Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2015/02/23 12:0 a.m.•39 views

Mooplayer 1.3.0 'm3u' SEH Buffer Overflow POC

!/usr/bin/env python Exploit Title: MooPlayer 1.3.0 'm3u' SEH Buffer Overflow POC Date Discovered: 09-02-2015 Exploit Author: Samandeep Singh @samanL33T Vulnerable Software: Moo player 1.3.0 Software Link: https://mooplayer.jaleco.com/ Vendor site: https://mooplayer.jaleco.com/ Version: 1.3.0...

1AI score
Exploits0
securityvulns
securityvulns•added 2015/02/23 12:0 a.m.•27 views

vorbis-tools DoS

out-of-bounds read on raw files processing...

5CVSS2AI score0.01096EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/23 12:0 a.m.•115 views

articleFR CMS 3.0.5 - Arbitrary File Upload

Vulnerability title: articleFR CMS 3.0.5 - Arbitrary File Upload Product: articleFR CMS Vendor: http://freereprintables.com Affected version: version 3.0.5 Fixed version: N/A Author: Tran Dinh Tien [email protected] & ITAS Team www.itas.vn ::DESCRITION:: - Vulnerabilities related to the upload ...

0.3AI score
Exploits0
securityvulns
securityvulns•added 2015/02/23 12:0 a.m.•24 views

LG On Screen Phone authentication bypass

Authentication is IP address based...

8.3CVSS2.1AI score0.10806EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2015/02/23 12:0 a.m.•23 views

liveMedia integer overflow

Integer overflow on RTSP parsing...

7.5CVSS5.7AI score0.03355EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/23 12:0 a.m.•46 views

ESA-2015-012: EMC Captiva Capture Sensitive Information Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-012: EMC Captiva Capture Sensitive Information Disclosure Vulnerability EMC Identifier: EMC-2015-012 CVE Identifier: CVE-2015-0519 Severity Rating: CVSS v2 Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C Affected products: • EMC Captiva Capture 7....

2.1CVSS0.7AI score0.0009EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•47 views

LibreOffice memory corruption

Memory corruption on RTF parsing...

7.5CVSS4.2AI score0.0327EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•206 views

Elasticsearch vulnerability CVE-2015-1427

Summary: Elasticsearch versions 1.3.0-1.3.7 and 1.4.0-1.4.2 have vulnerabilities in the Groovy scripting engine. The vulnerabilities allow an attacker to construct Groovy scripts that escape the sandbox and execute shell commands as the user running the Elasticsearch Java VM. We have been assigne...

7.5CVSS1.6AI score0.92326EPSS
Exploits19
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•68 views

Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher

Title:- XSS In Image-Metadata-Cruncher Author: Kaustubh G. Padwad Product: image-metadata-cruncher pluginURL:https://wordpress.org/plugins/image-metadata-cruncher/ Severity: Medium Auth: Requierd Description: Vulnerable Parameter: Alternate text: Caption: Custom image meta tags: Vulnerability...

6.4AI score
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•58 views

[USN-2503-1] Bind vulnerability

========================================================================== Ubuntu Security Notice USN-2503-1 February 18, 2015 bind9 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.4CVSS0.1AI score0.08661EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•51 views

CVE-2015-1574 - Google Email App 4.2.2 remote denial of service

Hello, Summary: A bug in the stock Google email application version 4.4.2.0200 has been found. An attacker can remotely perform an Denial Of Service attack by sending a specially crafted email. No interaction from the user is needed to produce the crash just receive the malicious email. The...

5CVSS1.8AI score0.01428EPSS
Exploits2
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•108 views

Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability

Document Title: =============== Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1355 Release Date: ============= 2015-02-09 Vulnerability Laboratory ID VL-ID: ==================================== 1355...

8.3AI score
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•91 views

Multiple Vulnerabilities in my little forum

Advisory ID: HTB23248 Product: my little forum Vendor: http://mylittleforum.net/ Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Advisory Publication: January 14, 2015 without technical details Vendor Notification: January 14, 2015 Vendor Patch: February 8, 2015 Public...

6.5CVSS0.3AI score0.00886EPSS
Exploits4
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•33 views

Netatmo Weather Station information leakage

Information leakage...

5CVSS1.5AI score0.01001EPSS
Exploits0References1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•38 views

Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability

============================================================ - Title: Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability - Vulnerable Version: 2.8.8 and probably prior -Tested Version:2.8.8 - Vendor Notification: 20 November 2014 - Vendor Patch: 20 November 2014 -Vulnerabili...

6.1AI score
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•103 views

UNIT4 Prosoft HRMS XSS Vulnerability

Vulnerability type: Cross-site Scripting Vendor: http://www.unit4.com/ Product: UNIT4 Prosoft HRMS Product site: http://www.unit4apac.com/products/prosofthrms Affected version: 8.14.230.47 Fixed version: 8.14.330.43 Credit: Jerold Hoong & Edric Teo PROOF OF CONCEPT The login page of UNIT4's Proso...

Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•125 views

PHP Code Execution in jui_filter_rules Parsing Library

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid [email protected] Description =========== juifilterrules1 is a jQuery plugin which allows users to generate a rulese...

0.3AI score
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•107 views

[USN-2501-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2501-1 February 17, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS1.7AI score0.8832EPSS
Exploits14
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•50 views

ISC bind named DoS

DNSSEC parsing assert...

5.4CVSS2.3AI score0.08661EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•66 views

[USN-2502-1] unzip vulnerabilities

========================================================================== Ubuntu Security Notice USN-2502-1 February 17, 2015 unzip vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.8AI score0.1061EPSS
Exploits2
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•107 views

Elasticsearch restrictions bypass

Sandbox restrictions bypass...

7.5CVSS2.2AI score0.92326EPSS
Exploits19References1Affected Software1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•60 views

[CVE-2015-1585] Fat Free CRM - CSRF Vulnerability in Version 0.13.5

CVE-2015-1585 Fat Free CRM - CSRF Vulnerability in Version 0.13.5 ---------------------------------------------------------------- Product Information: Software: Fat Free CRM Tested Version: 0.13.5, released 22.1.2015 with over 10.000 downloads Vulnerability Type: Cross-Site Request Forgery, CSRF...

6.8CVSS6.4AI score0.00287EPSS
Exploits3
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•94 views

[ MDVSA-2015:040 ] zarafa

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:040 http://www.mandriva.com/en/support/security/ Package : zarafa Date : February 10, 2015 Affected: Business Server 1.0 Problem Description: Updated zarafa packages fix security vulnerability: Robert Scheck...

5CVSS6.3AI score0.02161EPSS
Exploits1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•35 views

NetGear WNDR Authentication Bypass / Information Disclosure

NetGear WNDR Authentication Bypass / Information Disclosure Discovered by: ---- Peter Adkins [email protected] Access: ---- Local network; unauthenticated access. Remote network; unauthenticated access. Tracking and identifiers: ---- CVE - Mitre contacted; not yet allocated. Platforms...

7.7AI score
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•65 views

Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin

Advisory ID: HTB23249 Product: Easing Slider WordPress Plugin Vendor: Easing Slider Vulnerable Versions: 2.2.0.6 and probably prior Tested Version: 2.2.0.6 Advisory Publication: January 21, 2015 without technical details Vendor Notification: January 21, 2015 Vendor Patch: January 22, 2015 Public...

4.3CVSS6AI score0.00336EPSS
Exploits3
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•71 views

CVE-2015-1614 csrf/xss in in wordpress Plugin Image Metadata cruncher

Title: CSRF / Stored XSS Vulnerability in IMAGE-MEtadata-Cruncher Wordpress Plugin Author: Kaustubh G. Padwad CVE-ID : CVE-2015-1614 Plugin Homepage: https://wordpress.org/plugins/image-metadata-cruncher/ Severity: Medium Description: Vulnerable Parameter: Alternate text,Caption,Custom image meta...

6.8CVSS0.1AI score0.0014EPSS
Exploits2
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•75 views

[CVE-2015-1517] Piwigo - SQL Injection in Version 2.7.3

CVE-2015-1517 Piwigo - SQL Injection in Version 2.7.3 ---------------------------------------------------------------- Product Information: Software: Piwigo Tested Version: 2.7.3, released on 9 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link: http://piwigo.org/basics/downloads...

6CVSS0.3AI score0.01034EPSS
Exploits4
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•36 views

CVE-2015-1600 - Netatmo Weather Station Cleartext Password Leak

Summary During initial setup, the weather station will submit its complete configuration unencrypted to the manufacturer cloud service. This configuration includes confidential information like the user's Wifi password. The problem has been fixed by removing this configuration dump from current...

5CVSS2.5AI score0.01001EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•22 views

NetGear WNDR security vulnerabilities

Information leakage, authentication bypass...

2.4AI score
Exploits0References1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•161 views

Cosmoshop - XSS on Admin-Login Mask

author: l0om page: l0om.org date: 14.02.2015 Cosmoshop is a simple webshop designed for the german market. There is a simple XSS flaw at the admin-login panel in probably all cosmoshop versions. The admin login can be found at http://www.shop-site.de/cgi-bin/cosmoshop/admin/index.cgi This page wi...

0.1AI score
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•54 views

UnZip multiple security vulnerabilities

Few buffer overflows...

7.5CVSS2.6AI score0.58381EPSS
Exploits2References3Affected Software1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•53 views

[SECURITY] [DSA 3163-1] libreoffice security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3163-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 19, 2015 http://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.0327EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•98 views

[RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite

Advisory: Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite During a penetration test, RedTeam Pentesting discovered a Directory Traversal vulnerability in hybris Commerce software suite. This vulnerability allows attackers to download arbitrary files of any size...

5CVSS7.4AI score0.02272EPSS
Exploits3
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•27 views

Google mail application DoS

DoS on message parsing...

5CVSS3.1AI score0.01428EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns•added 2015/02/22 12:0 a.m.•79 views

PHP multiple security vulnerabilities

exifprocessunicode DoS, varunserializer.re code execution, information disclosure...

7.5CVSS1.4AI score0.87334EPSS
Exploits9References2Affected Software1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•35 views

[ MDVSA-2015:044 ] perl-Gtk2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:044 http://www.mandriva.com/en/support/security/ Package : perl-Gtk2 Date : February 12, 2015 Affected: Business Server 1.0 Problem Description: A vulnerability has been discovered and corrected in perl-Gtk2...

7.4AI score
Exploits0
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•42 views

libmspack / cabextract DoS

Infinite loop on extraction...

5CVSS2.3AI score0.01102EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•42 views

vlc multiple security vulnerabilities

Integer overflows, buffer overflows...

3.1AI score0.01634EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•42 views

dbus DoS

Incorrect errors handling...

1.9CVSS2.2AI score0.00092EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•54 views

Open-Xchange Security Advisory 2015-02-12

Product: Open-Xchange Server 6 / OX AppSuite Vendor: Open-Xchange GmbH Internal reference: 35889 Bug ID Vulnerability type: Information Exposure CWE-200 Vulnerable version: 7.6.1 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version:...

4CVSS2.4AI score0.00098EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•59 views

[SECURITY] [DSA 3161-1] dbus security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3161-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 11, 2015 http://www.debian.org/security/faq -...

1.9CVSS1.1AI score0.00092EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•54 views

[oCERT-2015-002] e2fsprogs input sanitization errors

2015-002 e2fsprogs input sanitization errors Description: The e2fsprogs package is a set of open source utilities for ext2, ext3 and ext4 filesytems. The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information...

4.6CVSS9.3AI score0.004EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•66 views

[SECURITY] [DSA 3160-1] xorg-server security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3160-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 11, 2015 http://www.debian.org/security/faq -...

6.4CVSS1.7AI score0.06422EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•23 views

perl-Gtk2 use-after-free

Gtk2::Gdk::Display::listdevices use-after-free...

0.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•38 views

X.Org information disclosure

XkbSetGeometry information disclosure and DoS...

6.4CVSS0.5AI score0.06422EPSS
Exploits0References1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•52 views

[ MDVSA-2015:041 ] cabextract

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:041 http://www.mandriva.com/en/support/security/ Package : cabextract Date : February 10, 2015 Affected: Business Server 1.0 Problem Description: Updated cabextract packages fix security vulnerability:...

5CVSS5.1AI score0.01102EPSS
Exploits1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•52 views

[SECURITY] [DSA 3150-1] vlc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3150-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 02, 2015 http://www.debian.org/security/faq -...

3.6AI score0.01634EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•36 views

Open-Xchange restrictions bypass

It's possible to bypass file sharing restrictions...

4CVSS2.2AI score0.00098EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•31 views

Cisco Secure Access Control System SQL injection

SQL injection via Web interface...

6.5CVSS4.2AI score0.00105EPSS
Exploits0Affected Software1
securityvulns
securityvulns•added 2015/02/16 12:0 a.m.•56 views

[ MDVSA-2015:045 ] e2fsprogs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:045 http://www.mandriva.com/en/support/security/ Package : e2fsprogs Date : February 12, 2015 Affected: Business Server 1.0 Problem Description: Updated e2fsprogs packages fix security vulnerability: The...

4.6CVSS9.4AI score0.004EPSS
Exploits0
Total number of security vulnerabilities47153