Securityvulns - Page 191 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2011/05/03 12:0 a.m.•45 views

HTB22964: XSS in SelectaPix Image Gallery

Vulnerability ID: HTB22964 Reference: http://www.htbridge.ch/advisory/xssinselectapiximagegallery.html Product: SelectaPix Image Gallery Vendor: http://www.outofthetrees.co.uk/ http://www.outofthetrees.co.uk/ Vulnerable Version: 1.4.1 Vendor Notification: 19 April 2011 Vulnerability Type: XSS Cro...

securityvulns•added 2011/05/02 12:0 a.m.•64 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

5CVSS1.6AI score0.07165EPSS

Exploits5References12Affected Software9

securityvulns•added 2011/05/02 12:0 a.m.•40 views

SAP WebAS multiple security vulnerabilities

Crossite scripting, form redirection...

Exploits0References2Affected Software1

securityvulns•added 2011/05/02 12:0 a.m.•54 views

VMware ESXi / ESX DoS

Sockets exhaustion attack is possible...

7.8CVSS2.9AI score0.05293EPSS

Exploits0References1Affected Software2

securityvulns•added 2011/05/02 12:0 a.m.•33 views

Cisco Wireless LAN Controller DoS

Crash on ICMP processing...

7.8CVSS2AI score0.26369EPSS

Exploits5References1Affected Software2

securityvulns•added 2011/05/02 12:0 a.m.•25 views

EMC RSA Data Loss Prevention crossite scripting

No description provided...

4.3CVSS2.5AI score0.00285EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/05/02 12:0 a.m.•25 views

usb-creator privilege escalation

Some privileged disk operations are possible...

2.1CVSS2.8AI score0.00063EPSS

Exploits0References1Affected Software1

securityvulns•added 2011/05/02 12:0 a.m.•24 views

Embarcadero Interbase buffer overflow

Stack buffer overflow on connect request processing...

Exploits0References1Affected Software1

securityvulns•added 2011/05/02 12:0 a.m.•57 views

[SECURITY] [DSA 2230-1] qemu-kvm security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2230-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 01, 2011 http://www.debian.org/security/faq -...

7.4CVSS0.4AI score0.00503EPSS

securityvulns•added 2011/05/02 12:0 a.m.•38 views

ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability

ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-153 April 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Embarcadero -- Affected Products: Embarcadero Interbase -- TippingPointT...

securityvulns•added 2011/05/02 12:0 a.m.•51 views

[Onapsis Security Advisory 2011-005] SAP Enterprise Portal Path Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-005: SAP Enterprise Portal Path Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

securityvulns•added 2011/05/02 12:0 a.m.•71 views

[SECURITY] [DSA 2229-1] spip security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2229-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 01, 2011 http://www.debian.org/security/faq -...

securityvulns•added 2011/05/02 12:0 a.m.•41 views

[Onapsis Security Advisory 2011-004] SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-004: SAP WebAS ITS Mobile Test Service Multiple Vulnerabilities This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain...

securityvulns•added 2011/05/02 12:0 a.m.•55 views

HTB22959: CSRF (Cross-Site Request Forgery) in phpGraphy

Vulnerability ID: HTB22959 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinphpgraphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ http://phpgraphy.sourceforge.net/ Vulnerable Version: 0.9.13b Vendor Notification: 14 April 2011 Vulnerability Type: CSRF...

securityvulns•added 2011/05/02 12:0 a.m.•67 views

[ MDVSA-2011:082 ] python-feedparser

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:082 http://www.mandriva.com/security/ Package : python-feedparser Date : May 2, 2011 Affected: 2010.0, 2010.1 Problem Description: Multiple vulnerabilities has been found and corrected in python-feedparser:...

5CVSS6.3AI score0.07165EPSS

securityvulns•added 2011/05/02 12:0 a.m.•78 views

TeamSHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager Service Level component

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory April 21, 2011 Risk Level: High Affected versions: Oracle Enterprise Manager 11g Release 1 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of Application Security...

5.5CVSS0.1AI score0.00164EPSS

securityvulns•added 2011/05/02 12:0 a.m.•54 views

HTB22958: XSS in phpGraphy

Vulnerability ID: HTB22958 Reference: http://www.htbridge.ch/advisory/xssinphpgraphy.html Product: phpGraphy Vendor: http://phpgraphy.sourceforge.net/ http://phpgraphy.sourceforge.net/ Vulnerable Version: 0.9.13b Vendor Notification: 14 April 2011 Vulnerability Type: XSS Cross Site Scripting Risk...

securityvulns•added 2011/05/02 12:0 a.m.•45 views

Уязвимости в теме Magazeen для WordPress и Dotclear

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме Magazeen для WordPress и Dotclear. Подобно уязвимостям во многих темах для WordPress, Drupal, ExpressionEngine и Joomla, также уязвимой...

securityvulns•added 2011/05/02 12:0 a.m.•54 views

Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability Document ID: 112916 Advisory ID: cisco-sa-20110427-wlc Revision 1.0 For Public Release 2011 April 27 1600 UTC GMT...

7.8CVSS0.4AI score0.26369EPSS

securityvulns•added 2011/05/02 12:0 a.m.•63 views

HTB22965: Multiple XSS vulnerabilities in BackupPC

Vulnerability ID: HTB22965 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinbackuppc.html Product: BackupPC Vendor: Craig Barratt http://backuppc.sourceforge.net/ Vulnerable Version: 3.1.0, perhaps 3.2.0 also vulnerable Vendor Notification: 14 April 2011 Vulnerability Type:...

securityvulns•added 2011/05/02 12:0 a.m.•53 views

[Onapsis Security Advisory 2011-003] SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-003: SAP WebAS ITS Mobile Start Service Multiple Vulnerabilities This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain...

securityvulns•added 2011/05/02 12:0 a.m.•70 views

TeamSHATTER Security Advisory: Oracle Malformed Network Package Spins CPU

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory April 21, 2011 Risk Level: High Affected versions: Oracle Database Server version 10gR1, 10gR2, 11gR1 and 11gR2 on Windows platform Remote exploitable: Yes Credits: This vulnerability was discovered and researched by...

5CVSS0.1AI score0.00705EPSS

securityvulns•added 2011/05/02 12:0 a.m.•47 views

[Full-disclosure] [USN-1127-1] usb-creator vulnerability

========================================================================== Ubuntu Security Notice USN-1127-1 May 02, 2011 usb-creator vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

2.1CVSS0.6AI score0.00063EPSS

securityvulns•added 2011/05/02 12:0 a.m.•73 views

[ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g

============================================= INTERNET SECURITY AUDITORS ALERT 2010-007 - Original release date: August 11th, 2010 - Last revised: May 1st, 2011 - Discovered by: Vicente Aguilera Diaz - Severity: 5.0/10 CVSS Base Scored ============================================= I. VULNERABILIT...

securityvulns•added 2011/05/02 12:0 a.m.•243 views

CVE-2010-0216 MediaCast Password Dump Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Packetninjas L.L.C www.packetninjas.net -= Security Advisory =- Advisory: MediaCast Password Dump Vulnerability Release Date: 04/25/2011 Author: Daniel Clemens daniel.clemensatpacketninjas.net Application: MediaCast = 8 By Inventive, Inc -...

5CVSS0.00516EPSS

securityvulns•added 2011/05/02 12:0 a.m.•45 views

XSS, Redirector и IAA уязвимости в MyBB

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, URL Redirector Abuse и Insufficient Anti-automation уязвимостях в MyBB. Для XSS и URL Redirector Abuse используется рабочий аккаунт на уязвимом сайте. О подобных атаках я писал в статье Атаки на незащищённые логин формы...

securityvulns•added 2011/05/02 12:0 a.m.•117 views

Multiple Vendors libc/glob() GLOB_BRACE|GLOB_LIMIT memory exhaustion

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vendors libc/glob GLOBBRACE|GLOBLIMIT memory exhaustion Author: Maksymilian Arciemowicz http://netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - Dis.: 19.01.2011 - Pub.: 02.05.2011 CVE: CVE-2011-0418 Affected Software...

7.8CVSS5.7AI score0.12281EPSS

securityvulns•added 2011/05/02 12:0 a.m.•86 views

OSI Security: LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability

LANSA aXes Web Terminal TN5250 Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/lansa-axes-web-terminal-tn5250-cross-site-scripting Release Date: 30-Apr-2011 Software: LANSA - aXes http://www.lansa.com http://www.axeslive.com "Transform your 5250 applications into GUI...

securityvulns•added 2011/05/02 12:0 a.m.•46 views

HTB22960: XSS in Daily Maui Photo Widget wordpress plugin

Vulnerability ID: HTB22960 Reference: http://www.htbridge.ch/advisory/xssindailymauiphotowidgetwordpressplugin.html Product: Daily Maui Photo Widget wordpress plugin Vendor: Kris Nelson http://www.webnelly.com/ Vulnerable Version: 0.2 Vendor Notification: 14 April 2011 Vulnerability Type: XSS Cro...

securityvulns•added 2011/05/02 12:0 a.m.•57 views

TeamSHATTER Security Advisory: XSS in locale parameter on IASTOP_CS_FARM_PAGE.html

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory April 21, 2011 Risk Level: High Affected versions: Oracle Enterprise Manager 10g Release 1 and Release 2 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of...

4.3CVSS5.8AI score0.00229EPSS

securityvulns•added 2011/05/02 12:0 a.m.•38 views

ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-015: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA Data Loss Prevention Advisories Updated April 25, 2011 Summary: RSA, The Security Division of EMC, announces a fix for a security vulnerability in RSA...

4.3CVSS0.3AI score0.00285EPSS

securityvulns•added 2011/05/02 12:0 a.m.•111 views

VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0007 Synopsis: VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console Iss...

7.8CVSS6.7AI score0.05293EPSS

securityvulns•added 2011/05/02 12:0 a.m.•40 views

HTB22961: XSS in WP Photo Album wordpress plugin

Vulnerability ID: HTB22961 Reference: http://www.htbridge.ch/advisory/xssinwpphotoalbumwordpressplugin.html Product: WP Photo Album wordpress plugin Vendor: Rubin J. Kaplan http://me.mywebsight.ws/ Vulnerable Version: 1.5.1 Vendor Notification: 14 April 2011 Vulnerability Type: XSS Cross Site...

securityvulns•added 2011/05/01 12:0 a.m.•34 views

HP Data Protector multiple security vulnerabilities

Multiple vulnerabilities are unpatched for 180 days...

10CVSS1.1AI score0.52718EPSS

Exploits4References13

securityvulns•added 2011/05/01 12:0 a.m.•47 views

Cisco Unified Communications Manager multiple security vulnerabilities

DoS via SIP, directory traversal, SQL injection...

7.8CVSS3.2AI score0.02518EPSS

Exploits1References2Affected Software1

securityvulns•added 2011/05/01 12:0 a.m.•65 views

PHP multiple security vulnerabilities

Privilege escalation, memory corruptions, buffer overflows, DoS conditions, integer overflows, format string vulnerabilities, information leaks...

7.5CVSS3.1AI score0.24454EPSS

Exploits41References1Affected Software1

securityvulns•added 2011/05/01 12:0 a.m.•46 views

ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability

ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-148 April 29, 2011 -- CVE ID: CVE-2011-1732 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected...

10CVSS0.8AI score0.52718EPSS

securityvulns•added 2011/05/01 12:0 a.m.•57 views

ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability

ZDI-11-152: HP Data Protector Backup Client Service GETFILE Directory Traversal Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-152 April 29, 2011 -- CVE ID: CVE-2011-1736 -- CVSS: 7.8, AV:N/AC:L/Au:N/C:C/I:N/A:N -- Affected Vendors: Hewlett-Packard -- Affected Products:...

8.5CVSS0.6AI score0.29377EPSS

securityvulns•added 2011/05/01 12:0 a.m.•47 views

[Onapsis Security Advisory 2011-013] Oracle JD Edwards JDENET USRBROADCAST Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-013: Oracle JD Edwards JDENET USRBROADCAST Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access...

securityvulns•added 2011/05/01 12:0 a.m.•69 views

[Onapsis Security Advisory 2011-011] Oracle JD Edwards JDENET Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-011: Oracle JD Edwards JDENET Buffer Overflow This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

securityvulns•added 2011/05/01 12:0 a.m.•63 views

[Onapsis Security Advisory 2011-012] Oracle JD Edwards JDENET Firewall Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-012: Oracle JD Edwards JDENET Firewall Bypass This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

securityvulns•added 2011/05/01 12:0 a.m.•49 views

[Onapsis Security Advisory 2011-010] Oracle JD Edwards JDENET Remote Logging Deactivation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-010: Oracle JD Edwards JDENET Remote Logging Deactivation This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...

securityvulns•added 2011/05/01 12:0 a.m.•55 views

ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

ZDI-11-145: HP Data Protector Backup Client Service GETFILE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-145 April 29, 2011 -- CVE ID: CVE-2011-1729 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

10CVSS1AI score0.4946EPSS

securityvulns•added 2011/05/01 12:0 a.m.•87 views

Mozilla Foundation Security Advisory 2011-12

Mozilla Foundation Security Advisory 2011-12 Title: Miscellaneous memory safety hazards rv:2.0.1/ 1.9.2.17/ 1.9.1.19 Impact: Critical Announced: April 28, 2011 Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 4.0.1 Firefox 3.6.17 Firefox 3.5.19 Thunderbird 3.1.10 SeaMonkey 2.0.14...

10CVSS10AI score0.06848EPSS

securityvulns•added 2011/05/01 12:0 a.m.•77 views

Mozilla Foundation Security Advisory 2011-17

Mozilla Foundation Security Advisory 2011-17 Title: WebGLES vulnerabilities Impact: Critical Announced: April 28, 2011 Products: Firefox Fixed in: Firefox 4.0.1 Description Two crashes that could potentially be exploited to run malicious code were found in the WebGL feature and fixed in Firefox...

securityvulns•added 2011/05/01 12:0 a.m.•52 views

ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability

ZDI-11-147: HP Data Protector Backup Client Service EXECINTEGUTIL Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-147 April 29, 2011 -- CVE ID: CVE-2011-1731 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

10CVSS1AI score0.44523EPSS

securityvulns•added 2011/05/01 12:0 a.m.•64 views

[Onapsis Security Advisory 2011-009] Oracle JD Edwards JDENET SawKernel Remote Password Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-009: Oracle JD Edwards JDENET SawKernel Remote Password Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain...

securityvulns•added 2011/05/01 12:0 a.m.•101 views

[USN-1126-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-1126-1 April 29, 2011 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.5CVSS1.4AI score0.24454EPSS

securityvulns•added 2011/05/01 12:0 a.m.•61 views

[Onapsis Security Advisory 2011-007] Oracle JD Edwards JDENET Kernel Shutdown

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-007: Oracle JD Edwards JDENET Kernel Shutdown This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

securityvulns•added 2011/05/01 12:0 a.m.•87 views

ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability

ZDI-11-143formerly ZDI-CAN-965: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-143 April 28, 2011 -- CVE ID: CVE-2011-1610 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Cisco -- Affected Products: Cisco...

6.4CVSS0.2AI score0.02518EPSS

Total number of security vulnerabilities47153