Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.55 views

[SECURITY] [DSA 3102-1] libyaml security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3102-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...

5CVSS1AI score0.13195EPSS
Exploits1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.43 views

Apple Xcode git client unauthorized files access

Invali processing of characters case in special files names...

4.4AI score0.63178EPSS
Exploits5References1Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.38 views

GParted code execution

Commands injections...

7.2CVSS3AI score0.01113EPSS
Exploits5References1Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.50 views

[oCERT-2014-012] JasPer input sanitization errors

2014-012 JasPer input sanitization errors Description: The JasPer project is an open source implementation for the JPEG-2000 codec. The library is affected by a double-free vulnerability in function jasiccattrvaldestroy as well as a heap-based buffer overflow in function jp2decode. A specially...

7.5CVSS0.2AI score0.18501EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.68 views

secuvera-SA-2014-01: Reflected XSS in W3 Total Cache

secuvera-SA-2014-01: Reflected XSS in W3 Total Cache Affected Products W3 Total Cache 0.9.4 older releases have not been tested "The only WordPress Performance Optimization WPO framework; designed to improve user experience and page speed. .. W3 Total Cache improves the user experience of your si...

4.3CVSS5.2AI score0.02055EPSS
Exploits2
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.32 views

HP OpenVMS POP3 DoS

No description provided...

5CVSS0.5AI score0.02324EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.34 views

c-icap DoS

Few different DoS conditions...

5CVSS1.2AI score0.02817EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.47 views

[SECURITY] [DSA 3101-1] c-icap security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3101-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...

5CVSS2AI score0.02817EPSS
Exploits1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.31 views

SAP applications multiple security vulnerabilities

Unauthorized access, crossite scripting, backdoor account, authentication bypass, unencrypted password transfer...

9CVSS3AI score0.03641EPSS
Exploits0References18
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.45 views

Docker multiple security vulnerabilities

Symbolic links vulnerability, directory traversal, privilege escalation...

10CVSS3.3AI score0.06452EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.85 views

CVE-2014-9215 - SQL Injection in PBBoard CMS

Vulnerability title: SQL Injection in PBBoard CMS CVE: CVE-2014-9215 CMS: PBBoard Vendor: Power bulletin board - http://www.pbboard.info/ Product: http://sourceforge.net/projects/pbboard/files/PBBoardv3.0.1/PBBoardv3.0.1.zip/download Affected version: Version 3.0.1 updated on 13/09/2014 and befor...

7.5CVSS7.5AI score0.02333EPSS
Exploits6
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.88 views

[ MDVSA-2014:253 ] apache-mod_wsgi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:253 http://www.mandriva.com/en/support/security/ Package : apache-modwsgi Date : December 15, 2014 Affected: Business Server 1.0 Problem Description: Updated apache-modwsgi package fixes security...

6.9CVSS6.4AI score0.00403EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.30 views

CA LISA Release Automation multiple security vulnerabilities

XSS, CSRF, SQL injection...

6.8CVSS2.8AI score0.01805EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.45 views

SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted

SEC Consult Vulnerability Lab Security Advisory 20141218-1 ======================================================================= title: OS Command Execution product: GParted - Gnome Partition Editor vulnerable version: =0.14.1 fixed version: =0.15.0, =0.14.1 with fix for CVE-2014-7208 applied C...

7.2CVSS0.1AI score0.01113EPSS
Exploits5
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.241 views

[ MDVSA-2014:252 ] nss

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:252 http://www.mandriva.com/en/support/security/ Package : nss Date : December 15, 2014 Affected: Business Server 1.0 Problem Description: Updated nss packages fix security vulnerabilities: In the QuickDER...

7.5CVSS4.7AI score0.99999EPSS
Exploits11
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.62 views

Mozilla nss information leakage

Information leakage in QuickDER decoder...

7.5CVSS2.5AI score0.99999EPSS
Exploits11References1Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.91 views

Morfy CMS v1.05 - Command Execution Vulnerability

Document Title: =============== Morfy CMS v1.05 - Command Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1367 https://github.com/Awilum/monstra-cms/issues/351 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9185 CVE-ID:...

6.5CVSS0.2AI score0.02119EPSS
Exploits4
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.56 views

RPM security vulnerabilities

Integer oveflow, code execution...

10CVSS3.9AI score0.07669EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.47 views

[ MDVSA-2014:251 ] rpm

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:251 http://www.mandriva.com/en/support/security/ Package : rpm Date : December 14, 2014 Affected: Business Server 1.0 Problem Description: Updated rpm packages fix security vulnerabilities: It was found that...

10CVSS7.7AI score0.07669EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/22 12:0 a.m.73 views

Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities

Title: Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: 02 November 2014 Updated: 9 December 2014 Published: 9 December 2014 MorXploit Research http://www.MorXploit.com Vendor: Concrete5 Vendor url: www.concrete5.org...

5.6AI score
Exploits0
securityvulns
securityvulnsadded 2014/12/21 12:0 a.m.50 views

Apple iOS multiple security vulnerabilities

Information leakage, unsigned code execution, code execution, restrictions bypass, memory corruption...

9.3CVSS3.1AI score0.03404EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2014/12/21 12:0 a.m.56 views

Apple Safari / Webkit multiple security vulnerabilities

Multiple memory corruptions...

7.5CVSS1.9AI score0.04583EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2014/12/21 12:0 a.m.45 views

Apple iOS v8.x - Message Context & Privacy Vulnerability

Document Title: =============== Apple iOS v8.x - Message Context & Privacy Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1346 Video: http://www.vulnerability-lab.com/getcontent.php?id=1350 Release Date: ============= 2014-12-16...

6.3AI score
Exploits0
securityvulns
securityvulnsadded 2014/12/21 12:0 a.m.94 views

APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 are now available and include the security content of Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1: https://support.apple.com/en-us/HT659...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2014/12/21 12:0 a.m.108 views

[USN-2441-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2441-1 December 12, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.8CVSS0.7AI score0.08579EPSS
Exploits5
securityvulns
securityvulnsadded 2014/12/21 12:0 a.m.52 views

Linux kernel multiple security vulnerabilities

DoS via SCTP, TechnoTrend/Hauppauge DEC USB driver buffer overflow, invalid registers handling in x86, ASLR bypass...

6.1CVSS4.4AI score0.0523EPSS
Exploits2References3Affected Software1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.23 views

VMWare AirWatch information disclosure

It's possible to access information of different tenant...

4CVSS2.2AI score0.00937EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.56 views

[USN-2438-1] NVIDIA graphics drivers vulnerabilities

========================================================================== Ubuntu Security Notice USN-2438-1 December 10, 2014 nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-331, nvidia-graphics-drivers-331-updates vulnerabilities...

7.5CVSS1.8AI score0.05192EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.68 views

Offset2lib: bypassing full ASLR on 64bit Linux

Hi, This is a disclosure of a weakness of the ASLR Linux implementation. The problem appears when the executable is PIE compiled and it has an address leak belonging to the executable. We named this weakness: offset2lib. In this scenario, an attacker is able to de-randomize all mmapped areas...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.57 views

[oss-security] PowerDNS Security Advisory 2014-02

Hi everybody, Please be aware of PowerDNS Security Advisory 2014-02 http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/, which you can also find below. The good news is that the currently released version of the PowerDNS Recursor is safe. The bad news is that users of older versions wi...

5CVSS0.8AI score0.73532EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.96 views

Asterisk DoS

WebSocket Server request parsing DoS...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.31 views

SGI Tempo multiple security vulnerabilities

Privilege escalation, information leakage...

2.4AI score0.00705EPSS
Exploits5References3
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.42 views

PowerDNS Recursor DoS

Resources exhaustion...

5CVSS3.3AI score0.73532EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.22 views

HP Smart Update Manager information disclosure

No description provided...

0.7AI score
Exploits0References1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.51 views

[CVE-2014-7302] SGI SUID Root Privilege Escalation

SGI SUID Root Privilege Escalation Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7302 Author: Luke Jennings, John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Descriptio...

0.7AI score0.00562EPSS
Exploits2
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.125 views

APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2014-12-3-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 is now available and addresses the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite...

7.5CVSS0.3AI score0.04583EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.46 views

[CVE-2014-7301] SGI Tempo System Database Password Exposure

SGI Tempo System Database Password Exposure Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7301 Author: John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Description It i...

6.8AI score0.00512EPSS
Exploits2
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.45 views

[CVE-2014-7303] SGI Tempo System Database Exposure

SGI Tempo System Database Exposure Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7303 Author: John Fitzpatrick, MWR Labs Severity: Low Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Description It is possible f...

0.1AI score0.00705EPSS
Exploits1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.49 views

[SECURITY] [DSA 3097-1] unbound security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3097-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 10, 2014 http://www.debian.org/security/faq -...

4.3CVSS1.7AI score0.25205EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.35 views

[security bulletin] HPSBMU03043 rev.1 - HP Smart Update Manager for Windows and Linux, Local Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04302476 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04302476 Version: 1 HPSBMU03043 rev....

2.1CVSS0.3AI score0.0039EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.38 views

unbound DoS

Resources exhaustion on recursive requests handling...

4.3CVSS2.5AI score0.25205EPSS
Exploits0References1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.38 views

VMware vSphere multiple security vulnerabilities

Crossite scripting, certificate validation issues, vulnerabilities in 3rd party packages...

4.3CVSS1.7AI score0.01795EPSS
Exploits0References1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.36 views

NEW VMSA-2014-0014 - AirWatch by VMware product update addresses information disclosure vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2014-0014 Synopsis: AirWatch by VMware product update addresses information disclosure vulnerabilities Issue date: 2014-12-10 Updated...

4CVSS6.2AI score0.00937EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.52 views

[USN-2436-1] X.Org X server vulnerabilities

========================================================================== Ubuntu Security Notice USN-2436-1 December 09, 2014 xorg-server, xorg-server-lts-trusty vulnerabilities ========================================================================== A security issue affects these releases of...

6.5CVSS0.7AI score0.05192EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.45 views

X.Org X server and video drivers multiple security vulnerabilities

Multiple memory corruptions and privilege escalations...

7.5CVSS3.6AI score0.05192EPSS
Exploits0References2
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.37 views

NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2014-0013 Synopsis: VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability Issu...

9CVSS6.8AI score0.0356EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.82 views

[SECURITY] [DSA 3096-1] pdns-recursor security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3096-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 11, 2014 http://www.debian.org/security/faq -...

5CVSS1.9AI score0.73532EPSS
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.37 views

AST-2014-019: Remote Crash Vulnerability in WebSocket Server

Asterisk Project Security Advisory - AST-2014-019 Product Asterisk Summary Remote Crash Vulnerability in WebSocket Server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On 30 October 2014 Reported By Badalian...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.52 views

[USN-2435-1] Graphviz vulnerability

========================================================================== Ubuntu Security Notice USN-2435-1 December 09, 2014 graphviz vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.4AI score0.05569EPSS
Exploits1
securityvulns
securityvulnsadded 2014/12/11 12:0 a.m.38 views

graphviz memory corruption

Format string vulnerability on graphics format parsing...

7.5CVSS3.7AI score0.05569EPSS
Exploits1References1Affected Software1
Total number of security vulnerabilities47153