Securityvulns - Page 4 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/10/12 12:0 a.m.•37 views

Microsoft Exchange information disclosure

Information disclosure and spoofing, crossite scripting...

5CVSS0.5AI score0.14297EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•40 views

EMC RSA Archer GRC multiple seucurity vulnerabilities

Restrictions bypass, crossite scripting, information disclosure...

6.5CVSS1.9AI score0.00456EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•78 views

[SECURITY] [DSA 3367-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3367-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2015 https://www.debian.org/security/faq -...

4.3CVSS1.3AI score0.00803EPSS

securityvulns•added 2015/10/12 12:0 a.m.•58 views

Cisco AnyConnect elevation of privileges via DMG install script

------------------------------------------------------------------------ Cisco AnyConnect elevation of privileges via DMG install script ------------------------------------------------------------------------ Yorick Koster, July 2015...

7.2CVSS1.5AI score0.03548EPSS

securityvulns•added 2015/10/12 12:0 a.m.•58 views

[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04822249 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04822249 Version: 1 HPSBST03502 rev.1 - HP 3PAR Service Processor SP SPOCC, Remot...

4CVSS0.4AI score0.00213EPSS

securityvulns•added 2015/10/12 12:0 a.m.•33 views

Cisco Prime multiple security vulnerabilities

Restrictions bypass, privilege escalation, information disclosure...

9.4CVSS2.5AI score0.01714EPSS

Exploits0Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•34 views

Tripwire IP360 authentication bypass

Authentication bypass, privilege escalation...

7.5CVSS3.7AI score0.00582EPSS

Exploits1References1

securityvulns•added 2015/10/12 12:0 a.m.•34 views

EMC RSA OneStep directory traversal

Arbitrary files access...

7.8CVSS4.2AI score0.034EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•46 views

HP 3PAR Service Processor SPOCC information disclosure

No description provided...

4CVSS0.7AI score0.00213EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•92 views

[USN-2745-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2745-1 September 24, 2015 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

10CVSS0.5AI score0.10195EPSS

securityvulns•added 2015/10/12 12:0 a.m.•43 views

CVE-2015-7392 Heap overflow in Freeswitch json parser < 1.6.2 & < 1.4.23

Advisory Information Title: Heap overflow in freeswitch json parser 1.6.2 & 1.4.23 Submitter: Marcello Duarte [email protected] Product: freeswitch Product URL: http://freeswitch.org Affected Versions: freeswitch 1.6.2 & 1.4.23 Fixed Versions: 1.6.2 , 1.4.23 Link to source code diff:...

7.5CVSS7AI score0.04091EPSS

securityvulns•added 2015/10/12 12:0 a.m.•36 views

ESA-2015-151: RSA® OneStep Path Traversal Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-151: RSA® OneStep Path Traversal Vulnerability EMC Identifier: ESA-2015-151 CVE Identifier: CVE-2015-4546 Severity Rating: CVSS v2 Base Score: 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N Affected Products: RSA OneStep 6.9 prior to Build 559 RSA OneStep...

7.8CVSS0.4AI score0.034EPSS

securityvulns•added 2015/10/12 12:0 a.m.•74 views

Cisco AnyConnect elevation of privileges via DLL side loading

------------------------------------------------------------------------ Cisco AnyConnect elevation of privileges via DLL side loading ------------------------------------------------------------------------ Yorick Koster, June 2015...

7.2CVSS3.3AI score0.0264EPSS

securityvulns•added 2015/10/12 12:0 a.m.•42 views

Cisco IOS / Cisco IOS XE multiple security vulnerabilities

Authentication bypass, DoS...

9.3CVSS2.7AI score0.01165EPSS

Exploits0Affected Software2

securityvulns•added 2015/10/12 12:0 a.m.•45 views

wireshark multiple security vulnerabilities

Multiple vulnerabilities in different protocols dissectors...

4.3CVSS3AI score0.00803EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•25 views

Cisco TelePresence Server DoS

Conference Control Protocol API buffer overflow...

7.8CVSS3AI score0.00448EPSS

Exploits0Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•45 views

CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability

Document Title ================ Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability Affected Products =================== Vendor: Tripwire Software/Appliance: IP360 VnE Vulnerability Manager Affected verified versions: v7.2.2 - v7.2.5 CVE =====...

7.5CVSS1.3AI score0.00582EPSS

securityvulns•added 2015/10/12 12:0 a.m.•45 views

EMC RSA Web Threat Detection security vulnerabilities

Information disclosure, privilege escalation...

7.2CVSS3.8AI score0.00513EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•34 views

FreeSWITCH buffer overflow

Buffer overflow on JSON parsing...

7.5CVSS4.5AI score0.04091EPSS

Exploits2References1Affected Software1

securityvulns•added 2015/10/12 12:0 a.m.•56 views

[USN-2741-1] Unity Settings Daemon vulnerability

========================================================================== Ubuntu Security Notice USN-2741-1 September 16, 2015 unity-settings-daemon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

2.1CVSS0.4AI score0.00061EPSS

securityvulns•added 2015/10/11 12:0 a.m.•58 views

[SECURITY] [DSA 3371-1] spice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3371-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 09, 2015 https://www.debian.org/security/faq...

7.2CVSS2.1AI score0.00242EPSS

securityvulns•added 2015/10/11 12:0 a.m.•22 views

Huawei routers multiple security vulnerabilities

XSS, CSRF, DoS, unsafe data transfer, RCE...

Exploits0References1

securityvulns•added 2015/10/11 12:0 a.m.•32 views

Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Netgear Router Firmware N3001.1.0.311.0.1.img and N300-1.1.0.281.0.1.img Vendor: NETGEAR CVE ID: requested Subject: Authentication Bypass Risk: High Effect: Remotely exploitable over LAN/WLAN Author: Daniel Haake...

securityvulns•added 2015/10/11 12:0 a.m.•50 views

FreeType DoS

Crash on fonts parsing...

7.5CVSS2.9AI score0.02852EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/11 12:0 a.m.•57 views

[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass

Advisory: Buffalo LinkStation Authentication Bypass An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage NAS device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and integrity of the...

securityvulns•added 2015/10/11 12:0 a.m.•26 views

OpenSMTPD multiple security vulnerabilities

DoS conditions, information disclosure, multiple memory corruptions...

Exploits0References1Affected Software1

securityvulns•added 2015/10/11 12:0 a.m.•871 views

ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage Author: Jerzy Patraszewski Date: 10 July 2015 Affected software : =================== ZTE GPON: F427 Version: V3.0 Firmware Image:...

securityvulns•added 2015/10/11 12:0 a.m.•35 views

W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability

Document Title: =============== W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1612 Release Date: ============= 2015-10-06 Vulnerability Laboratory ID VL-ID:...

securityvulns•added 2015/10/11 12:0 a.m.•41 views

Oxide security vulnerabilities

Restrictions bypass...

7.5CVSS2.1AI score0.01935EPSS

Exploits2References1Affected Software1

securityvulns•added 2015/10/11 12:0 a.m.•105 views

Buffalo LinkStation authentication bypass

Session validity is not checked on request...

Exploits0References1Affected Software1

securityvulns•added 2015/10/11 12:0 a.m.•77 views

[SECURITY] [DSA 3370-1] freetype security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3370-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini October 06, 2015 https://www.debian.org/security/faq -...

7.5CVSS2AI score0.02852EPSS

securityvulns•added 2015/10/11 12:0 a.m.•25 views

Netgear routers multiple security vulnerabilities

Administration interface is accessible without password validation, CSRF...

Exploits0References1

securityvulns•added 2015/10/11 12:0 a.m.•36 views

Veeam Backup & Replication information disclosure

Password disclosure in the logfiles...

2.1CVSS0.9AI score0.00053EPSS

Exploits2References1

securityvulns•added 2015/10/11 12:0 a.m.•30 views

ZTE GPON security vulnerabilities

Authentication bypass, information leakage...

Exploits0References1

securityvulns•added 2015/10/11 12:0 a.m.•118 views

A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE

Hello, Please find a text-only version below sent to security mailing-lists. The html version on analysing the vulnerabilities in Huawei 3G routers is posted here: https://pierrekim.github.io/blog/2015-10-07-Huawei-routers-vulnerable-to-multiple-threats.html === text-version of the advisory ===...

securityvulns•added 2015/10/11 12:0 a.m.•54 views

Qualys Security Advisory - OpenSMTPD Audit Report

Sorry for the "CVE-2015-ABCD" place-holders in the report, but OpenSMTPD's developers were ready with the patches before MITRE was ready with the CVE-IDs. Qualys Security Advisory OpenSMTPD Audit Report ======================================================================== Contents...

securityvulns•added 2015/10/11 12:0 a.m.•43 views

Veeam Backup & Replication Local Privilege Escalation Vulnerability

Veeam Backup & Replication Local Privilege Escalation Vulnerability Name Sensitive Data Exposure in Veem Backup Systems Affected Veeam Backup & Replication B&R v6, v6.5, v7, v8 Severity High 7.9/10 Impact CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L Vendor http://www.veeam.com/ Advisory...

2.1CVSS6.3AI score0.00053EPSS

securityvulns•added 2015/10/11 12:0 a.m.•141 views

[USN-2757-1] Oxide vulnerabilities

========================================================================== Ubuntu Security Notice USN-2757-1 October 05, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

7.5CVSS0.2AI score0.01935EPSS

securityvulns•added 2015/10/11 12:0 a.m.•37 views

Tenda routers crossite scripting

Crossite scripting in web interface...

Exploits0References1

securityvulns•added 2015/10/11 12:0 a.m.•42 views

spice memory corruption

Few different vulnerabilities...

7.2CVSS2.7AI score0.00242EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/05 12:0 a.m.•99 views

APPLE-SA-2015-09-30-2 Safari 9

APPLE-SA-2015-09-30-2 Safari 9 Safari 9 is now available and addresses the following: Safari Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.11 Impact: Visiting a malicious website may lead to user interface spoofing Description: Multiple user interface...

10CVSS7.6AI score0.01538EPSS

securityvulns•added 2015/10/05 12:0 a.m.•108 views

APPLE-SA-2015-09-21-1 watchOS 2

APPLE-SA-2015-09-21-1 watchOS 2 watchOS 2 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: Th...

10CVSS0.6AI score0.25808EPSS

securityvulns•added 2015/10/05 12:0 a.m.•39 views

[SYSS-2015-006] Kaspersky Total Security - Use of One-Way Hash withouth a Salt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-006 Product: Kaspersky Total Security KTS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Use of a One-Way Hash without a Salt CWE-759 Risk Level: Low Solution Status:...

securityvulns•added 2015/10/05 12:0 a.m.•78 views

Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912)

Full details: http://www.securitygalore.com/site3/safari-pasv Thanks, -Amit Klein http://www.securitygalore.com/...

0.3AI score0.00524EPSS

securityvulns•added 2015/10/05 12:0 a.m.•178 views

APPLE-SA-2015-09-30-3 OS X El Capitan 10.11

APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 OS X El Capitan 10.11 is now available and addresses the following: Address Book Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to inject arbitrary code to processes loading the Address Book framework Description: An issu...

10CVSS0.2AI score0.89861EPSS

securityvulns•added 2015/10/05 12:0 a.m.•69 views

[SYSS-2015-002] Kaspersky Endpoint Security - Use of One-Way Hash withouth a Salt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-002 Product: Kaspersky Endpoint Security for Windows KES Vendor: Kaspersky Lab ZAO Affected Versions: 8.1.0.1042, 10.2.1.23 Tested Versions: 8.1.0.1042, 10.2.1.23 Vulnerability Type: Use of a One-Way Hash without a Salt CWE-75...

securityvulns•added 2015/10/05 12:0 a.m.•26 views

[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-009 Product: Kaspersky Anti-Virus KAV Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...

securityvulns•added 2015/10/05 12:0 a.m.•27 views

[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-007 Product: Kaspersky Internet Security KIS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.2.361 Tested Versions: 15.0.2.361 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...

securityvulns•added 2015/10/05 12:0 a.m.•131 views

[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-005 Product: Kaspersky Total Security KTS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...

securityvulns•added 2015/10/05 12:0 a.m.•32 views

Kapersky applications security vulnerabilities

Weak authentication, weak hashing...

Exploits0References10Affected Software5

Total number of security vulnerabilities47153