Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.45 views

Cisco AnyConnect privilege escalation

Privilege escalation via DLLs and DMG files...

7.2CVSS4AI score0.01202EPSS
Exploits6References2Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.64 views

[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04822249 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04822249 Version: 1 HPSBST03502 rev.1 - HP 3PAR Service Processor SP SPOCC, Remot...

4CVSS0.4AI score0.01168EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.48 views

ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities EMC Identifier: ESA-2015-142 CVE Identifier: CVE-2015-4541, CVE-2015-4542, CVE-2015-4543 Severity Rating: CVSS v2 Base Score: View details below for individual CVSS v2 scores Affected...

6.5CVSS0.5AI score0.02832EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.96 views

[USN-2745-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2745-1 September 24, 2015 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

10CVSS0.5AI score0.0364EPSS
Exploits1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.42 views

EMC RSA Archer GRC multiple seucurity vulnerabilities

Restrictions bypass, crossite scripting, information disclosure...

6.5CVSS1.9AI score0.02832EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.41 views

ESA-2015-151: RSA® OneStep Path Traversal Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-151: RSA® OneStep Path Traversal Vulnerability EMC Identifier: ESA-2015-151 CVE Identifier: CVE-2015-4546 Severity Rating: CVSS v2 Base Score: 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N Affected Products: RSA OneStep 6.9 prior to Build 559 RSA OneStep...

7.8CVSS0.4AI score0.03232EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.64 views

Cisco AnyConnect elevation of privileges via DMG install script

------------------------------------------------------------------------ Cisco AnyConnect elevation of privileges via DMG install script ------------------------------------------------------------------------ Yorick Koster, July 2015...

7.2CVSS1.5AI score0.01048EPSS
Exploits3
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.35 views

Cisco Prime multiple security vulnerabilities

Restrictions bypass, privilege escalation, information disclosure...

9.4CVSS2.5AI score0.02817EPSS
Exploits0Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.36 views

FreeSWITCH buffer overflow

Buffer overflow on JSON parsing...

7.5CVSS4.5AI score0.04668EPSS
Exploits2References1Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.44 views

Unity Settings Daemon privilege escalation

User's session access...

2.1CVSS3.6AI score0.00365EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.39 views

Microsoft Exchange information disclosure

Information disclosure and spoofing, crossite scripting...

5CVSS0.5AI score0.18236EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.47 views

EMC RSA Web Threat Detection security vulnerabilities

Information disclosure, privilege escalation...

7.2CVSS3.8AI score0.02082EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.48 views

HP 3PAR Service Processor SPOCC information disclosure

No description provided...

4CVSS0.7AI score0.01168EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.176 views

[USN-2744-1] Apport vulnerability

========================================================================== Ubuntu Security Notice USN-2744-1 September 24, 2015 apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.0091EPSS
Exploits2
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.77 views

Cisco AnyConnect elevation of privileges via DLL side loading

------------------------------------------------------------------------ Cisco AnyConnect elevation of privileges via DLL side loading ------------------------------------------------------------------------ Yorick Koster, June 2015...

7.2CVSS3.3AI score0.01202EPSS
Exploits3
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.36 views

EMC RSA OneStep directory traversal

Arbitrary files access...

7.8CVSS4.2AI score0.03232EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.46 views

CVE-2015-7392 Heap overflow in Freeswitch json parser < 1.6.2 & < 1.4.23

Advisory Information Title: Heap overflow in freeswitch json parser 1.6.2 & 1.4.23 Submitter: Marcello Duarte [email protected] Product: freeswitch Product URL: http://freeswitch.org Affected Versions: freeswitch 1.6.2 & 1.4.23 Fixed Versions: 1.6.2 , 1.4.23 Link to source code diff:...

7.5CVSS7AI score0.04668EPSS
Exploits2
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.48 views

[USN-2747-1] NVIDIA graphics drivers vulnerability

========================================================================== Ubuntu Security Notice USN-2747-1 September 28, 2015 nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-346,...

6.9CVSS1.5AI score0.00364EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.82 views

[SECURITY] [DSA 3367-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3367-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2015 https://www.debian.org/security/faq -...

4.3CVSS1.3AI score0.03241EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/12 12:0 a.m.46 views

wireshark multiple security vulnerabilities

Multiple vulnerabilities in different protocols dissectors...

4.3CVSS3AI score0.03241EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.31 views

ZTE GPON security vulnerabilities

Authentication bypass, information leakage...

2.4AI score
Exploits0References1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.27 views

OpenSMTPD multiple security vulnerabilities

DoS conditions, information disclosure, multiple memory corruptions...

1.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.37 views

Veeam Backup & Replication information disclosure

Password disclosure in the logfiles...

2.1CVSS0.9AI score0.00498EPSS
Exploits2References1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.56 views

Qualys Security Advisory - OpenSMTPD Audit Report

Sorry for the "CVE-2015-ABCD" place-holders in the report, but OpenSMTPD's developers were ready with the patches before MITRE was ready with the CVE-IDs. Qualys Security Advisory OpenSMTPD Audit Report ======================================================================== Contents...

1AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.51 views

FreeType DoS

Crash on fonts parsing...

7.5CVSS2.9AI score0.03734EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.43 views

Oxide security vulnerabilities

Restrictions bypass...

7.5CVSS2.1AI score0.01757EPSS
Exploits2References1Affected Software1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.38 views

Tenda routers crossite scripting

Crossite scripting in web interface...

2.3AI score
Exploits0References1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.34 views

Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Netgear Router Firmware N3001.1.0.311.0.1.img and N300-1.1.0.281.0.1.img Vendor: NETGEAR CVE ID: requested Subject: Authentication Bypass Risk: High Effect: Remotely exploitable over LAN/WLAN Author: Daniel Haake...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.23 views

Huawei routers multiple security vulnerabilities

XSS, CSRF, DoS, unsafe data transfer, RCE...

2.7AI score
Exploits0References1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.27 views

Netgear routers multiple security vulnerabilities

Administration interface is accessible without password validation, CSRF...

4.5AI score
Exploits0References1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.143 views

[USN-2757-1] Oxide vulnerabilities

========================================================================== Ubuntu Security Notice USN-2757-1 October 05, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

7.5CVSS0.2AI score0.01757EPSS
Exploits2
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.120 views

A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE

Hello, Please find a text-only version below sent to security mailing-lists. The html version on analysing the vulnerabilities in Huawei 3G routers is posted here: https://pierrekim.github.io/blog/2015-10-07-Huawei-routers-vulnerable-to-multiple-threats.html === text-version of the advisory ===...

0.7AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.106 views

Buffalo LinkStation authentication bypass

Session validity is not checked on request...

3.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.79 views

[SECURITY] [DSA 3370-1] freetype security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3370-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini October 06, 2015 https://www.debian.org/security/faq -...

7.5CVSS2AI score0.03734EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.49 views

Veeam Backup & Replication Local Privilege Escalation Vulnerability

Veeam Backup & Replication Local Privilege Escalation Vulnerability Name Sensitive Data Exposure in Veem Backup Systems Affected Veeam Backup & Replication B&R v6, v6.5, v7, v8 Severity High 7.9/10 Impact CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L Vendor http://www.veeam.com/ Advisory...

2.1CVSS6.3AI score0.00498EPSS
Exploits2
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.37 views

W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability

Document Title: =============== W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1612 Release Date: ============= 2015-10-06 Vulnerability Laboratory ID VL-ID:...

Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.879 views

ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage Author: Jerzy Patraszewski Date: 10 July 2015 Affected software : =================== ZTE GPON: F427 Version: V3.0 Firmware Image:...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.59 views

[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass

Advisory: Buffalo LinkStation Authentication Bypass An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage NAS device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and integrity of the...

7.9AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.60 views

[SECURITY] [DSA 3371-1] spice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3371-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 09, 2015 https://www.debian.org/security/faq...

7.2CVSS2.1AI score0.00575EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/11 12:0 a.m.44 views

spice memory corruption

Few different vulnerabilities...

7.2CVSS2.7AI score0.00575EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.40 views

FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind

============================================================================= FreeBSD-SA-15:24.rpcbind Security Advisory The FreeBSD Project Topic: rpcbind8 remote denial of service Category: core Module: rpcbind Announced: 2015-09-29 Affects: All supported versions of FreeBSD. Corrected:...

5CVSS7.9AI score0.06408EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.41 views

[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-003 Product: Kaspersky Small Office Security KSOS Vendor: Kaspersky Lab ZAO Affected Versions: 13.0.4.233 Tested Versions: 13.0.4.233 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk...

7AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.28 views

[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-009 Product: Kaspersky Anti-Virus KAV Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...

7AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.71 views

[SYSS-2015-002] Kaspersky Endpoint Security - Use of One-Way Hash withouth a Salt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-002 Product: Kaspersky Endpoint Security for Windows KES Vendor: Kaspersky Lab ZAO Affected Versions: 8.1.0.1042, 10.2.1.23 Tested Versions: 8.1.0.1042, 10.2.1.23 Vulnerability Type: Use of a One-Way Hash without a Salt CWE-75...

6.6AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.37 views

[SYSS-2015-010] Kaspersky Anti-Virus - Use of One-Way Hash withouth a Salt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-010 Product: Kaspersky Anti-Virus Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Use of a One-Way Hash without a Salt CWE-759 Risk Level: Low Solution Status: Fixed Vend...

6.6AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.76 views

APPLE-SA-2015-09-30-01 iOS 9.0.2

APPLE-SA-2015-09-30-01 iOS 9.0.2 iOS 9.0.2 is now available and addresses the following: Lock Screen Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to access photos and contacts from the...

2.1CVSS0.5AI score0.00323EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.30 views

[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-007 Product: Kaspersky Internet Security KIS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.2.361 Tested Versions: 15.0.2.361 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...

7AI score
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.104 views

APPLE-SA-2015-09-30-2 Safari 9

APPLE-SA-2015-09-30-2 Safari 9 Safari 9 is now available and addresses the following: Safari Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11 Impact: Visiting a malicious website may lead to user interface spoofing Description: Multiple user interface...

10CVSS7.6AI score0.02795EPSS
Exploits0
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.503 views

APPLE-SA-2015-09-16-2 Xcode 7.0

APPLE-SA-2015-09-16-2 Xcode 7.0 Xcode 7.0 is now available and addresses the following: DevTools Available for: OS X Yosemite v10.10.4 or later Impact: An attacker may be able to bypass access restrictions Description: An API issue existed in the apache configuration. This issue was addressed by...

7.5CVSS0.7AI score0.99999EPSS
Exploits7
securityvulns
securityvulnsadded 2015/10/05 12:0 a.m.71 views

[SECURITY] [DSA 3360-1] icu security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3360-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS September 15, 2015 https://www.debian.org/security/faq -...

6.8CVSS2.2AI score0.02732EPSS
Exploits0
Total number of security vulnerabilities47153