Securityvulns - Page 32 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/01/25 12:0 a.m.•239 views

CVE-2015-1178-xss-x-cart-ecommerce

CVE-2015-1178-xss-x-cart-ecommerce Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in X-CART e-Commerce software Affected Software : X-Cart Affected Versions: 5.1.8 and possibly below Vendor Homepage : https://www.x-cart.com Vulnerability Type : Cross-site...

4.3CVSS0.5AI score0.01892EPSS

securityvulns•added 2015/01/25 12:0 a.m.•81 views

ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-004: EMC M&R Watch4Net Multiple Vulnerabilities EMC Identifier: ESA-2015-004 CVE Identifier: CVE-2015-0513, CVE-2015-0514, CVE-2015-0515, CVE-2015-0516, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6468,...

10CVSS0.6AI score0.7809EPSS

securityvulns•added 2015/01/25 12:0 a.m.•44 views

jasper library multiple security vulnerabilities

Buffer overflows in jpcdeccpsetfromcox and jpcdeccpsetfromrgn functions, double free, heap buffer overflow...

7.5CVSS2.2AI score0.18501EPSS

Exploits0References3Affected Software1

securityvulns•added 2015/01/25 12:0 a.m.•41 views

elfutils directory traversal

Directory traversal on ar extraction...

6.4CVSS3.9AI score0.05018EPSS

Exploits0References1

securityvulns•added 2015/01/25 12:0 a.m.•56 views

CVE-2015-1176-xss-osticket

CVE-2015-1176-xss-osticket Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in osTicket Ticket system Affected Software : osTicket Affected Versions: 1.9.4 and possibly below Vendor Homepage : http://osticket.com/ Vulnerability Type : Cross-site Scripting...

4.3CVSS6.1AI score0.01892EPSS

securityvulns•added 2015/01/25 12:0 a.m.•153 views

Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities

Over 150 vulnerabilities in different applications are closed in auqrterly update...

10CVSS2.3AI score0.99999EPSS

Exploits75Affected Software46

securityvulns•added 2015/01/19 12:0 a.m.•88 views

SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower

SEC Consult Vulnerability Lab Security Advisory 20150113-1 ======================================================================= title: Privilege Escalation & XSS & Missing Authentication product: Ansible Tower vulnerable version: =2.0.2 fixed version: =2.0.5 impact: high homepage:...

securityvulns•added 2015/01/19 12:0 a.m.•65 views

[SECURITY] [DSA 3124-1] otrs2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3124-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 10, 2015 http://www.debian.org/security/faq -...

6CVSS2AI score0.01778EPSS

securityvulns•added 2015/01/19 12:0 a.m.•60 views

Microsoft Windows multiple security vulnerabilities

Application Compatibility Cache privilege escalation, telnet service buffer overflow, User Profile Service privilege escalation, TS WebProxy directory traversal, Network Location Awareness Service restrictions bypass, Windows Error Reporting restrictions bypass, WebDAV driver privilege escalation...

10CVSS3.2AI score0.96893EPSS

Exploits11Affected Software1

securityvulns•added 2015/01/19 12:0 a.m.•75 views

Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability

Document Title: =============== Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1356 Release Date: ============= 2015-01-14 Vulnerability Laboratory ID VL-ID: ==================================== 13...

securityvulns•added 2015/01/19 12:0 a.m.•66 views

[USN-2473-1] coreutils vulnerabilities

========================================================================== Ubuntu Security Notice USN-2473-1 January 14, 2015 coreutils vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

7.5CVSS0.4AI score0.07087EPSS

securityvulns•added 2015/01/19 12:0 a.m.•119 views

Sitefinity Enterprise v7.2.53 - Persistent Vulnerability

Document Title: =============== Sitefinity Enterprise v7.2.53 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1369 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID VL-ID: ====================================...

securityvulns•added 2015/01/19 12:0 a.m.•35 views

Microsoft Network Policy Server DoS

Crash on username processing in RADIUS request...

7.8CVSS1.5AI score0.78735EPSS

securityvulns•added 2015/01/19 12:0 a.m.•111 views

Two XSS vulnerabilities in Simple Security WordPress Plugin

Advisory ID: HTB23244 Product: Simple Security WordPress Plugin Vendor: MyWebsiteAdvisor Vulnerable Versions: 1.1.5 and probably prior Tested Version: 1.1.5 Advisory Publication: December 17, 2014 without technical details Vendor Notification: December 17, 2014 Public Disclosure: January 14, 2015...

4.3CVSS0.1AI score0.01618EPSS

securityvulns•added 2015/01/19 12:0 a.m.•40 views

GNU coreutils memory corruption

Memory corruption in date and touch on date parsing...

7.5CVSS3.2AI score0.07087EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/01/19 12:0 a.m.•40 views

cgmanager information disclosure

Invalid nested groups processing...

2.1CVSS1.5AI score0.00355EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/01/19 12:0 a.m.•22 views

gtk+ protection bypass

Screen lock bypass...

Exploits0References1

securityvulns•added 2015/01/19 12:0 a.m.•51 views

CatBot v0.4.2 (PHP) - SQL Injection Vulnerability

Document Title: =============== CatBot v0.4.2 PHP - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1408 Release Date: ============= 2015-01-15 Vulnerability Laboratory ID VL-ID: ==================================== 1408 Commo...

securityvulns•added 2015/01/19 12:0 a.m.•52 views

[USN-2451-1] cgmanager vulnerability

========================================================================== Ubuntu Security Notice USN-2451-1 January 06, 2015 cgmanager vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

2.1CVSS0.4AI score0.00355EPSS

securityvulns•added 2015/01/19 12:0 a.m.•49 views

[ MDVSA-2015:006 ] mediawiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:006 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : January 8, 2015 Affected: Business Server 1.0 Problem Description: Updated mediawiki packages fix security vulnerabilities: In...

securityvulns•added 2015/01/19 12:0 a.m.•52 views

[SECURITY] [DSA 3131-1] xdg-utils security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3131-1 [email protected] http://www.debian.org/security/ Michael Gilbert January 18, 2015 http://www.debian.org/security/faq -...

6.8CVSS1.8AI score0.03256EPSS

securityvulns•added 2015/01/19 12:0 a.m.•88 views

[RT-SA-2014-015] Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0

Advisory: Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0 RedTeam Pentesting discovered a cross-site scripting XSS vulnerability in the Tapatalk plugin for the WoltLab Burning Board forum software, which allows attackers to inject arbitrary JavaScript code via URL parameters...

4.3CVSS5.5AI score0.01221EPSS

securityvulns•added 2015/01/19 12:0 a.m.•40 views

[USN-2475-1] GTK+ update

========================================================================== Ubuntu Security Notice USN-2475-1 January 15, 2015 gtk+3.0 update ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

securityvulns•added 2015/01/19 12:0 a.m.•70 views

Brother MFC Administration Reflected Cross-Site Scripting

Class Cross-Site Scripting Remote Yes Disclosed 9th October 2014 Published 7th January 2015 Credit Dave Daly of Dionach [email protected] Confirmed Vulnerable Brother MFC-J4410DW with F/W Versions J and K The printer administration web application on Brother MFC-J4410DW model printers with firmwa...

securityvulns•added 2015/01/19 12:0 a.m.•128 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.39427EPSS

Exploits19References14Affected Software12

securityvulns•added 2015/01/19 12:0 a.m.•54 views

Brother printing devices crossite scripting

Crossite cripting in web interface...

Exploits0References1

securityvulns•added 2015/01/19 12:0 a.m.•115 views

[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360

Hi, This is part 11 of the ManageOwnage series. For previous parts, see 1. This time we have two remote code execution via file upload and directory traversal on several ManageEngine products - Service Desk Plus, Asset Explorer, Support Center and IT360. The first vulnerability can only be...

9CVSS0.7AI score0.78378EPSS

securityvulns•added 2015/01/19 12:0 a.m.•38 views

libsndfile out-of-bounds read

sd2parsersrcfork out-of band read and devision by zero...

10CVSS2.4AI score0.00586EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/01/19 12:0 a.m.•73 views

[USN-2469-1] Django vulnerabilities

========================================================================== Ubuntu Security Notice USN-2469-1 January 13, 2015 python-django vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

5CVSS0.4AI score0.06783EPSS

securityvulns•added 2015/01/19 12:0 a.m.•88 views

Alienvault OSSIM/USM Command Execution Vulnerability

Details ======= Product: Alienvault OSSIM/USM Vulnerability: Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: =4.14.X Fixed Version: 4.15.0 Summary ======= Alienvault OSSIM is an open source SIEM solution designed to collect and correlate log data. T...

securityvulns•added 2015/01/19 12:0 a.m.•63 views

Adobe Flash Player multiple security vulnerabilities

typejacking, code execution, memory corruptions, buffer overflows, information disclosure...

10CVSS2.4AI score0.08742EPSS

Exploits0Affected Software1

securityvulns•added 2015/01/19 12:0 a.m.•67 views

Blitz CMS Community - SQL Injection Web Vulnerability

Document Title: =============== Blitz CMS Community - SQL Injection Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1403 Release Date: ============= 2015-01-12 Vulnerability Laboratory ID VL-ID: ==================================== 1402...

securityvulns•added 2015/01/19 12:0 a.m.•45 views

[ MDVSA-2015:024 ] libsndfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:024 http://www.mandriva.com/en/support/security/ Package : libsndfile Date : January 15, 2015 Affected: Business Server 1.0 Problem Description: Updated libsndfile packages fix security vulnerabilities:...

10CVSS7.1AI score0.00586EPSS

securityvulns•added 2015/01/19 12:0 a.m.•42 views

[ MDVSA-2015:025 ] mpfr

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:025 http://www.mandriva.com/en/support/security/ Package : mpfr Date : January 15, 2015 Affected: Business Server 1.0 Problem Description: Updated mpfr packages fix security vulnerability: A buffer overflow...

7.5CVSS9.6AI score0.0429EPSS

securityvulns•added 2015/01/19 12:0 a.m.•67 views

Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities

Vulnerability title: Wordpress plugin Pods = 2.4.3 XSS and CSRF vulnerabilities vulnerabilities Author: Pietro Oliva CVE: CVE-2014-7956, CVE-2014-7957 Product: pods Affected version: pods = 2.4.3 Vulnerabilities fixed in version: 2.5 XSS vulnerability CVE-2014-7956, authentication is needed:...

6.8CVSS0.4AI score0.02041EPSS

securityvulns•added 2015/01/19 12:0 a.m.•94 views

[SECURITY] [DSA 3120-1] mantis security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3120-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 06, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.7AI score0.51609EPSS

securityvulns•added 2015/01/19 12:0 a.m.•38 views

mpfr buffer overflow

Buffer overflow in mpnsetstr...

7.5CVSS3.7AI score0.0429EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/01/19 12:0 a.m.•359 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Memory corruptions, headers injection, restrictions bypass...

7.5CVSS3AI score0.65657EPSS

Exploits4Affected Software3

securityvulns•added 2015/01/18 12:0 a.m.•44 views

File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities

Document Title: =============== File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1403 Release Date: ============= 2015-01-15 Vulnerability Laboratory ID VL-ID: ==================================== 1403...

securityvulns•added 2015/01/18 12:0 a.m.•32 views

libvirt / qemu DoS

Deadlocks...

2.1CVSS1.9AI score0.00394EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/01/18 12:0 a.m.•49 views

[ MDVSA-2015:023 ] libvirt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:023 http://www.mandriva.com/en/support/security/ Package : libvirt Date : January 15, 2015 Affected: Business Server 1.0 Problem Description: Updated libvirt packages fix security vulnerability: The...

2.1CVSS7.5AI score0.00394EPSS

securityvulns•added 2015/01/18 12:0 a.m.•58 views

VeryPhoto v3.0 iOS - Command Injection Vulnerability

Document Title: =============== VeryPhoto v3.0 iOS - Command Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1401 Release Date: ============= 2015-01-13 Vulnerability Laboratory ID VL-ID: ==================================== 1401...

securityvulns•added 2015/01/18 12:0 a.m.•40 views

WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability

Document Title: =============== WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1406 Release Date: ============= 2015-01-14 Vulnerability Laboratory ID VL-ID: ===================================...

securityvulns•added 2015/01/18 12:0 a.m.•40 views

Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1400 Release Date: ============= 2015-01-12 Vulnerability Laboratory ID VL-ID: ====================================...

securityvulns•added 2015/01/18 12:0 a.m.•124 views

[ MDVSA-2015:027 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:027 http://www.mandriva.com/en/support/security/ Package : kernel Date : January 16, 2015 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been found and corrected in the Linux...

7.8CVSS8.5AI score0.06167EPSS

securityvulns•added 2015/01/18 12:0 a.m.•69 views

Linux kernel multiple security vulnerabilities

Protection bypass, privilege escalation, DoS...

7.2CVSS2.9AI score0.01504EPSS

Exploits9References1Affected Software1

securityvulns•added 2015/01/14 12:0 a.m.•651 views

Kodi / XBMC crossite scripting

Crossite scripting in web interface...

Exploits0References1Affected Software1

securityvulns•added 2015/01/14 12:0 a.m.•54 views

Microsoft Office multiple security vulnerabilities

Memory corruptions, index overflows, use-after-free, uninitialized pointers...

9.3CVSS4.8AI score0.19378EPSS

Exploits0Affected Software1

securityvulns•added 2015/01/14 12:0 a.m.•51 views

[Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager

Edit: Corrected the date in the timeline from 01/12/14 to 01/12/15. Details ======= Product: F5 BIG-IP Application Security Manager ASM Vulnerability: Cross Site Scripting Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Confirmed 11.4.0, 11.4.1. Likely 11.4.x-11.5.x...

securityvulns•added 2015/01/14 12:0 a.m.•32 views

Apache qpid DoS

Multiple asserts...

4CVSS1.3AI score0.08857EPSS

Exploits0References1

Total number of security vulnerabilities47153