Securityvulns - Page 28 of Securityvulns Vulnerabilities List

securityvulns•added 2015/03/08 12:0 a.m.•56 views

[ MDVSA-2015:050 ] patch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:050 http://www.mandriva.com/en/support/security/ Package : patch Date : March 2, 2015 Affected: Business Server 1.0 Problem Description: Updated patch package fixes security vulnerabilities: It was reported...

7.8CVSS6.3AI score0.04141EPSS

securityvulns•added 2015/03/08 12:0 a.m.•32 views

unace buffer overflow

Buffer overflow on archives extraction...

4.3CVSS4.7AI score0.01103EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/03/08 12:0 a.m.•28 views

Cisco IOS XR DoS

DoS on IPv6 packets processing...

7.1CVSS3.1AI score0.00563EPSS

securityvulns•added 2015/03/08 12:0 a.m.•366 views

[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags

CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags Severity: Important Vendor: The Apache Software Foundation Versions Affected: Standard Taglibs 1.2.1 The unsupported 1.0.x and 1.1.x versions may also be affected. Description: When an application uses x:parse or x:transform tags to...

7.5CVSS0.03808EPSS

securityvulns•added 2015/03/08 12:0 a.m.•36 views

libext2fs / e2fsprogs buffer overflow

Buffer overflow on block group descriptor information...

4.6CVSS2.6AI score0.004EPSS

Exploits0References3Affected Software1

securityvulns•added 2015/03/08 12:0 a.m.•38 views

Apache taglibs security vulnerabilities

Code executions, XXE...

7.5CVSS2.8AI score0.03808EPSS

securityvulns•added 2015/03/08 12:0 a.m.•56 views

[USN-2510-1] FreeType vulnerabilities

========================================================================== Ubuntu Security Notice USN-2510-1 February 24, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

7.5CVSS0.5AI score0.04649EPSS

Exploits21

securityvulns•added 2015/03/08 12:0 a.m.•34 views

[security bulletin] HPSBST03274 rev.1 - HP XP P9000 Command View Advanced Edition Software Online Help for Windows and Linux, Remote Cross-site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04582371 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04582371 Version: 1 HPSBST03274 rev....

4.3CVSS0.4AI score0.00595EPSS

securityvulns•added 2015/03/08 12:0 a.m.•28 views

[SECURITY] [DSA 3178-1] unace security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3178-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 02, 2015 http://www.debian.org/security/faq -...

4.3CVSS2.4AI score0.01103EPSS

securityvulns•added 2015/03/08 12:0 a.m.•51 views

[SECURITY] [DSA 3167-1] sudo security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3167-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 22, 2015 http://www.debian.org/security/faq -...

2.1CVSS0.6AI score0.0041EPSS

securityvulns•added 2015/03/07 12:0 a.m.•57 views

CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four

Hi, A bug in Linux ASLR implementation for versions prior to 3.19-rc3 has been found. The issue is that the stack for processes is not properly randomized on some 64 bit architectures due to an integer overflow. Affected systems have reduced the stack entropy of the processes by four. Details at:...

2AI score0.01966EPSS

securityvulns•added 2015/03/07 12:0 a.m.•76 views

[SECURITY] [DSA 3169-1] eglibc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

7.8CVSS1.9AI score0.087EPSS

securityvulns•added 2015/03/07 12:0 a.m.•65 views

GNU glibc multiple security vulnerabilities

Restrictions bypass, code execution, use-after-free, DoS...

7.8CVSS2.6AI score0.087EPSS

Exploits4References1Affected Software1

securityvulns•added 2015/03/07 12:0 a.m.•54 views

libicu multiple security vulnerabilities

Multiple memory corruptions...

10CVSS2.3AI score0.12809EPSS

Exploits5References1Affected Software1

securityvulns•added 2015/03/07 12:0 a.m.•52 views

[SECURITY] [DSA 3172-1] cups security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3172-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 25, 2015 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.05457EPSS

securityvulns•added 2015/03/07 12:0 a.m.•91 views

[USN-2511-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2511-1 February 26, 2015 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.6AI score0.0013EPSS

securityvulns•added 2015/03/07 12:0 a.m.•40 views

CUPS integer overflow

Integer overflow on compressed raster files parsing...

6.8CVSS5AI score0.05457EPSS

securityvulns•added 2015/03/07 12:0 a.m.•73 views

[USN-2522-1] ICU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2522-1 March 05, 2015 icu vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

10CVSS1.8AI score0.12809EPSS

securityvulns•added 2015/03/07 12:0 a.m.•104 views

[SECURITY] [DSA 3170-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3160-1 [email protected] http://www.debian.org/security/ Ben Hutchings February 23, 2015 http://www.debian.org/security/faq -...

10CVSS0.9AI score0.1713EPSS

Exploits7

securityvulns•added 2015/03/05 12:0 a.m.•32 views

FreeBSD DoS

Integer overflow on igmp packet parsing...

7.8CVSS5.1AI score0.00482EPSS

securityvulns•added 2015/03/05 12:0 a.m.•58 views

FreeBSD Security Advisory FreeBSD-SA-15:04.igmp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:04.igmp Security Advisory The FreeBSD Project Topic: Integer overflow in IGMP protocol Category: core Module: igmp Announced: 2015-02-25 Credits: Mateusz...

7.8CVSS6.7AI score0.00482EPSS

securityvulns•added 2015/02/23 12:0 a.m.•42 views

[ MDVSA-2015:037 ] vorbis-tools

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:037 http://www.mandriva.com/en/support/security/ Package : vorbis-tools Date : February 6, 2015 Affected: Business Server 1.0 Problem Description: Updated vorbis-tools package fixes security vulnerability:...

5CVSS5.3AI score0.01096EPSS

securityvulns•added 2015/02/23 12:0 a.m.•62 views

[CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5

CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link to tested version:...

7.5CVSS7.2AI score0.01345EPSS

securityvulns•added 2015/02/23 12:0 a.m.•60 views

[ MDVSA-2015:030 ] bugzilla

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:030 http://www.mandriva.com/en/support/security/ Package : bugzilla Date : February 5, 2015 Affected: Business Server 1.0 Problem Description: Updated bugzilla packages fix security vulnerability: Some code ...

6.5CVSS6.4AI score0.00633EPSS

securityvulns•added 2015/02/23 12:0 a.m.•73 views

[ MDVSA-2015:036 ] python-django

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:036 http://www.mandriva.com/en/support/security/ Package : python-django Date : February 6, 2015 Affected: Business Server 1.0 Problem Description: Updated python-django packages fix security vulnerabilities...

5CVSS5.9AI score0.07842EPSS

Exploits3

securityvulns•added 2015/02/23 12:0 a.m.•33 views

HP SiteScope privilege escalation

No description provided...

5.5CVSS1.5AI score0.0037EPSS

securityvulns•added 2015/02/23 12:0 a.m.•51 views

CVE-2015-1172 Wordpress-theme remote arbitrary code

Product: holdingpattern Vendor: Liftux Vulnerable Versions: 0.6 and prior Tested Version: 0.6 Advisory Publication: January 18, 2015 Vendor Notification: January 14, 2015 Public Disclosure: January 18, 2015 Vulnerability Type: Exec Code Authentication: Not required to exploit CVE Reference:...

7.5CVSS0.6AI score0.81153EPSS

Exploits6

securityvulns•added 2015/02/23 12:0 a.m.•35 views

Mooplayer buffer overflow

Buffer overflow on .m3u files parsing...

4.8AI score

securityvulns•added 2015/02/23 12:0 a.m.•73 views

Radexscript CMS 2.2.0 - SQL Injection vulnerability

Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Vendor: http://redaxscript.com/ Product: Radexscript CMS Software link: http://redaxscript.com/download/releases Affected version: Redaxscript 2.2.0 Fixed version: Redaxscript 2.3.0 CVE ID: CVE-2015-1518 Author: Pham Kien...

7.5CVSS0.02486EPSS

securityvulns•added 2015/02/23 12:0 a.m.•70 views

articleFR CMS 3.0.5 - SQL injection vulnerability

Vulnerability title: articleFR CMS 3.0.5 - SQL injection vulnerability Product: articleFR Vendor: http://freereprintables.com Affected version: version 3.0.5 Download link: https://github.com/articlefr/articleFR Fixed version: N/A CVE ID: CVE-2015-1364 Author: Tran Dinh Tien [email protected] &...

7.5CVSS0.2AI score0.01978EPSS

Exploits2

securityvulns•added 2015/02/23 12:0 a.m.•39 views

LG On Screen Phone authentication bypass (CVE-2014-8757)

LG On Screen Phone authentication bypass vulnerability ------------------------------------------------------ SEARCH-LAB Ltd. discovered a serious security vulnerability in the On Screen Phone protocol used by LG Smart Phones. A malicious attacker is able to bypass the authentication phase of the...

8.3CVSS6.4AI score0.10806EPSS

securityvulns•added 2015/02/23 12:0 a.m.•42 views

[SECURITY] [DSA 3149-1] condor security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3149-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 02, 2015 http://www.debian.org/security/faq -...

1.6AI score0.01138EPSS

securityvulns•added 2015/02/23 12:0 a.m.•33 views

ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-010: EMC Documentum D2 Multiple Vulnerabilities EMC Identifier: ESA-2015-010 CVE Identifier: CVE-2015-0517, CVE-2015-0518 Affected products: • EMC Documentum D2 3.1 and all patch versions • EMC Documentum D2 3.1 SP1 and all patch versions • E...

9CVSS1.1AI score0.01159EPSS

securityvulns•added 2015/02/23 12:0 a.m.•29 views

condor code execution

Unfiltered shell characters on mailx invocation...

4.1AI score0.01138EPSS

securityvulns•added 2015/02/23 12:0 a.m.•26 views

EMC Captiva Capture information leakage

Cleartext password may be logged...

2.1CVSS1.6AI score0.0009EPSS

Exploits0References1

securityvulns•added 2015/02/23 12:0 a.m.•51 views

[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page

Advisory: Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page During a penetration test, RedTeam Pentesting discovered that the IBM Endpoint Manager Relay Diagnostics page allows anybody to persistently store HTML and JavaScript code that is executed when the page is opened in a...

4.3CVSS5.3AI score0.01233EPSS

Exploits4

securityvulns•added 2015/02/23 12:0 a.m.•36 views

IBM Endpoint Manager crossite scripting

Relay Diagnostics crossite scripting...

4.3CVSS2.3AI score0.01233EPSS

Exploits4References1Affected Software1

securityvulns•added 2015/02/23 12:0 a.m.•45 views

HP UCMDB information disclosure

No description provided...

5CVSS0.2AI score0.57742EPSS

Exploits5References1Affected Software1

securityvulns•added 2015/02/23 12:0 a.m.•57 views

[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04553906 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04553906 Version: 1 HPSBMU03239 rev....

5CVSS0.1AI score0.57742EPSS

securityvulns•added 2015/02/23 12:0 a.m.•266 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.81153EPSS

Exploits47References23Affected Software19

securityvulns•added 2015/02/23 12:0 a.m.•72 views

CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability

Exploit Title: Landesk Management Suite Cross-Site scripting vulnerabilityProduct: Landesk Management Suite Vulnerable Versions: 9.5 possible previous versions, 9.6 Tested Version: 9.5 Advisory Publication: Feb 02, 2015 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-5360...

4.3CVSS5.8AI score0.00318EPSS

Exploits3

securityvulns•added 2015/02/23 12:0 a.m.•50 views

[SECURITY] [DSA 3156-1] liblivemedia security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3156-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 07, 2015 http://www.debian.org/security/faq -...

7.5CVSS3.5AI score0.03355EPSS

securityvulns•added 2015/02/23 12:0 a.m.•58 views

Apache Tomcar request spoofing

Request spoofing on chunked encoding processing...

6.4CVSS2AI score0.78235EPSS

securityvulns•added 2015/02/23 12:0 a.m.•65 views

articleFR CMS 3.0.5 - XSS vulnerability

Vulnerability title: articleFR CMS 3.0.5 - XSS vulnerability Product: articleFR Vendor: http://freereprintables.com Affected version: version 3.0.5 Download link: https://github.com/articlefr/articleFR Fixed version: N/A CVE ID: CVE-2015-1363 Author: Tran Dinh Tien [email protected] & ITAS Team...

4.3CVSS0.6AI score0.00334EPSS

Exploits2

securityvulns•added 2015/02/23 12:0 a.m.•65 views

[security bulletin] HPSBMU03232 rev.3 - HP SiteScope, Remote Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04539443 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04539443 Version: 3 HPSBMU03232 rev....

5.5CVSS0.6AI score0.0037EPSS

securityvulns•added 2015/02/23 12:0 a.m.•29 views

Samba memory corruption

Uninitilezed pointer free'ing potentially leads to code execution...

10CVSS4.2AI score0.90696EPSS

Exploits7Affected Software1

securityvulns•added 2015/02/23 12:0 a.m.•39 views

Cisco WebEx Meetings Server code execution

Shell injection...

9CVSS2.3AI score0.00737EPSS

securityvulns•added 2015/02/23 12:0 a.m.•72 views

BMC Footprints Service Core 11.5 - Multiple Cross Site Scripting Vulnerabilities (XSS)

About the Product: BMC FootPrints Service Core is an IT service and asset management platform used by many organizations to help the IT departments deliver more value to businesses. Advisory Details: During a Penetration testing, Help AG auditor Ayman Abdelaziz discovered the following: 1 Stored...

0.8AI score

securityvulns•added 2015/02/23 12:0 a.m.•133 views

[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to craf...

6.4CVSS6.3AI score0.78235EPSS