Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.64 views

[SECURITY] [DSA 3140-1] xen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3140-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2015 http://www.debian.org/security/faq -...

7.1CVSS2.5AI score0.01649EPSS
Exploits0
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.71 views

Apple Mac OS X multiple security vulnerabilities

Protection bypass, memory corruptions, buffer overflows, code execution, crossite access, information disclosure...

10CVSS3.2AI score0.93538EPSS
Exploits45References2Affected Software1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.47 views

FreeBSD Security Advisory FreeBSD-SA-15:03.sctp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:03.sctp Security Advisory The FreeBSD Project Topic: SCTP stream reset vulnerability Category: core Module: sctp Announced: 2015-01-27 Credits: Gerasimos...

7.8CVSS6.5AI score0.00693EPSS
Exploits0
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.141 views

Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities

Exploit Title: Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities Vendor: http://www.sefrengo.org/ Download link: http://forum.sefrengo.org/index.php?showtopic=3368 https://github.com/sefrengo-cms/sefrengo-1.x/tree/22c0d16bfd715631ed317cc99 0785ccede478f07 CVE ID: CVE-2015-1428...

7.5CVSS0.01412EPSS
Exploits5
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.30 views

Pexip Infinity static ssh keys

Static ssh key is used on nodes creation...

7.1CVSS1.6AI score0.00284EPSS
Exploits1References1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.84 views

APPLE-SA-2015-01-27-1 Apple TV 7.0.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-1 Apple TV 7.0.3 Apple TV 7.0.3 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem...

10CVSS0.2AI score0.21755EPSS
Exploits1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.63 views

[CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ FreeBSD Kernel Multiple Vulnerabilities 1. Advisory Information Title: FreeBSD Kernel Multiple Vulnerabilities Advisory ID: CORE-2015-0003 Advisory URL: http://www.coresecurity.com/content/freebsd-kernel-multiple-vulnerabilities...

7.2CVSS6.7AI score0.00851EPSS
Exploits6
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.113 views

WebKitGTK+ Security Advisory WSA-2015-0001

------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2015-0001 ------------------------------------------------------------------------ Date reported : January 26, 2015 Advisory ID : WSA-2015-0001 Advisory URL :...

10CVSS4.6AI score0.44818EPSS
Exploits12
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.85 views

Multiple vulnerabilities in MantisBT

Advisory ID: HTB23243 Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical details Vendor Notification: December 3, 2014 Vendor Patch: January 25, 2015 Public Disclosure: January 28,...

7.5CVSS0.3AI score0.00924EPSS
Exploits4
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.55 views

Apple iOS multiple security vulnerabilities

Protection bypass, memory corruptions, buffer overflows, code execution, crossite access...

10CVSS4.2AI score0.21755EPSS
Exploits2References1Affected Software1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.82 views

Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385

Information ------------ Advisory by Netsparker Name: XSS Vulnerability in Blubrry PowerPress Affected Software : Blubrry PowerPress Affected Versions: 6.0 and possibly below Vendor Homepage : https://wordpress.org/plugins/powerpress/ Vulnerability Type : Cross-site Scripting Severity : Important...

4.3CVSS6.8AI score0.00633EPSS
Exploits3
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.55 views

Apple Safari / Webkit multiple security vulnerabilities

URI spoofing, information leakage, memory corruptions...

6.8CVSS1.8AI score0.03317EPSS
Exploits0References3Affected Software1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.37 views

FreeBSD security vulnerabilities

Memory corruption, memory disclosure, DoS on SCTP handling...

7.8CVSS0.9AI score0.00693EPSS
Exploits5References3Affected Software1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.43 views

Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router

Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router Author: Kaustubh G. Padwad Product: ASUS Router RT-N10 Plus Firmware: 2.1.1.1.70 Severity: HIGH Auth: Not requierd Description: Vulnerable Parameter: flag= Vulnerability Class: Cross Site Scripting...

6AI score
Exploits0
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.39 views

CVE-2014-8779: SSH Host keys on Pexip Infinity

Summary ======= The operating system used by Pexip Infinity does not create unique SSH host keys on deployment of new Management and Conferencing Nodes, using fixed host keys instead. Host keys are used to verify the identity of the remote host when connecting to it over SSH. These keys are...

7.1CVSS0.2AI score0.00284EPSS
Exploits1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.69 views

[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8

CVE-2015-1394 Photo Gallery Wordpress Plugin - Multiple XSS Vulnerabilities Version 1.2.8 ---------------------------------------------------------------- Product Information: Software: Photo Gallery Wordpress Plugin Tested Version: 1.2.8, released on 15.01.2015 and has over half a million...

5.4AI score0.00246EPSS
Exploits4
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.77 views

Two XSS Vulnerabilities in SupportCenter Plus

Advisory ID: HTB23247 Product: SupportCenter Plus Vendor: Zoho Corp. Vulnerable Versions: 7.9 and probably prior Tested Version: 7.9 Advisory Publication: January 7, 2015 without technical details Vendor Notification: January 7, 2015 Vendor Patch: January 23, 2015 Public Disclosure: January 28,...

4.3CVSS5.9AI score0.00437EPSS
Exploits3
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.56 views

[CORE-2015-0002] - Android WiFi-Direct Denial of Service

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Android WiFi-Direct Denial of Service 1. Advisory Information Title: Android WiFi-Direct Denial of Service Advisory ID: CORE-2015-0002 Advisory URL: http://www.coresecurity.com/advisories/android-wifi-direct-denial-service Date...

5CVSS0.1AI score0.17257EPSS
Exploits5
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.51 views

Apple TV multiple security vulnerabilities

Protection bypass, memory corruptions, buffer overflows, code execution, crossite access...

10CVSS4.1AI score0.21755EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.50 views

Apple Safari / Webkit multiple security vulnerabilities

Multiple memory corruptions...

7.5CVSS1.9AI score0.017EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.52 views

NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2015-0002 Synopsis: VMware vSphere Data Protection product update addresses a certificate validation vulnerability. Issue date:...

4.3CVSS6.2AI score0.00143EPSS
Exploits0
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.104 views

APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001 OS X 10.10.2 and Security Update 2015-001 are now available and address the following: AFP Server Available for: OS X Mavericks v10.9.5 Impact: A remote attacker may be able to determine...

10CVSS0.6AI score0.93538EPSS
Exploits45
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.31 views

EMC Avamar certificate protection bypass

Insufficient certificate validation...

4.3CVSS3.3AI score0.00143EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.31 views

Apache Qpid security vulnerabilities

DoS, non-switchable anonymous access...

5CVSS2.8AI score0.5601EPSS
Exploits0References1
securityvulns
securityvulnsadded 2015/02/02 12:0 a.m.67 views

[SYSS-2014-012] FancyFon FAMOC - Session Fixation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-012 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Session Fixation CWE-384 Risk Level: Low Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date: 2015-01-...

6.8AI score
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.231 views

CVE-2015-1178-xss-x-cart-ecommerce

CVE-2015-1178-xss-x-cart-ecommerce Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in X-CART e-Commerce software Affected Software : X-Cart Affected Versions: 5.1.8 and possibly below Vendor Homepage : https://www.x-cart.com Vulnerability Type : Cross-site...

4.3CVSS0.5AI score0.00254EPSS
Exploits2
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.77 views

CVE-2015-1175-xss-prestashop

CVE-2015-1175-xss-prestashop Information ——————– Advisory by Octogence. Name: Reflected XSS Vulnerability in prestashop ecommerce software Affected Software : Prestashop Affected Versions: 1.6.0.9 and possibly below Vendor Homepage : https://www.prestashop.com/ Vulnerability Type : Cross-site...

4.3CVSS5.4AI score0.00256EPSS
Exploits3
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.34 views

Different iOS / Android applications vulnerabilities

Information leaks, code execution, protection bypass, etc...

3.8AI score
Exploits0References7Affected Software6
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.44 views

Remote Desktop v0.9.4 Android - Multiple Vulnerabilities

Document Title: =============== Remote Desktop v0.9.4 Android - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1413 Release Date: ============= 2015-01-20 Vulnerability Laboratory ID VL-ID: ====================================...

7.9AI score
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.49 views

PhotoSync v1.1.3 Android - Command Inject Vulnerability

Document Title: =============== PhotoSync v1.1.3 Android - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1410 Release Date: ============= 2015-01-21 Vulnerability Laboratory ID VL-ID: ==================================== 14...

1.1AI score
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.48 views

AVM FRITZ!Box protection bypass

Image integrity protection bypass...

9.3CVSS2.6AI score0.00139EPSS
Exploits3References1
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.68 views

Program-O v2.4.6 - Multiple Web Vulnerabilities

Document Title: =============== Program-O v2.4.6 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1414 Release Date: ============= 2015-01-21 Vulnerability Laboratory ID VL-ID: ==================================== 1414 Commo...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.72 views

ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-004: EMC M&R Watch4Net Multiple Vulnerabilities EMC Identifier: ESA-2015-004 CVE Identifier: CVE-2015-0513, CVE-2015-0514, CVE-2015-0515, CVE-2015-0516, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6468,...

10CVSS0.6AI score0.57272EPSS
Exploits24
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.40 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.6AI score0.00305EPSS
Exploits14References13Affected Software10
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.70 views

[USN-2481-1] Samba vulnerability

========================================================================== Ubuntu Security Notice USN-2481-1 January 22, 2015 samba vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

8.5CVSS0.6AI score0.04898EPSS
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.41 views

elfutils directory traversal

Directory traversal on ar extraction...

6.4CVSS3.9AI score0.03517EPSS
Exploits0References1
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.54 views

[oCERT-2015-001] JasPer input sanitization errors

2015-001 JasPer input sanitization errors Description: The JasPer project is an open source implementation for the JPEG-2000 codec. The library is affected by an off-by-one error in a buffer boundary check in jpcdecprocesssot, leading to a heap based buffer overflow, as well as multiple...

7.5CVSS0.6AI score0.05821EPSS
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.57 views

SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP

SEC Consult Vulnerability Lab Security Advisory 20150122-0 ======================================================================= title: Multiple critical vulnerabilities products: Symantec Data Center Security: Server Advanced SDCS:SA Symantec Critical System Protection SCSP vulnerable version:...

7.2CVSS1.9AI score0.10119EPSS
Exploits4
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.46 views

Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP security vulnerabilities

SQL injections, crossite scripting, information disclosure, protection bypass...

7.2CVSS1.8AI score0.10119EPSS
Exploits4References1Affected Software1
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.42 views

jasper library multiple security vulnerabilities

Buffer overflows in jpcdeccpsetfromcox and jpcdeccpsetfromrgn functions, double free, heap buffer overflow...

7.5CVSS2.2AI score0.32606EPSS
Exploits0References3Affected Software1
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.87 views

REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability

================================================================================ REWTERZ-20140102 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk Plus User Enumeration Vulnerability Product: ServiceDesk...

0.2AI score
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.48 views

CVE-2015-1176-xss-osticket

CVE-2015-1176-xss-osticket Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in osTicket Ticket system Affected Software : osTicket Affected Versions: 1.9.4 and possibly below Vendor Homepage : http://osticket.com/ Vulnerability Type : Cross-site Scripting...

4.3CVSS6.1AI score0.00305EPSS
Exploits2
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.48 views

[SECURITY] [DSA 3134-1] sympa security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3134-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 20, 2015 http://www.debian.org/security/faq -...

1.3AI score
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.71 views

CVE-2015-1180-xss-eventsentry

CVE-2015-1180-xss-eventsentry Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in EventSentry Web Reports Interface Affected Software : EventSentry Affected Versions: 3.1.0 and possibly below Vendor Homepage : http://eventsentry.com/ Vulnerability Type :...

4.3CVSS5.5AI score0.00225EPSS
Exploits2
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.54 views

CVE-2015-1179-xss-mango-automation-scada

CVE-2015-1179-xss-mango-automation-scada Information ----------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in Mango Automation SCADA/HMI software Affected Software : Mango Automation Affected Versions: 2.4.0 and possibly below Vendor Homepage : http://infiniteautomation.com/...

4.3CVSS0.3AI score0.00225EPSS
Exploits2
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.51 views

[SECURITY] [DSA 3133-1] privoxy security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3133-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 20, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.4AI score0.00659EPSS
Exploits0
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.31 views

Samba privilege escalation

Active Directory user can get UFSERVERTRUSTACCOUNT bit...

8.5CVSS2.9AI score0.04898EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.57 views

CVE-2015-1032 Kiwix Cross-Site Scripting Vulnerability

CVE-2015-1032 A cross-site scripting vulnerability in the "Kiwix" zim file reader was discovered by Emmanuel Engelhart on 31 October 2014, and was reported on Sourceforge here: http://sourceforge.net/p/kiwix/bugs/763/ This vulnerability does not affect most users of the program, only those using...

4.3CVSS0.4AI score0.00256EPSS
Exploits1
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.60 views

CVE-2015-1177-xss-exponent

CVE-2015-1177-xss-exponent Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in Exponent CMS Affected Software : Exponent Affected Versions: 2.3.2 and possibly below Vendor Homepage : http://www.exponentcms.org/ Vulnerability Type : Cross-site Scripting Severit...

4.3CVSS6.2AI score0.0028EPSS
Exploits2
securityvulns
securityvulnsadded 2015/01/25 12:0 a.m.153 views

Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities

Over 150 vulnerabilities in different applications are closed in auqrterly update...

10CVSS2.3AI score0.93538EPSS
Exploits75Affected Software46
Total number of security vulnerabilities47153