Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2015/03/08 12:0 a.m.54 views

[USN-2507-1] e2fsprogs vulnerabilities

========================================================================== Ubuntu Security Notice USN-2507-1 February 23, 2015 e2fsprogs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

4.6CVSS0.5AI score0.00897EPSS
Exploits0
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.37 views

Freetype multiple security vulnerabilities

Multiple memory corruptions on fonts parsing...

7.5CVSS3AI score0.07687EPSS
Exploits20References1Affected Software1
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.38 views

Apache taglibs security vulnerabilities

Code executions, XXE...

7.5CVSS2.8AI score0.1326EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.29 views

[SECURITY] [DSA 3178-1] unace security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3178-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 02, 2015 http://www.debian.org/security/faq -...

4.3CVSS2.4AI score0.02886EPSS
Exploits1
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.32 views

unace buffer overflow

Buffer overflow on archives extraction...

4.3CVSS4.7AI score0.02886EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.60 views

[USN-2510-1] FreeType vulnerabilities

========================================================================== Ubuntu Security Notice USN-2510-1 February 24, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

7.5CVSS0.5AI score0.07687EPSS
Exploits20
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.83 views

Vulnerabilities in ASUS RT-G32

Hello 3APA3A! There are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in ASUS Wireless Router RT-G32. ------------------------- Affected products: ------------------------- Vulnerable is the next model: ASUS RT-G32 with different versions of firmware. I checked in ASUS RT-G3...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.39 views

[security bulletin] HPSBST03274 rev.1 - HP XP P9000 Command View Advanced Edition Software Online Help for Windows and Linux, Remote Cross-site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04582371 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04582371 Version: 1 HPSBST03274 rev....

4.3CVSS0.4AI score0.02491EPSS
Exploits0
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.371 views

[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags

CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags Severity: Important Vendor: The Apache Software Foundation Versions Affected: Standard Taglibs 1.2.1 The unsupported 1.0.x and 1.1.x versions may also be affected. Description: When an application uses x:parse or x:transform tags to...

7.5CVSS0.1326EPSS
Exploits0
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.58 views

[ MDVSA-2015:050 ] patch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:050 http://www.mandriva.com/en/support/security/ Package : patch Date : March 2, 2015 Affected: Business Server 1.0 Problem Description: Updated patch package fixes security vulnerabilities: It was reported...

7.8CVSS6.3AI score0.11199EPSS
Exploits1
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.49 views

[SECURITY] [DSA 3165-1] xdg-utils security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3165-1 [email protected] http://www.debian.org/security/ Michael Gilbert February 21, 2015 http://www.debian.org/security/faq -...

0.8AI score0.03214EPSS
Exploits0
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.54 views

libicu multiple security vulnerabilities

Multiple memory corruptions...

10CVSS2.3AI score0.22753EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.65 views

GNU glibc multiple security vulnerabilities

Restrictions bypass, code execution, use-after-free, DoS...

7.8CVSS2.6AI score0.07688EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.40 views

CUPS integer overflow

Integer overflow on compressed raster files parsing...

6.8CVSS5AI score0.04633EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.59 views

CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four

Hi, A bug in Linux ASLR implementation for versions prior to 3.19-rc3 has been found. The issue is that the stack for processes is not properly randomized on some 64 bit architectures due to an integer overflow. Affected systems have reduced the stack entropy of the processes by four. Details at:...

2AI score0.03742EPSS
Exploits1
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.78 views

[USN-2522-1] ICU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2522-1 March 05, 2015 icu vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

10CVSS1.8AI score0.22753EPSS
Exploits5
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.80 views

[SECURITY] [DSA 3169-1] eglibc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

7.8CVSS1.9AI score0.07688EPSS
Exploits5
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.93 views

[USN-2511-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2511-1 February 26, 2015 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.6AI score0.00465EPSS
Exploits0
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.54 views

[SECURITY] [DSA 3172-1] cups security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3172-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 25, 2015 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.04633EPSS
Exploits0
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.108 views

[SECURITY] [DSA 3170-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3160-1 [email protected] http://www.debian.org/security/ Ben Hutchings February 23, 2015 http://www.debian.org/security/faq -...

10CVSS0.9AI score0.09828EPSS
Exploits7
securityvulns
securityvulns
added 2015/03/05 12:0 a.m.32 views

FreeBSD DoS

Integer overflow on igmp packet parsing...

7.8CVSS5.1AI score0.04153EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/03/05 12:0 a.m.60 views

FreeBSD Security Advisory FreeBSD-SA-15:04.igmp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:04.igmp Security Advisory The FreeBSD Project Topic: Integer overflow in IGMP protocol Category: core Module: igmp Announced: 2015-02-25 Credits: Mateusz...

7.8CVSS6.7AI score0.04153EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.77 views

[ MDVSA-2015:036 ] python-django

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:036 http://www.mandriva.com/en/support/security/ Package : python-django Date : February 6, 2015 Affected: Business Server 1.0 Problem Description: Updated python-django packages fix security vulnerabilities...

5CVSS5.9AI score0.06783EPSS
Exploits3
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.30 views

Samba memory corruption

Uninitilezed pointer free'ing potentially leads to code execution...

10CVSS4.2AI score0.87636EPSS
Exploits7Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.34 views

HP SiteScope privilege escalation

No description provided...

5.5CVSS1.5AI score0.01989EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.27 views

vorbis-tools DoS

out-of-bounds read on raw files processing...

5CVSS2AI score0.03243EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.35 views

Mooplayer buffer overflow

Buffer overflow on .m3u files parsing...

4.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.45 views

HP UCMDB information disclosure

No description provided...

5CVSS0.2AI score0.37022EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.24 views

LG On Screen Phone authentication bypass

Authentication is IP address based...

8.3CVSS2.1AI score0.0451EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.29 views

condor code execution

Unfiltered shell characters on mailx invocation...

4.1AI score0.0308EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.58 views

Apache Tomcar request spoofing

Request spoofing on chunked encoding processing...

6.4CVSS2AI score0.21045EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.26 views

EMC Captiva Capture information leakage

Cleartext password may be logged...

2.1CVSS1.6AI score0.00536EPSS
Exploits0References1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.68 views

articleFR CMS 3.0.5 - XSS vulnerability

Vulnerability title: articleFR CMS 3.0.5 - XSS vulnerability Product: articleFR Vendor: http://freereprintables.com Affected version: version 3.0.5 Download link: https://github.com/articlefr/articleFR Fixed version: N/A CVE ID: CVE-2015-1363 Author: Tran Dinh Tien [email protected] & ITAS Team...

4.3CVSS0.6AI score0.01892EPSS
Exploits2
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.55 views

CVE-2015-1172 Wordpress-theme remote arbitrary code

Product: holdingpattern Vendor: Liftux Vulnerable Versions: 0.6 and prior Tested Version: 0.6 Advisory Publication: January 18, 2015 Vendor Notification: January 14, 2015 Public Disclosure: January 18, 2015 Vulnerability Type: Exec Code Authentication: Not required to exploit CVE Reference:...

7.5CVSS0.6AI score0.59254EPSS
Exploits6
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.52 views

[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page

Advisory: Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page During a penetration test, RedTeam Pentesting discovered that the IBM Endpoint Manager Relay Diagnostics page allows anybody to persistently store HTML and JavaScript code that is executed when the page is opened in a...

4.3CVSS5.3AI score0.02253EPSS
Exploits4
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.75 views

BMC Footprints Service Core 11.5 - Multiple Cross Site Scripting Vulnerabilities (XSS)

About the Product: BMC FootPrints Service Core is an IT service and asset management platform used by many organizations to help the IT departments deliver more value to businesses. Advisory Details: During a Penetration testing, Help AG auditor Ayman Abdelaziz discovered the following: 1 Stored...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.40 views

Cisco WebEx Meetings Server code execution

Shell injection...

9CVSS2.3AI score0.03439EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.82 views

CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability

Exploit Title: Landesk Management Suite Cross-Site scripting vulnerabilityProduct: Landesk Management Suite Vulnerable Versions: 9.5 possible previous versions, 9.6 Tested Version: 9.5 Advisory Publication: Feb 02, 2015 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-5360...

4.3CVSS5.8AI score0.00991EPSS
Exploits3
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.269 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.59254EPSS
Exploits47References23Affected Software19
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.23 views

liveMedia integer overflow

Integer overflow on RTSP parsing...

7.5CVSS5.7AI score0.17415EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.41 views

ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities EMC Identifier: ESA-2015-010 CVE Identifier: CVE-2015-0517, CVE-2015-0518 Affected products: • EMC Documentum D2 3.1 and all patch versions • EMC Documentum D2 3.1 SP1 and all patch versions • E...

9CVSS1.1AI score0.03657EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.73 views

[security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04539443 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04539443 Version: 3 HPSBMU03232 rev....

5.5CVSS0.6AI score0.01989EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.60 views

[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04553906 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04553906 Version: 1 HPSBMU03239 rev....

5CVSS0.1AI score0.37022EPSS
Exploits5
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.36 views

IBM Endpoint Manager crossite scripting

Relay Diagnostics crossite scripting...

4.3CVSS2.3AI score0.02253EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.61 views

[ MDVSA-2015:030 ] bugzilla

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:030 http://www.mandriva.com/en/support/security/ Package : bugzilla Date : February 5, 2015 Affected: Business Server 1.0 Problem Description: Updated bugzilla packages fix security vulnerability: Some code ...

6.5CVSS6.4AI score0.0204EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.74 views

[CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5

CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link to tested version:...

7.5CVSS7.2AI score0.02395EPSS
Exploits5
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.42 views

Mooplayer 1.3.0 'm3u' SEH Buffer Overflow POC

!/usr/bin/env python Exploit Title: MooPlayer 1.3.0 'm3u' SEH Buffer Overflow POC Date Discovered: 09-02-2015 Exploit Author: Samandeep Singh @samanL33T Vulnerable Software: Moo player 1.3.0 Software Link: https://mooplayer.jaleco.com/ Vendor site: https://mooplayer.jaleco.com/ Version: 1.3.0...

1AI score
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.136 views

[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to craf...

6.4CVSS6.3AI score0.21045EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.44 views

[SECURITY] [DSA 3149-1] condor security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3149-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 02, 2015 http://www.debian.org/security/faq -...

1.6AI score0.0308EPSS
Exploits0
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.44 views

[ MDVSA-2015:037 ] vorbis-tools

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:037 http://www.mandriva.com/en/support/security/ Package : vorbis-tools Date : February 6, 2015 Affected: Business Server 1.0 Problem Description: Updated vorbis-tools package fixes security vulnerability:...

5CVSS5.3AI score0.03243EPSS
Exploits0
Total number of security vulnerabilities47153