Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/04/05 12:0 a.m.33 views

iSCSI target user-space tools double free

Double free in tgt...

5CVSS0.9AI score0.05108EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.37 views

[SECURITY] [DSA 2209-1] tgt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2209-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 02, 2011 http://www.debian.org/security/faq -...

5CVSS1.7AI score0.05108EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.31 views

xmlsec library unauthorized access

It's possible to access files via ds:Transform...

5.1CVSS4.3AI score0.08057EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.35 views

Novell File Reporter Agent buffer overflow

NFRAgent.exe TCP/3037 buffer overflow...

10CVSS3.2AI score0.17936EPSS
Exploits6References1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.24 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References6Affected Software3
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.25 views

IBM solidDB authentication bypass

solid.exe TCP/1315, TCP/1964, TCP/2315 authentication bypass...

3.2AI score
Exploits0References1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.108 views

HTB22911: XSS in Eleanor CMS

Vulnerability ID: HTB22911 Reference: http://www.htbridge.ch/advisory/xssineleanorcms.html Product: Eleanor CMS Vendor: Eleanor CMS http://eleanor-cms.ru/ Vulnerable Version: rc5 Vendor Notification: 22 March 2011 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by Vendor Risk level:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.108 views

Xymon monitor cross-site scripting vulnerabilities

Several cross-site scripting vulnerabilities have been identified in the Xymon systems- and network-monitoring tool available at http://sourceforge.net/projects/xymon/ All versions prior to 4.3.1 released April 3, 2011 are vulnerable. I would like to thank David Ferrest for notifying me of this...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.114 views

HTB22912: Multiple SQL Injections in Eleanor CMS

Vulnerability ID: HTB22912 Reference: http://www.htbridge.ch/advisory/multiplesqlinjectionsineleanorcms.html Product: Eleanor CMS Vendor: Eleanor CMS http://eleanor-cms.ru/ Vulnerable Version: rc5 Vendor Notification: 22 March 2011 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.44 views

RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution Vulnerabilities

RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control InstallerDlg.dll v2.6.0.445 Multiple Remote Commands Execution Vulnerabilities tested against Internet Explorer 9, Vista sp2 download url: http://www.gamehouse.com/ background: When choosing to play with theese online games ex. the ga...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.134 views

HTB22914: Local File Inclusion in UseBB

Vulnerability ID: HTB22914 Reference: http://www.htbridge.ch/advisory/localfileinclusioninusebb.html Product: UseBB Vendor: UseBB http://www.usebb.net/ Vulnerable Version: 1.0.11 Vendor Notification: 22 March 2011 Vulnerability Type: Local File Inclusion Risk level: Medium Credit: High-Tech Bridg...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.38 views

THOMSON Router XSS

Vendor: THOMSON Router Product Name: TG585 v7 Software Release: 7.4.4.7 Vulnerability type: XSS Risk rating: Medium Exploit http://ROUTERIP/cgi/b/ic/connect/?url=scriptalert1/script Credits Edgard Chammas 454447415244 [email protected]...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.39 views

RealNetworks RealGames ActiveX code execution

Multiple unsage methods...

2.8AI score
Exploits0References2
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.33 views

Multiple BSD systems IPSec IP Compression stack overflow

kernel stack overflow on packet parsing...

5AI score
Exploits0References1
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.39 views

[security bulletin] HPSBUX02646 SSRT100396 rev.1 - HP-UX, Local Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02753287 Version: 1 HPSBUX02646 SSRT100396 rev.1 - HP-UX, Local Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date:...

4.4CVSS0.3AI score0.0028EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.33 views

Hp-UX DoS

No description provided...

4.4CVSS0.7AI score0.0028EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.29 views

Movie Player v4.82 0Day Buffer overflow/DOS Exploit

Hello Team, I have attached a file MoviePlayerExploit.py which exploits the memory vulnerability in Movie Player v4.82 which can be used to perform a Denial of Service attack : and to cause a crash. To run this file, compile the MoviePlayerExploit.py using python and then you may open the generat...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.113 views

BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload

BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload ------------------------------------------------------------------------------- Gruezi, this document describes CVE-2011-1547. RFC3173 ip payload compression, henceforth ipcomp, is a protocol intended to provide...

7.5CVSS9.2AI score0.05476EPSS
Exploits4
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.58 views

iDefense Security Advisory 03.31.10: RealNetworks Helix DNA Server RTSP Stack Buffer Overflow

iDefense Security Advisory 03.31.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 31, 2010 I. BACKGROUND Helix DNA Server is software that can play audio and video media in various formats and stream them over a network. It is intended as a largely free and open source digital media...

9.3CVSS0.4AI score0.0503EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.30 views

RealNetworks Helix DNA Server buffer overflow

Buffer overflow on RTSP processing...

9.3CVSS2.9AI score0.0503EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.22 views

Microsoft Windows shmedia.dll DoS

Division by zero on AVI preview creation...

2.8AI score
Exploits0References1
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.27 views

HP Operations for UNIX crossite scripting

No description provided...

5.5CVSS0.8AI score0.01782EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.53 views

[security bulletin] HPSBMA02650 SSRT100429 rev.1 - HP Operations for UNIX, Remote Cross Site Scripting (XSS), Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02770049 Version: 1 HPSBMA02650 SSRT100429 rev.1 - HP Operations for UNIX, Remote Cross Site Scripting XSS, Unauthorized Access NOTICE: The information in this Security Bulletin should be acted...

5.5CVSS0.3AI score0.01782EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.31 views

Movie Player buffer overflow

Buffer overflow on AVI parsing...

5.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.18 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.30 views

Microsoft Windows shmedia.dll Division By Zero, Explore.exe DOS exploit .

Title :Microsoft Windows shmedia.dll Division By Zero, Explore.exe DOS exploit . Version : Checked on XP SP All Versions Discovery : http://Garage4Hackers.com, http://www.fb1h2s.com Author : FB1H2S aka Rahul Sasi Garage4Hackers.com Twitter : @fb1h2s Bug Information: Class :Division By Zero Impact...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.124 views

AR Web Content Manager (AWCM) Cross-Site scripting Vulnerability

AR Web Content Manager AWCM v2.2 Cross-Site scripting Vulnerability SecPod Technologies www.secpod.com Author: Antu Sanadi SecPod ID: 1012 21/03/2011 Issue Discovered 24/03/2011 Vendor Notified 24/03/2011 Vendor Responded 25/03/2011 Vendor Solution Class: Cross-Site Scripting Severity: Medium...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.36 views

AoF, IAA, XML Injection и XSS уязвимости в MyBB

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Abuse of Functionality, Insufficient Anti-automation, XML Injection and Cross-Site Scripting уязвимостях в MyBB. Abuse of Functionality WASC-42: Через данный функционал можно выявлять логины в системе...

Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.43 views

Уязвимости в MyBB

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и SQL DB Structure Extraction уязвимостях в MyBB. Уязвимости имеют место в скриптах search.php и private.php. XSS WASC-08: http://websecurity.com.ua/uploads/2011/MyBB20XSS.html...

Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.44 views

6-year FreeBSD-SA-05:02.sendfile exploit

Hi, This is almost 0-day. In a sense. I wrote this for a pentesting company. I found it ethically OK to do since the FreeBSD advisory was already out for a couple of weeks. It turns out I was not alone to write an exploit for this bug, and to publish the exploit this year. Timeline: 2005/04/04 -...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2011/04/04 12:0 a.m.71 views

FreeBSD sendfile() information leak

If file size it changed content of kernel memory can be disclosured...

1.1AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.71 views

HTB22906: XSS vulnerabilities in Collabtive

Vulnerability ID: HTB22906 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesincollabtive.html Product: Collabtive Vendor: Open Dynamics http://collabtive.o-dyn.de/ Vulnerable Version: 0.6.5 and probably prior versions Vendor Notification: 17 March 2011 Vulnerability Type: XSS Risk...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.45 views

"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path

"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path Author: alieye class : remote E-mail: [email protected] greetz: C.S.Eye Security Team members We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.47 views

"Simple PHP Newsletter" Remote Admin Password Change With install path

"Simple PHP Newsletter" Remote Admin Password Change With install path Author: alieye class : remote E-mail: [email protected] greetz: C.S.Eye Security Team members We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.34 views

"Simple PHP Newsletter" Remote Admin Password Change With install path

"Simple PHP Newsletter" Remote Admin Password Change With install path Author: alieye class : remote E-mail: [email protected] greetz: C.S.Eye Security Team members We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com downl...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.47 views

OpenLDAP vulnerabilities

Authentication bypass, DoS...

5CVSS3AI score0.13518EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.49 views

DataDynamics Report Library CoreHandler XSS

Class Input Validation Error CVE Remote Yes Local No Published Mar 30 2011 11:00AM Credit Dionach Vulnerable Grapecity DataDynamics Report Library 1.6.1871.61 and earlier Grapecity's DataDynamics Report Library is prone to a cross-site scripting vulnerability because it fails to sufficiently...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.59 views

HTB22931: XSS vulnerability in InTerra Blog Machine

Vulnerability ID: HTB22931 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityininterrablogmachine.html Product: InTerra Blog Machine Vendor: InTerra Blog Machine Team http://code.google.com/p/interra/ Vulnerable Version: 1.84 and probably prior versions Vendor Notification: 31 March 2011...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.145 views

[SECURITY] [DSA 2206-1] New mahara packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 2206-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2011 http://www.debian.org/security/faq -...

5.8CVSS1.4AI score0.019EPSS
Exploits1
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.66 views

'Andy's PHP Knowledgebase' SQL Injection Vulnerability (CVE-2011-1546)

'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of the 's' query parameter. II. TESTED VERSION...

7.5CVSS7.5AI score0.01746EPSS
Exploits6
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.70 views

HTB22909: Path disclosure in Tine 2.0

Vulnerability ID: HTB22909 Reference: http://www.htbridge.ch/advisory/pathdisclosureintine20.html Product: Tine 2.0 Vendor: Metaways Infosystems GmbH http://www.tine20.org/ Vulnerable Version: Neele 2011-01-2 Vendor Notification: 17 March 2011 Vulnerability Type: Path disclosure Status: Fixed by...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.41 views

Cisco Network Access Control Guest Server System Software Authentication Bypass

Unauthenticated access to protected network is possible...

5CVSS4.2AI score0.01802EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.54 views

ESA-2011-012: Security update for EMC NetWorker Module for Microsoft Applications

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-012: Security update for EMC NetWorker Module for Microsoft Applications. EMC Identifier: ESA-2011-012 CVE Identifier: CVE-2011-0647 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC NetWorker Module f...

10CVSS2.1AI score0.63676EPSS
Exploits5
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.54 views

XSS Vulnerability in Tracks 1.7.2

Information -------------------- Name : XSS vulnerability in Tracks Software : Tracks 1.7.2. Vendor Hompeage : http://getontracks.org/ Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur mesut at mavitunasecurity dot com Advisory Reference : NS-11-003 Description...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.39 views

[SECURITY] [DSA 2205-1] gdm3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2205-1 [email protected] http://www.debian.org/security/ Florian Weimer March 28, 2011 http://www.debian.org/security/faq -...

6.9CVSS1.8AI score0.00376EPSS
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.37 views

Cisco Secure Access Control System privilege escalation

It's possible to reset any user's password...

5CVSS3.5AI score0.1464EPSS
Exploits2References1
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.41 views

HTB22907: Directory Traversal in Collabtive

Vulnerability ID: HTB22907 Reference: http://www.htbridge.ch/advisory/directorytraversalincollabtive.html Product: Collabtive Vendor: Open Dynamics http://collabtive.o-dyn.de/ Vulnerable Version: 0.6.5 and probably prior versions Vendor Notification: 17 March 2011 Vulnerability Type: Directory...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.38 views

EMC Replication Manager code execution

Command execution via TCP/6542 service...

10CVSS3.9AI score0.63676EPSS
Exploits5References3Affected Software2
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.37 views

"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path

"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path Author: alieye class : remote E-mail: [email protected] greetz: C.S.Eye Security Team members We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.55 views

HTB22910: XSRF (CSRF) in Feng Office

Vulnerability ID: HTB22910 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinfengoffice.html Product: Feng Office Vendor: Secure Data SRL http://www.fengoffice.com/ Vulnerable Version: 1.7.3.3 and probably prior versions Vendor Notification: 17 March 2011 Vulnerability Type: CSRF Cross-Site...

6.6AI score
Exploits0
Total number of security vulnerabilities47153