XSS vulnerabilities in BackupPC

Vulnerability ID: HTB22965 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinbackuppc.html Product: BackupPC Vendor: Craig Barratt http://backuppc.sourceforge.net/ Vulnerable Version: 3.1.0, perhaps 3.2.0 also vulnerable Vendor Notification: 14 April 2011 Vulnerability Type:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.46 views

Уязвимости в теме Magazeen для WordPress и Dotclear

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме Magazeen для WordPress и Dotclear. Подобно уязвимостям во многих темах для WordPress, Drupal, ExpressionEngine и Joomla, также уязвимой...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.74 views

[ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g

============================================= INTERNET SECURITY AUDITORS ALERT 2010-007 - Original release date: August 11th, 2010 - Last revised: May 1st, 2011 - Discovered by: Vicente Aguilera Diaz - Severity: 5.0/10 CVSS Base Scored ============================================= I. VULNERABILIT...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.48 views

HTB22960: XSS in Daily Maui Photo Widget wordpress plugin

Vulnerability ID: HTB22960 Reference: http://www.htbridge.ch/advisory/xssindailymauiphotowidgetwordpressplugin.html Product: Daily Maui Photo Widget wordpress plugin Vendor: Kris Nelson http://www.webnelly.com/ Vulnerable Version: 0.2 Vendor Notification: 14 April 2011 Vulnerability Type: XSS Cro...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.80 views

TeamSHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager Service Level component

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory April 21, 2011 Risk Level: High Affected versions: Oracle Enterprise Manager 11g Release 1 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of Application Security...

5.5CVSS0.1AI score0.01262EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.54 views

[Onapsis Security Advisory 2011-005] SAP Enterprise Portal Path Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-005: SAP Enterprise Portal Path Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.119 views

Multiple Vendors libc/glob() GLOB_BRACE|GLOB_LIMIT memory exhaustion

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vendors libc/glob GLOBBRACE|GLOBLIMIT memory exhaustion Author: Maksymilian Arciemowicz http://netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - Dis.: 19.01.2011 - Pub.: 02.05.2011 CVE: CVE-2011-0418 Affected Software...

7.8CVSS5.7AI score0.32357EPSS
Exploits14
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.74 views

[SECURITY] [DSA 2229-1] spip security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2229-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 01, 2011 http://www.debian.org/security/faq -...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.245 views

CVE-2010-0216 MediaCast Password Dump Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Packetninjas L.L.C www.packetninjas.net -= Security Advisory =- Advisory: MediaCast Password Dump Vulnerability Release Date: 04/25/2011 Author: Daniel Clemens daniel.clemensatpacketninjas.net Application: MediaCast = 8 By Inventive, Inc -...

5CVSS0.01568EPSS
Exploits2
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.55 views

[Onapsis Security Advisory 2011-003] SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-003: SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.59 views

TeamSHATTER Security Advisory: XSS in locale parameter on IASTOP_CS_FARM_PAGE.html

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory April 21, 2011 Risk Level: High Affected versions: Oracle Enterprise Manager 10g Release 1 and Release 2 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of...

4.3CVSS5.8AI score0.01361EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.56 views

VMware ESXi / ESX DoS

Sockets exhaustion attack is possible...

7.8CVSS2.9AI score0.03409EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.69 views

[ MDVSA-2011:082 ] python-feedparser

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:082 http://www.mandriva.com/security/ Package : python-feedparser Date : May 2, 2011 Affected: 2010.0, 2010.1 Problem Description: Multiple vulnerabilities has been found and corrected in python-feedparser:...

5CVSS6.3AI score0.0453EPSS
Exploits3
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.51 views

[Full-disclosure] [USN-1127-1] usb-creator vulnerability

========================================================================== Ubuntu Security Notice USN-1127-1 May 02, 2011 usb-creator vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

2.1CVSS0.6AI score0.00364EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.56 views

HTB22959: CSRF (Cross-Site Request Forgery) in phpGraphy

Vulnerability ID: HTB22959 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinphpgraphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ http://phpgraphy.sourceforge.net/ Vulnerable Version: 0.9.13b Vendor Notification: 14 April 2011 Vulnerability Type: CSRF...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.112 views

VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0007 Synopsis: VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console Iss...

7.8CVSS6.7AI score0.03409EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.43 views

HTB22961: XSS in WP Photo Album wordpress plugin

Vulnerability ID: HTB22961 Reference: http://www.htbridge.ch/advisory/xssinwpphotoalbumwordpressplugin.html Product: WP Photo Album wordpress plugin Vendor: Rubin J. Kaplan http://me.mywebsight.ws/ Vulnerable Version: 1.5.1 Vendor Notification: 14 April 2011 Vulnerability Type: XSS Cross Site...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.32 views

usb-creator privilege escalation

Some privileged disk operations are possible...

2.1CVSS2.8AI score0.00364EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/05/02 12:0 a.m.61 views

[SECURITY] [DSA 2230-1] qemu-kvm security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2230-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 01, 2011 http://www.debian.org/security/faq -...

7.4CVSS0.4AI score0.01305EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.67 views

[Onapsis Security Advisory 2011-009] Oracle JD Edwards JDENET SawKernel Remote Password Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-009: Oracle JD Edwards JDENET SawKernel Remote Password Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.56 views

ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability

ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-149 April 29, 2011 -- CVE ID: CVE-2011-1733 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

10CVSS0.6AI score0.13614EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.46 views

ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability

ZDI-11-146: HP Data Protector Backup Client Service EXECSCRIPT Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-146 April 29, 2011 -- CVE ID: CVE-2011-1730 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

10CVSS1AI score0.13614EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.61 views

[Onapsis Security Advisory 2011-007] Oracle JD Edwards JDENET Kernel Shutdown

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-007: Oracle JD Edwards JDENET Kernel Shutdown This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.65 views

PHP multiple security vulnerabilities

Privilege escalation, memory corruptions, buffer overflows, DoS conditions, integer overflows, format string vulnerabilities, information leaks...

7.5CVSS3.1AI score0.17881EPSS
Exploits36References1Affected Software1
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.59 views

ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

ZDI-11-145: HP Data Protector Backup Client Service GETFILE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-145 April 29, 2011 -- CVE ID: CVE-2011-1729 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

10CVSS1AI score0.13614EPSS
Exploits4
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.47 views

HP Data Protector multiple security vulnerabilities

Multiple vulnerabilities are unpatched for 180 days...

10CVSS1.1AI score0.24744EPSS
Exploits4References13
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.47 views

Cisco Unified Communications Manager multiple security vulnerabilities

DoS via SIP, directory traversal, SQL injection...

7.8CVSS3.2AI score0.24822EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.71 views

ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability

ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-150 April 29, 2011 -- CVE ID: CVE-2011-1734 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard --...

10CVSS1.6AI score0.14926EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.79 views

ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-151 April 29, 2011 -- CVE ID: CVE-2011-1735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected...

10CVSS0.8AI score0.13614EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.64 views

[Onapsis Security Advisory 2011-012] Oracle JD Edwards JDENET Firewall Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-012: Oracle JD Edwards JDENET Firewall Bypass This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.56 views

[Onapsis Security Advisory 2011-006] Oracle JD Edwards JDENET Kernel Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-006: Oracle JD Edwards JDENET Kernel Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.90 views

Mozilla Foundation Security Advisory 2011-12

Mozilla Foundation Security Advisory 2011-12 Title: Miscellaneous memory safety hazards rv:2.0.1/ 1.9.2.17/ 1.9.1.19 Impact: Critical Announced: April 28, 2011 Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 4.0.1 Firefox 3.6.17 Firefox 3.5.19 Thunderbird 3.1.10 SeaMonkey 2.0.14...

10CVSS10AI score0.06858EPSS
Exploits3
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.91 views

ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability

ZDI-11-143formerly ZDI-CAN-965: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-143 April 28, 2011 -- CVE ID: CVE-2011-1610 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Cisco -- Affected Products: Cisco...

6.4CVSS0.2AI score0.24822EPSS
Exploits1
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.65 views

[Onapsis Security Advisory 2011-008] Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-008: Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.103 views

[USN-1126-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-1126-1 April 29, 2011 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.5CVSS1.4AI score0.17881EPSS
Exploits36
securityvulns
securityvulns
added 2011/05/01 12:0 a.m.51 views

[Onapsis Security Advisory 2011-010] Oracle JD Edwards JDENET Remote Logging Deactivation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-010: Oracle JD Edwards JDENET Remote Logging Deactivation This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...

7.1AI score
Exploits0
Total number of security vulnerabilities47153