Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.85 views

Arbitrary file deletion and multiple XSS vulnerabilities in pfSense

Advisory ID: HTB23251 Product: pfSense Vendor: Electric Sheep Fencing LLC Vulnerable Versions: 2.2 and probably prior Tested Version: 2.2 Advisory Publication: March 4, 2015 without technical details Vendor Notification: March 4, 2015 Vendor Patch: March 5, 2015 Public Disclosure: March 25, 2015...

6.8CVSS0.1AI score0.65927EPSS
Exploits6
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.88 views

[USN-2539-1] Django vulnerabilities

========================================================================== Ubuntu Security Notice USN-2539-1 March 23, 2015 python-django vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

5CVSS0.6AI score0.05026EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.88 views

[SECURITY] [DSA 3249-1] jqueryui security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3249-1 [email protected] http://www.debian.org/security/ Sebastien Delafond May 03, 2015 http://www.debian.org/security/faq -...

4.3CVSS1.4AI score0.18351EPSS
Exploits1
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.88 views

Pligg CMS 2.0.2 - Stored XSS

Hi Team, Affected Vendor: http://pligg.com/ Date: 23/04/2015 Discovered by: Joel Vadodil Varghese Type of vulnerability: Persistent XSS Tested on: Windows 8.1 Product: Pligg CMS Version: 2.0.2 Tested Link: http://localhost/pligg/admin/adminpage.php Description: Pligg CMS is a content management...

0.6AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.50 views

WordPress 4.2 stored XSS

OVERVIEW ========== Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed. If triggered by a logged-in administrator, under default settings the attacker can leverag...

7.3AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.124 views

PDF Converter & Editor 2.1 iOS - File Include Vulnerability

Document Title: =============== PDF Converter & Editor 2.1 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1480 Release Date: ============= 2015-05-06 Vulnerability Laboratory ID VL-ID: ===================================...

7.8AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.78 views

[SECURITY] [DSA 3200-1] drupal7 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3200-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 20, 2015 http://www.debian.org/security/faq -...

3.5CVSS1.5AI score0.01647EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.30 views

[security bulletin] HPSBMU03292 rev.1 - HP Operations Orchestration Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04595607 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04595607 Version: 1 HPSBMU03292 rev....

7.5CVSS0.3AI score0.04111EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.71 views

vPhoto-Album v4.2 iOS - File Include Web Vulnerability

Document Title: =============== vPhoto-Album v4.2 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1477 Release Date: ============= 2015-05-05 Vulnerability Laboratory ID VL-ID: ==================================== 147...

6.6AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.69 views

Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network Configuration

Title:- Cross-Site Request Forgery CSRF Vulnerability in ManageEngine Network Configuration Management Author: Kaustubh G. Padwad Vendor: ZOHO Corp Product: ManageEngine Network Configuration Manager Tested Version: : Network Configuration Manager Build 11000 Severity: HIGH About the Product:...

Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.53 views

[SECURITY] [DSA 3202-1] mono security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3202-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 22, 2015 http://www.debian.org/security/faq -...

7.5CVSS2.2AI score0.03539EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/11 12:0 a.m.46 views

CSRF/XSSIn Ad_InSerter Wordpress

================================================================ CSRF/Stored XSS Vulnerability in Ad Inserter Plugin ================================================================ . contents:: Table Of Content Overview ======== Title :CSRF and Stored XSS Vulnerability in Ad Inserter Wordpress...

6AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.126 views

[SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-018 Product: BullGuard Premium Protection Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...

0.2AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.93 views

APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and address the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite...

6.8CVSS0.6AI score0.10946EPSS
Exploits2
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.73 views

Album Streamer v2.0 iOS - Directory Traversal Vulnerability

Document Title: =============== Album Streamer v2.0 iOS - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1481 Release Date: ============= 2015-05-07 Vulnerability Laboratory ID VL-ID: ===================================...

0.7AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.37 views

[SYSS-2015-017] BullGuard Internet Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-017 Product: BullGuard Internet Security Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...

0.5AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.76 views

Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability

Document Title: =============== Grindr v2.1.1 iOS & Account System - Breach Attack Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1420 Release Date: ============= 2015-05-03 Vulnerability Laboratory ID VL-ID:...

6.4AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.62 views

[ MDVSA-2015:232 ] libtasn1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:232 http://www.mandriva.com/en/support/security/ Package : libtasn1 Date : May 8, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated libtasn1 packages fix security...

4.3CVSS6AI score0.33094EPSS
Exploits1
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.41 views

libtasn1 buffer overflow

Heap buffer overflow on DER decoding...

4.3CVSS2.6AI score0.33094EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.63 views

Linux kernel multiple security vulnerabilities

DoS, privilege escalation, protection bypass...

9.3CVSS2.9AI score0.10027EPSS
Exploits1References6Affected Software2
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.50 views

Apple Safari / Webkit multiple security vulnerabilities

Multiple memory corruptions, files access, interface spoofing...

6.8CVSS2.4AI score0.10946EPSS
Exploits2References1Affected Software1
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.58 views

[USN-2597-2] Linux kernel (Trusty HWE) regression

========================================================================== Ubuntu Security Notice USN-2597-2 May 08, 2015 linux-lts-trusty regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

0.2AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/10 12:0 a.m.142 views

[SYSS-2015-019] BullGuard Antivirus - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-019 Product: BullGuard Antivirus Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solution...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.51 views

[ MDVSA-2015:210 ] qemu

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:210 http://www.mandriva.com/en/support/security/ Package : qemu Date : April 27, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated qemu packages fix security vulnerabilitie...

7.8CVSS8.2AI score0.07393EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.34 views

qt multiple security vulnerabilities

Memory corruptions on different graphics formats parsing...

6.8CVSS3.2AI score0.08736EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.31 views

OpenFire certificate validation vulnerability

No description provided...

5CVSS1.3AI score0.01767EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.76 views

Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities

Document Title: =============== Wireless File Transfer Pro Android - CSRF Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1437 Release Date: ============= 2015-02-25 Vulnerability Laboratory ID VL-ID: ====================================...

7.6AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.68 views

Mobile Drive HD v1.8 - File Include Web Vulnerability

Document Title: =============== Mobile Drive HD v1.8 - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1446 Release Date: ============= 2015-03-11 Vulnerability Laboratory ID VL-ID: ==================================== 1446...

7.7AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.73 views

AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%

A security issue in Linux ASLR implementation which affects some AMD processors has been found. The issue affects to all Linux process even if they are not using shared libraries statically compiled. The problem appears because some mmapped objects VDSO, libraries, etc. are poorly randomized in a...

0.9AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.102 views

Incorrect handling of self signed certificates in OpenFire XMPP Server

Incorrect handling of self signed certificates in OpenFire XMPP Server Affected software: OpenFire XMPP server Affected versions: 3.9.3 and earlier Vulnerabilities addressed: CVE-2014-3451, CVE-2015-2080 Openfire is a real time collaboration RTC server licensed under the Open Source Apache Licens...

5CVSS0.74881EPSS
Exploits16
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.37 views

[USN-2576-1] usb-creator vulnerability

========================================================================== Ubuntu Security Notice USN-2576-1 April 23, 2015 usb-creator vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.3AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.51 views

[slackware-security] qt (SSA:2015-111-13)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security qt SSA:2015-111-13 New qt packages are available for Slackware 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

6.8CVSS7.9AI score0.08736EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.25 views

glusterfs DoS

Infinite loop...

5CVSS1.3AI score0.02739EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.71 views

[ MDVSA-2015:190 ] owncloud

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:190 http://www.mandriva.com/en/support/security/ Package : owncloud Date : April 1, 2015 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in...

6.8CVSS6AI score0.01859EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.128 views

[SECURITY] [DSA 3248-1] libphp-snoopy security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3248-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 02, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.4AI score0.0413EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.57 views

Linux ASLR mmap weakness: Reducing entropy by half

A bug in Linux ASLR implementation has been found. The issue is that the mmap base address for processes is not properly randomized on some architectures due to an improper bit-mask manipulation. Affected systems have reduced the mmap area entropy of the processes by half. The number of possible...

Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.65 views

[USN-2579-1] autofs vulnerability

========================================================================== Ubuntu Security Notice USN-2579-1 April 27, 2015 autofs vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

4.4CVSS0.1AI score0.00335EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.83 views

[USN-2583-1] Linux kernel vulnerability

========================================================================== Ubuntu Security Notice USN-2583-1 April 30, 2015 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

6.2CVSS0.6AI score0.00315EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.34 views

GNU glibc security vulnerabilities

пgethostbynamer buffer overflow, getaddrinfo race conditions...

6.8CVSS3.7AI score0.05808EPSS
Exploits2References1Affected Software1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.63 views

[ MDVSA-2015:218 ] glibc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:218 http://www.mandriva.com/en/support/security/ Package : glibc Date : April 30, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Multiple vulnerabilities has been found and...

6.8CVSS9.3AI score0.05808EPSS
Exploits2
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.60 views

[SECURITY] [DSA 3237-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3237-1 [email protected] http://www.debian.org/security/ Ben Hutchings April 26, 2015 http://www.debian.org/security/faq -...

9.3CVSS1.1AI score0.10027EPSS
Exploits1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.62 views

PHP security vulnerabilities

apache2handler code execution, memory corruption on archives parsing...

7.5CVSS4.9AI score0.38434EPSS
Exploits3References1Affected Software1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.59 views

automount privilege escalation

Insufficient local variables filtering...

4.4CVSS4.9AI score0.00335EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.63 views

Elasticsearch vulnerability CVE-2015-3337

Summary: All Elasticsearch versions prior to 1.5.2 and 1.4.5 are vulnerable to a directory traversal attack that allows an attacker to retrieve files from the server running Elasticsearch. This vulnerability is not present in the initial installation of Elasticsearch. The vulnerability is exposed...

4.3CVSS0.6AI score0.33129EPSS
Exploits5
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.36 views

HUAWEI MobiConnect 23.9.17.216 - Privilege Escalation Vulnerability

Document Title: =============== HUAWEI MobiConnect 23.9.17.216 - Privilege Escalation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1389 Release Date: ============= 2015-05-04 Vulnerability Laboratory ID VL-ID:...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.77 views

Dnsmasq 2.72 Unchecked returned value

"Dnsmasq 2.72 Unchecked returned value" Description ------------------------------------------------------------ Dnsmasq does not properly check the return value of the setupreply function called during a tcp connection by the tcprequest function. This return value is then used as a size argument...

6.4CVSS0.3AI score0.04456EPSS
Exploits1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.103 views

[ MDVSA-2015:209 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:209 http://www.mandriva.com/en/support/security/ Package : php Date : April 27, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated php packages fix security vulnerabilities:...

7.5CVSS8.5AI score0.38434EPSS
Exploits3
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.90 views

[USN-2590-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2590-1 April 30, 2015 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.9CVSS0.4AI score0.03027EPSS
Exploits1
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.52 views

[SECURITY] [DSA 3244-1] owncloud security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3244-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 02, 2015 http://www.debian.org/security/faq -...

6CVSS1.3AI score0.02206EPSS
Exploits0
securityvulns
securityvulnsadded 2015/05/05 12:0 a.m.28 views

librsync weak permission

Weak hash function is used...

5.8CVSS2.1AI score0.02939EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities47153