Securityvulns - Page 26 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/03/21 12:0 a.m.•35 views

Citrix Nitro security vulnerabilities

Crossite scripting, commands injection...

Exploits0References2Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•128 views

Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security

-= Advanced Information Security Corporation =- ------------------------------------------------------------------------ Author: Nicholas Lemonias Type: Security Audit Notes Date: 17/3/2015 Email: lem.nikolas at gmail dot com Audit: OpenSSL v1.0.2 22nd of January, 2015 Release...

securityvulns•added 2015/03/21 12:0 a.m.•19 views

Websense Triton multiple security vulnerabilities

Crossite scripting, authentication bypass, commands injection...

Exploits0References9Affected Software2

securityvulns•added 2015/03/21 12:0 a.m.•29 views

Citrix NetScaler VPX crossite scripting

Crossite scripting in help pages...

Exploits0References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•24 views

DSS TFTP directory traversal

Directory traversal on file transmission...

Exploits0References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•24 views

D-Link and TRENDnet routers vulnerabilities

CSRF, authentication bypass...

Exploits0References1

securityvulns•added 2015/03/21 12:0 a.m.•33 views

Apache Xerces-C DoS

Memory corruption on XML parsing...

5CVSS3.7AI score0.39916EPSS

Exploits4References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•28 views

Citrix Command Center authentication bypass

Advent JMX is accessible...

Exploits0References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•39 views

Citrix NITRO SDK xen_hotfix page is vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Citrix NITRO SDK xenhotfix page is vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, August 2014...

securityvulns•added 2015/03/21 12:0 a.m.•76 views

Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Web Portal Report Favorites ------------------------------------------------------------------------ Han Sahin, November 2014...

3.5CVSS0.8AI score0.01585EPSS

securityvulns•added 2015/03/21 12:0 a.m.•48 views

[Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security AdvisoryONAPSIS-2015-003: SAP Business Objects Unauthorized File Repository Server Write via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to overwri...

7.5AI score0.03499EPSS

securityvulns•added 2015/03/21 12:0 a.m.•43 views

D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities

D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities Discovered by: ---- Peter Adkins [email protected] Access: ---- Local network; unauthenticated access. Remote network; unauthenticated access. Remote network; 'drive-by' via CSRF. Tracking and identifiers: ---- CVE - Mitre...

securityvulns•added 2015/03/21 12:0 a.m.•38 views

Viber for Android exposes insecure Javascript interface

------------------------------------------------------------------------ Viber for Android exposes insecure Javascript interface ------------------------------------------------------------------------ Yorick Koster, April 2014...

securityvulns•added 2015/03/21 12:0 a.m.•31 views

Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view

------------------------------------------------------------------------ Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•47 views

Multiple Cross-Site Scripting vulnerabilities in Websense Reporting

------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Websense Reporting ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•70 views

Xerces-C Security Advisory [CVE-2015-0252]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2015-0252: Apache Xerces-C XML Parser Crashes on Malformed Input Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Xerces-C XML Parser library versions prior to V3.1.2 Description: The Xerces-C XML parser...

5CVSS0.39916EPSS

securityvulns•added 2015/03/21 12:0 a.m.•32 views

Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, August 2014...

securityvulns•added 2015/03/21 12:0 a.m.•37 views

Cross-Site Scripting vulnerability in Websense Data Security block page

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Data Security block page ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•40 views

DSS TFTP 1.0 Server - Path Traversal Vulnerability

Document Title: =============== DSS TFTP 1.0 Server - Path Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1440 Release Date: ============= 2015-02-26 Vulnerability Laboratory ID VL-ID: ==================================== 1440...

securityvulns•added 2015/03/21 12:0 a.m.•59 views

Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in EMC M&R Watch4net Centralized Management Console ------------------------------------------------------------------------ Han Sahin, November 2014...

3.5CVSS1.1AI score0.01585EPSS

securityvulns•added 2015/03/21 12:0 a.m.•37 views

Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•65 views

Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery

------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014...

6.4CVSS0.6AI score0.01748EPSS

securityvulns•added 2015/03/21 12:0 a.m.•40 views

Apple Mac OS X multiple security vulnerabilities

Buffer overflows, DoS, memory corruption, restrictions bypass, weak cryptography...

10CVSS2.7AI score0.19633EPSS

Exploits1References2Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•50 views

[Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2015-002: SAP Business Objects Unauthorized File Repository Server Read via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to retriev...

7.4AI score0.03959EPSS

securityvulns•added 2015/03/21 12:0 a.m.•40 views

Source code disclosure of Websense Triton JSP files via double quote character

------------------------------------------------------------------------ Source code disclosure of Websense Triton JSP files via double quote character ------------------------------------------------------------------------ Han Sahin, September 2014...

securityvulns•added 2015/03/21 12:0 a.m.•82 views

OpenSSL multiple security vulnerabilities

NULL pointer dereferences, reahable asserts, memory corruptions...

7.5CVSS1.8AI score0.98685EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•78 views

EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection

------------------------------------------------------------------------ EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection ------------------------------------------------------------------------ Han Sahin, November 2014...

7.5CVSS3.1AI score0.0209EPSS

securityvulns•added 2015/03/21 12:0 a.m.•33 views

Command injection vulnerability in Citrix NITRO SDK xen_hotfix page

------------------------------------------------------------------------ Command injection vulnerability in Citrix NITRO SDK xenhotfix page ------------------------------------------------------------------------ Han Sahin, August 2014...

securityvulns•added 2015/03/21 12:0 a.m.•37 views

SAP HANA XSS

Crossite scripting in Web-based Development Workbench...

4.3CVSS0.8AI score0.01892EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•74 views

Jetty information leakage

Memory buffers content leakage...

5CVSS2.9AI score0.74881EPSS

Exploits16References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•38 views

SAP Business Objects multiple security vulnerabilities

Unauthorized access to multiple components...

5CVSS2.8AI score0.03959EPSS

Exploits2References4Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•60 views

EMC M&R (Watch4net) data storage collector credentials are not properly protected

------------------------------------------------------------------------ EMC M&R Watch4net data storage collector credentials are not properly protected ------------------------------------------------------------------------ Han Sahin, November 2014...

5CVSS1.5AI score0.07647EPSS

securityvulns•added 2015/03/21 12:0 a.m.•69 views

APPLE-SA-2015-03-19-1 Security Update 2015-003

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-19-1 Security Update 2015-003 Security Update 2015-003 is now available and addresses the following: iCloud Keychain Available for: OS X Yosemite v10.10.2 Impact: An attacker with a privileged network position may be able to execute...

9.3CVSS0.1AI score0.04207EPSS

securityvulns•added 2015/03/21 12:0 a.m.•23 views

Viber code execution

Unsafe Javascript interface in combination with unencrypted data transmission...

Exploits0References1Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•88 views

GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server

GDS LABS ALERT: CVE-2015-2080 JetLeak Vulnerability Remote Leakage Of Shared Buffers In Jetty Web Server SYNOPSIS ======== Gotham Digital Science discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data...

5CVSS8.5AI score0.74881EPSS

securityvulns•added 2015/03/21 12:0 a.m.•46 views

[Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2015-004: SAP Business Objects Unauthorized Audit Information Delete via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote unauthenticated attacker would be able to delete...

5CVSS0.2AI score0.02839EPSS

securityvulns•added 2015/03/21 12:0 a.m.•50 views

Missing access control on Websense Explorer web folder

------------------------------------------------------------------------ Missing access control on Websense Explorer web folder ------------------------------------------------------------------------ Han Sahin, September 2014 ----------------------------------------------------------------------...

securityvulns•added 2015/03/21 12:0 a.m.•110 views

[SECURITY] [DSA 3198-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3198-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 20, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.27869EPSS

securityvulns•added 2015/03/21 12:0 a.m.•109 views

PHP multiple security vulnerabilities

Resources exhaustion, memory corruptions...

7.5CVSS2.1AI score0.42593EPSS

Exploits18References2Affected Software1

securityvulns•added 2015/03/21 12:0 a.m.•42 views

Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users

------------------------------------------------------------------------ Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users ------------------------------------------------------------------------ Han Sahin, August 2014...

securityvulns•added 2015/03/18 12:0 a.m.•77 views

[CORE-2015-0006] - Fortinet Single Sign On Stack Overflow

Advisory Information Title: Fortinet Single Sign On Stack Overflow Advisory ID: CORE-2015-0006 Advisory URL: http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow Date published: 2015-03-18 Date of last update: 2015-03-18 Vendors contacted: Fortinet Release mode:...

7.5CVSS7.3AI score0.10529EPSS

securityvulns•added 2015/03/18 12:0 a.m.•42 views

Fortinet Single Sign buffer overflow

Buffer overflow on network messages parsing...

7.5CVSS4.3AI score0.10529EPSS

Exploits5References1Affected Software2

securityvulns•added 2015/03/18 12:0 a.m.•40 views

libXfont multiple security vulnerabilities

Memory corruptions on bdf parsing...

8.5CVSS3.5AI score0.04958EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/03/18 12:0 a.m.•46 views

GnuTLS security vulnerabilities

Protocol downgrade attacks...

5CVSS4AI score0.01586EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/03/18 12:0 a.m.•35 views

putty information leakage

Sensitive memory regions are not wiped...

2.1CVSS2.1AI score0.00585EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/03/18 12:0 a.m.•40 views

python requests library session fixation

Invalid cookies processing in redirects...

6.8CVSS3AI score0.03432EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/03/18 12:0 a.m.•52 views

[USN-2532-1] cups-filters vulnerability

========================================================================== Ubuntu Security Notice USN-2532-1 March 16, 2015 cups-filters vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

7.5CVSS1.5AI score0.02958EPSS

securityvulns•added 2015/03/18 12:0 a.m.•107 views

APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and address the following: WebKit Impact: Visiting a maliciously crafted website may lead to an unexpected application...

6.8CVSS0.5AI score0.03038EPSS

securityvulns•added 2015/03/18 12:0 a.m.•99 views

[USN-2531-1] Requests vulnerability

========================================================================== Ubuntu Security Notice USN-2531-1 March 16, 2015 requests vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS6.7AI score0.03432EPSS

securityvulns•added 2015/03/18 12:0 a.m.•58 views

[USN-2534-1] Libav vulnerabilities

========================================================================== Ubuntu Security Notice USN-2534-1 March 17, 2015 libav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.9AI score0.03143EPSS

Total number of security vulnerabilities47153