Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•52 views

Microsoft Office multiple security vulnerabilities

Code execution, use-after-free...

9.3CVSS2.4AI score0.30325EPSS
Exploits2Affected Software2
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•97 views

Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072)

Cookie hijacking: Internet Explorer UXSS CVE-2015-0072 Host below files on webserver attacker.com and share the exploit link with victims, exploit.php --- exploit link Share with victim redirect.php --- Script to redirect on target page target page should not contain X-Frame-Options or it will fa...

4.3CVSS5.8AI score0.71698EPSS
Exploits5
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•98 views

Microsoft Windows multiple security vulnerabilities

Multiple Internet Explorer memory corruptions, kernel privilege escalation, group policies code execution and restrictions bypass, process creation privilege escalation, TIFF parsing information leakage...

9.3CVSS5.6AI score0.71698EPSS
Exploits26References2Affected Software1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•60 views

PostgreSQL multiple security vulnerabilities

Memory corruptions, information leakage, SQL injections...

2AI score0.05533EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•40 views

Microsoft Virtual Machine Manager privilege escalation

Insufficient users role checking...

6.9CVSS4.2AI score0.01642EPSS
Exploits0Affected Software1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•44 views

ClamAV memory corruptions

No description provided...

7.5CVSS2.2AI score0.03234EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•40 views

libvirt information disclosure

It's possible to manipulate VIRDOMAINXMLSECURE flag...

3.5CVSS1.1AI score0.01802EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•57 views

Major Internet Explorer Vulnerability - NOT Patched

Deusen just published code and description here: http://www.deusen.co.uk/items/insider3show.3362009741042107/ which demonstrates the serious security issue. Summary An Internet Explorer vulnerability is shown here: Content of dailymail.co.uk can be changed by external domain. How To Use 1. Close...

Exploits0
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•94 views

[USN-2497-1] NTP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2497-1 February 09, 2015 ntp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Exploits0
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•98 views

[SECURITY] [DSA 3155-1] postgresql-9.1 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3155-1 [email protected] http://www.debian.org/security/ Luciano Bello February 06, 2015 http://www.debian.org/security/faq -...

1.4AI score0.05533EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•61 views

[ MDVSA-2015:035 ] libvirt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:035 http://www.mandriva.com/en/support/security/ Package : libvirt Date : February 6, 2015 Affected: Business Server 1.0 Problem Description: Updated libvirt packages fix security vulnerability: The XML...

3.5CVSS6.5AI score0.01802EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•110 views

[ MDVSA-2015:032 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:032 http://www.mandriva.com/en/support/security/ Package : php Date : February 5, 2015 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in php:...

7.5CVSS9.2AI score0.53166EPSS
Exploits12
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•74 views

[SECURITY] [DSA 3152-1] unzip security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3152-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 03, 2015 http://www.debian.org/security/faq -...

5CVSS1.8AI score0.11562EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•64 views

CVE-2015-1437 XSS In ASUS Router.

Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router Author: Kaustubh G. Padwad Product: ASUS Router RT-N10 Plus Firmware: 2.1.1.1.70 Severity: HIGH Auth: Not requierd CVE ID: CVE-2015-1437 Description: Vulnerable Parameter: flag= Vulnerability Class: Cross Site Scripting...

4.3CVSS5.5AI score0.02146EPSS
Exploits1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•41 views

Asus RT routers unauthorized access

Full anonymous access is allowed be default. Authentication bypass. Crossite scripting...

4.3CVSS4.6AI score0.02146EPSS
Exploits1References5
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•55 views

[ MDVSA-2015:042 ] clamav

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:042 http://www.mandriva.com/en/support/security/ Package : clamav Date : February 10, 2015 Affected: Business Server 1.0 Problem Description: Updated clamav packages fix security vulnerabilities: ClamAV 0.98...

7.5CVSS6AI score0.03234EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•45 views

MIT Kerberos 5 multiple security vulnerabilities

Information leakage, double free...

9CVSS2.2AI score0.06213EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•90 views

MITKRB5-SA-2015-001 Vulnerabilities in kadmind, libgssrpc, gss_process_context_token

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2015-001 MIT krb5 Security Advisory 2015-001 Original release: 2015-02-03 Last update: 2015-02-03 Topic: Vulnerabilities in kadmind, libgssrpc, gssprocesscontexttoken VU540092 CVE-2014-5352: gssprocesscontexttoken incorrectly frees context...

9CVSS8.5AI score0.06213EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•63 views

ntpd multiple security vulnerabilities

Authentication bypass, buffer overflow, information leakage, restrictions bypass...

7.5CVSS2.9AI score0.7809EPSS
Exploits4References5Affected Software1
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•77 views

[ MDVSA-2015:031 ] busybox

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:031 http://www.mandriva.com/en/support/security/ Package : busybox Date : February 5, 2015 Affected: Business Server 1.0 Problem Description: Updated busybox packages fix security vulnerability: The modprobe...

2.1CVSS6.9AI score0.00635EPSS
Exploits2
securityvulns
securityvulns•added 2015/02/11 12:0 a.m.•67 views

busybox restrictions bypass

Modules loading restrictions bypass...

2.1CVSS2AI score0.00635EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•52 views

Apple TV multiple security vulnerabilities

Protection bypass, memory corruptions, buffer overflows, code execution, crossite access...

10CVSS4.1AI score0.19725EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•32 views

Android DoS

WiFi direct function DoS...

5CVSS2.3AI score0.064EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•118 views

[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-011 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date:...

6.2AI score
Exploits0
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•107 views

APPLE-SA-2015-01-27-2 iOS 8.1.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-2 iOS 8.1.3 iOS 8.1.3 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow acce...

10CVSS0.5AI score0.19725EPSS
Exploits2
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•145 views

Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities

Exploit Title: Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities Vendor: http://www.sefrengo.org/ Download link: http://forum.sefrengo.org/index.php?showtopic=3368 https://github.com/sefrengo-cms/sefrengo-1.x/tree/22c0d16bfd715631ed317cc99 0785ccede478f07 CVE ID: CVE-2015-1428...

7.5CVSS0.02789EPSS
Exploits5
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•46 views

Xen DoS

Invalid page reference handling...

7.1CVSS1.2AI score0.02197EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•38 views

Asterisk DoS

Crash on empty WebSocket frame. File descriptor leak on incompatible codecs...

5CVSS1.5AI score0.09525EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•71 views

FreeBSD Security Advisory FreeBSD-SA-15:02.kmem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:02.kmem Security Advisory The FreeBSD Project Topic: SCTP SCTPSSVALUE kernel memory corruption and disclosure Category: core Module: sctp Announced: 2015-01-...

4.6CVSS6.3AI score0.00896EPSS
Exploits5
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•31 views

Apache Qpid security vulnerabilities

DoS, non-switchable anonymous access...

5CVSS2.8AI score0.15119EPSS
Exploits0References1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•30 views

VMware vSphere Data Protection certificate validation bypass

Insufficient server certificate validation...

4.3CVSS3AI score0.0062EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•29 views

EMC Unisphere Central open redirect

Open redirect in web interface...

5.8CVSS1.6AI score0.01803EPSS
Exploits0References1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•55 views

Apple Safari / Webkit multiple security vulnerabilities

URI spoofing, information leakage, memory corruptions...

6.8CVSS1.8AI score0.02762EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•31 views

EMC Avamar certificate protection bypass

Insufficient certificate validation...

4.3CVSS3.3AI score0.0062EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•58 views

NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2015-0002 Synopsis: VMware vSphere Data Protection product update addresses a certificate validation vulnerability. Issue date:...

4.3CVSS6.2AI score0.0062EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•44 views

Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router

Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router Author: Kaustubh G. Padwad Product: ASUS Router RT-N10 Plus Firmware: 2.1.1.1.70 Severity: HIGH Auth: Not requierd Description: Vulnerable Parameter: flag= Vulnerability Class: Cross Site Scripting...

6AI score
Exploits0
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•91 views

Microweber 0.95 - SQL Injection Vulnerability

Exploit Title: Microweber 0.95 - SQL Injection Vulnerability Vendor: https://microweber.com/ Download link: https://microweber.com/download https://github.com/microweber/microweber CVE ID: CVE-2014-9464 Vulnerability: SQL Injection Affected version: Version 0.95 before 12/09/2014. Fixed version:...

7.5CVSS0.1AI score0.02082EPSS
Exploits5
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•86 views

Multiple vulnerabilities in MantisBT

Advisory ID: HTB23243 Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical details Vendor Notification: December 3, 2014 Vendor Patch: January 25, 2015 Public Disclosure: January 28,...

7.5CVSS0.3AI score0.02485EPSS
Exploits4
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•93 views

APPLE-SA-2015-01-27-1 Apple TV 7.0.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-1 Apple TV 7.0.3 Apple TV 7.0.3 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem...

10CVSS0.2AI score0.19725EPSS
Exploits1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•59 views

CVE-2015-0224: qpidd can be crashed by unauthenticated user

Apache Software Foundation - Security Advisory qpidd can be crashed by unauthenticated user CVE-2015-0224 CVS: 7.8 Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache Qpid's qpidd up to and including version 0.30 Description: In CVE-2015-0203 it was announced that...

5CVSS0.15119EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•51 views

ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability EMC Identifier: ESA-2015-006 CVE Identifier: CVE-2014-4632 Severity Rating: CVSSv2 Base Score: 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C Affected products: • EMC Avamar Data Store ADS and Avam...

4.3CVSS0.8AI score0.0062EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•45 views

CVE-2014-8779: SSH Host keys on Pexip Infinity

Summary ======= The operating system used by Pexip Infinity does not create unique SSH host keys on deployment of new Management and Conferencing Nodes, using fixed host keys instead. Host keys are used to verify the identity of the remote host when connecting to it over SSH. These keys are...

7.1CVSS0.2AI score0.01406EPSS
Exploits1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•78 views

[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8

CVE-2015-1393 Photo Gallery Wordpress Plugin - SQL Injection in Version 1.2.8 ---------------------------------------------------------------- Product Information: Software: Photo Gallery Wordpress Plugin Tested Version: 1.2.8, released on 15.01.2015 and has over half a million downloads...

6.5CVSS7.2AI score0.01655EPSS
Exploits3
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•80 views

KL-001-2015-001 : Windows 2003 tcpip.sys Privilege Escalation

KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-001 Publication Date: 2015.01.28 Publication URL:...

7.2CVSS8.3AI score0.22666EPSS
Exploits12
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•115 views

[SYSS-2014-010] FancyFon FAMOC - SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-010 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date: 2015-01-23...

Exploits0
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•75 views

[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability

OS X Gatekeeper Bypass Vulnerability Amplia Security - Amplia Security Research Advisory AMPLIA-ARA100614 Advisory ID: AMPLIA-ARA100614 Advisory URL: http://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html, http://www.ampliasecurity.com/advisories/AMPLIA-ARA100614.txt...

5CVSS0.08722EPSS
Exploits6
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•56 views

Apple iOS multiple security vulnerabilities

Protection bypass, memory corruptions, buffer overflows, code execution, crossite access...

10CVSS4.2AI score0.19725EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•67 views

[SECURITY] [DSA 3140-1] xen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3140-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2015 http://www.debian.org/security/faq -...

7.1CVSS2.5AI score0.02221EPSS
Exploits0
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•72 views

[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8

CVE-2015-1394 Photo Gallery Wordpress Plugin - Multiple XSS Vulnerabilities Version 1.2.8 ---------------------------------------------------------------- Product Information: Software: Photo Gallery Wordpress Plugin Tested Version: 1.2.8, released on 15.01.2015 and has over half a million...

5.4AI score0.02331EPSS
Exploits4
securityvulns
securityvulns•added 2015/02/02 12:0 a.m.•179 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.02789EPSS
Exploits28References13Affected Software7
Total number of security vulnerabilities47153