Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•35 views

SAP HANA XSS

Crossite scripting in Web-based Development Workbench...

4.3CVSS0.8AI score0.00256EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•38 views

Citrix NITRO SDK xen_hotfix page is vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Citrix NITRO SDK xenhotfix page is vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, August 2014...

0.4AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•48 views

Command injection vulnerability in EMC Secure Remote Services Virtual Edition

------------------------------------------------------------------------ Command injection vulnerability in EMC Secure Remote Services Virtual Edition ------------------------------------------------------------------------ Han Sahin, November 2014...

7.5CVSS3.3AI score0.01832EPSS
Exploits2
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•24 views

DSS TFTP directory traversal

Directory traversal on file transmission...

3.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•58 views

Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Centralized Management Console ------------------------------------------------------------------------ Han Sahin, November 2014...

3.5CVSS1.1AI score0.0024EPSS
Exploits6
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•42 views

[Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security AdvisoryONAPSIS-2015-003: SAP Business Objects Unauthorized File Repository Server Write via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to overwri...

7.5AI score0.02139EPSS
Exploits1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•37 views

SAP Business Objects multiple security vulnerabilities

Unauthorized access to multiple components...

5CVSS2.8AI score0.02344EPSS
Exploits2References4Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•28 views

Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view

------------------------------------------------------------------------ Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view ------------------------------------------------------------------------ Han Sahin, September 2014...

1.2AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•71 views

Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...

3.5CVSS0.8AI score0.0024EPSS
Exploits6
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•53 views

EMC M&R (Watch4net) data storage collector credentials are not properly protected

------------------------------------------------------------------------ EMC M&R Watch4net data storage collector credentials are not properly protected ------------------------------------------------------------------------ Han Sahin, November 2014...

5CVSS1.5AI score0.18285EPSS
Exploits5
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•67 views

APPLE-SA-2015-03-19-1 Security Update 2015-003

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-19-1 Security Update 2015-003 Security Update 2015-003 is now available and addresses the following: iCloud Keychain Available for: OS X Yosemite v10.10.2 Impact: An attacker with a privileged network position may be able to execute...

9.3CVSS0.1AI score0.05405EPSS
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•35 views

Cross-Site Scripting vulnerability in Websense Data Security block page

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Data Security block page ------------------------------------------------------------------------ Han Sahin, September 2014...

1.4AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•34 views

Command injection vulnerability in network diagnostics tool of Websense Appliance Manager

------------------------------------------------------------------------ Command injection vulnerability in network diagnostics tool of Websense Appliance Manager ------------------------------------------------------------------------ Han Sahin, September 2014...

3AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•30 views

Viber for Android exposes insecure Javascript interface

------------------------------------------------------------------------ Viber for Android exposes insecure Javascript interface ------------------------------------------------------------------------ Yorick Koster, April 2014...

2.3AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•42 views

[Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2015-002: SAP Business Objects Unauthorized File Repository Server Read via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to retriev...

7.4AI score0.02344EPSS
Exploits1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•73 views

Jetty information leakage

Memory buffers content leakage...

5CVSS2.9AI score0.91392EPSS
Exploits16References1Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•23 views

Viber code execution

Unsafe Javascript interface in combination with unencrypted data transmission...

3.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•38 views

Source code disclosure of Websense Triton JSP files via double quote character

------------------------------------------------------------------------ Source code disclosure of Websense Triton JSP files via double quote character ------------------------------------------------------------------------ Han Sahin, September 2014...

1.9AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•68 views

Xerces-C Security Advisory [CVE-2015-0252]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2015-0252: Apache Xerces-C XML Parser Crashes on Malformed Input Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Xerces-C XML Parser library versions prior to V3.1.2 Description: The Xerces-C XML parser...

5CVSS0.25211EPSS
Exploits4
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•73 views

Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser

------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net MIB Browser ------------------------------------------------------------------------ Han Sahin, November 2014...

4CVSS0.2AI score0.21436EPSS
Exploits7
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•82 views

OpenSSL multiple security vulnerabilities

NULL pointer dereferences, reahable asserts, memory corruptions...

7.5CVSS1.8AI score0.91945EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•62 views

EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection

------------------------------------------------------------------------ EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection ------------------------------------------------------------------------ Han Sahin, November 2014...

7.5CVSS3.1AI score0.00432EPSS
Exploits3
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•37 views

Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users

------------------------------------------------------------------------ Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users ------------------------------------------------------------------------ Han Sahin, August 2014...

2.1AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•32 views

Apache Xerces-C DoS

Memory corruption on XML parsing...

5CVSS3.7AI score0.25211EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•24 views

D-Link and TRENDnet routers vulnerabilities

CSRF, authentication bypass...

4.1AI score
Exploits0References1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•40 views

[Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2015-004: SAP Business Objects Unauthorized Audit Information Delete via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to delete...

5CVSS0.2AI score0.01189EPSS
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•36 views

Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014...

0.6AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•63 views

Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Alerting Frontend ------------------------------------------------------------------------ Han Sahin, November 2014...

3.5CVSS1.2AI score0.0024EPSS
Exploits6
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•121 views

Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security

-= Advanced Information Security Corporation =- ------------------------------------------------------------------------ Author: Nicholas Lemonias Type: Security Audit Notes Date: 17/3/2015 Email: lem.nikolas at gmail dot com Audit: OpenSSL v1.0.2 22nd of January, 2015 Release...

7.2AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•39 views

DSS TFTP 1.0 Server - Path Traversal Vulnerability

Document Title: =============== DSS TFTP 1.0 Server - Path Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1440 Release Date: ============= 2015-02-26 Vulnerability Laboratory ID VL-ID: ==================================== 1440...

0.2AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•31 views

Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, August 2014...

0.2AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•28 views

Citrix Command Center authentication bypass

Advent JMX is accessible...

3.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•35 views

D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities

D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities Discovered by: ---- Peter Adkins [email protected] Access: ---- Local network; unauthenticated access. Remote network; unauthenticated access. Remote network; 'drive-by' via CSRF. Tracking and identifiers: ---- CVE - Mitre...

0.4AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•44 views

Multiple Cross-Site Scripting vulnerabilities in Websense Reporting

------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Websense Reporting ------------------------------------------------------------------------ Han Sahin, September 2014...

1.5AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•19 views

Websense Triton multiple security vulnerabilities

Crossite scripting, authentication bypass, commands injection...

1.9AI score
Exploits0References9Affected Software2
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•34 views

Cross-Site Scripting vulnerability in Websense Explorer report scheduler

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Explorer report scheduler ------------------------------------------------------------------------ Han Sahin, September 2014...

1.1AI score
Exploits0
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•40 views

Apple Mac OS X multiple security vulnerabilities

Buffer overflows, DoS, memory corruption, restrictions bypass, weak cryptography...

10CVSS2.7AI score0.05405EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•33 views

Citrix Nitro security vulnerabilities

Crossite scripting, commands injection...

1.8AI score
Exploits0References2Affected Software1
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•81 views

GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server

GDS LABS ALERT: CVE-2015-2080 JetLeak Vulnerability Remote Leakage Of Shared Buffers In Jetty Web Server SYNOPSIS ======== Gotham Digital Science discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data...

5CVSS8.5AI score0.91392EPSS
Exploits16
securityvulns
securityvulns•added 2015/03/21 12:0 a.m.•31 views

Command injection vulnerability in Citrix NITRO SDK xen_hotfix page

------------------------------------------------------------------------ Command injection vulnerability in Citrix NITRO SDK xenhotfix page ------------------------------------------------------------------------ Han Sahin, August 2014...

2.1AI score
Exploits0
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•57 views

[USN-2534-1] Libav vulnerabilities

========================================================================== Ubuntu Security Notice USN-2534-1 March 17, 2015 libav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.9AI score0.0152EPSS
Exploits0
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•74 views

[CORE-2015-0006] - Fortinet Single Sign On Stack Overflow

Advisory Information Title: Fortinet Single Sign On Stack Overflow Advisory ID: CORE-2015-0006 Advisory URL: http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow Date published: 2015-03-18 Date of last update: 2015-03-18 Vendors contacted: Fortinet Release mode:...

7.5CVSS7.3AI score0.31617EPSS
Exploits5
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•48 views

Apple Safari / Webkit multiple security vulnerabilities

Multiple memory corruptions, spoofing...

6.8CVSS1.8AI score0.01015EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•48 views

[SECURITY] [DSA 3190-1] putty security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3190-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq -...

2.1CVSS1.7AI score0.00126EPSS
Exploits0
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•39 views

libXfont multiple security vulnerabilities

Memory corruptions on bdf parsing...

8.5CVSS3.5AI score0.03074EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•79 views

[SECURITY] [DSA 3196-1] file security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3196-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 18, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.06827EPSS
Exploits0
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•106 views

APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and address the following: WebKit Impact: Visiting a maliciously crafted website may lead to an unexpected application...

6.8CVSS0.5AI score0.01015EPSS
Exploits0
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•126 views

[USN-2535-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2535-1 March 18, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.5CVSS1.4AI score0.60759EPSS
Exploits11
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•58 views

[SECURITY] [DSA 3192-1] checkpw security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3192-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 17, 2015 http://www.debian.org/security/faq -...

5CVSS1.2AI score0.00887EPSS
Exploits0
securityvulns
securityvulns•added 2015/03/18 12:0 a.m.•46 views

GnuTLS security vulnerabilities

Protocol downgrade attacks...

5CVSS4AI score0.00426EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities47153