Securityvulns - Page 40 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2014/11/24 12:0 a.m.•47 views

Apple Mac OS X multiple security vulnerabilities

Information leakage, memory corruption...

6.8CVSS1.9AI score0.03816EPSS

Exploits0References1Affected Software1

securityvulns•added 2014/11/24 12:0 a.m.•65 views

CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload

CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. 2. Summary...

6.4CVSS0.2AI score0.03059EPSS

securityvulns•added 2014/11/24 12:0 a.m.•69 views

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attache...

5CVSS0.2AI score0.06518EPSS

securityvulns•added 2014/11/24 12:0 a.m.•27 views

AST-2014-013: PJSIP ACLs are not loaded on startup

Asterisk Project Security Advisory - AST-2014-013 Product Asterisk Summary PJSIP ACLs are not loaded on startup Nature of Advisory Unauthorized Access Susceptibility Remote unauthenticated sessions Severity Moderate Exploits Known No Reported On 28 October, 2014 Reported By Jonathan Rose Posted O...

securityvulns•added 2014/11/24 12:0 a.m.•27 views

AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver

Asterisk Project Security Advisory - AST-2014-015 Product Asterisk Summary Remote Crash Vulnerability in PJSIP channel driver Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On 30 October 2014 Reported By Yaron Nahum...

securityvulns•added 2014/11/24 12:0 a.m.•46 views

AppArmor restrictions bypass

Restrictions bypass in apparmorparser...

6.4CVSS2.2AI score0.0035EPSS

Exploits0References1Affected Software1

securityvulns•added 2014/11/24 12:0 a.m.•53 views

[USN-2413-1] AppArmor vulnerability

========================================================================== Ubuntu Security Notice USN-2413-1 November 20, 2014 apparmor vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.4CVSS6.1AI score0.0035EPSS

securityvulns•added 2014/11/24 12:0 a.m.•48 views

libcurl information leakage

Memory content leakage via POST...

4.3CVSS3AI score0.00226EPSS

Exploits0References1Affected Software1

securityvulns•added 2014/11/18 12:0 a.m.•42 views

Microsoft SharePoint Server crossite scripting

Stored XSS...

4.3CVSS0.6AI score0.12319EPSS

Exploits0Affected Software1

securityvulns•added 2014/11/18 12:0 a.m.•38 views

Microsoft Active Directory Federation Services information leakage

It's possible to access closed session...

5CVSS2.5AI score0.33598EPSS

Exploits0Affected Software1

securityvulns•added 2014/11/18 12:0 a.m.•47 views

Microsoft Office multiple security vulnerabilities

Few different memory corruptions on different documents parsing...

9.3CVSS3.4AI score0.45984EPSS

Exploits0Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•37 views

VMWare Workstation / Player DoS

Uninitialized potiner dereference on IOCTL processing...

4.9CVSS3.4AI score0.00044EPSS

Exploits0References2Affected Software2

securityvulns•added 2014/11/10 12:0 a.m.•55 views

SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection

SEC Consult Vulnerability Lab Security Advisory 20141106-0 ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact:...

7.5CVSS0.6AI score0.64538EPSS

securityvulns•added 2014/11/10 12:0 a.m.•49 views

CA20141103-01: Security Notice for CA Cloud Service Management

-----BEGIN PGP SIGNED MESSAGE----- CA20141103-01: Security Notice for CA Cloud Service Management Issued: November 3, 2014 CA Technologies Support is alerting customers to four resolved vulnerabilities with CA Cloud Service Management. Four vulnerabilities existed that could potentially allow a...

7.5CVSS1.3AI score0.00831EPSS

securityvulns•added 2014/11/10 12:0 a.m.•64 views

KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read

Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273...

securityvulns•added 2014/11/10 12:0 a.m.•52 views

[SECURITY] [DSA 3066-1] qemu security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3066-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...

7.2CVSS0.8AI score0.03847EPSS

securityvulns•added 2014/11/10 12:0 a.m.•42 views

Vulnerabilities in D-Link DAP-1360

Hello 3APA3A! There are Abuse of Functionality, Brute Force and Cross-Site Request Forgery vulnerabilities in D-Link DAP-1360 Wi-Fi Access Point and Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DAP-1360, Firmware 1.0.0. This...

securityvulns•added 2014/11/10 12:0 a.m.•72 views

ZTE 831CII Multiple Vulnerablities

Hardcoded default misconfiguration - The modem comes with admin:admin user credintials. Stored XSS - http://192.168.1.1/psilan.cgi?action=save&ethIpAddress=192.168.1.1&ethSubnetMask=255.255.255.0&hostname=ZXDSL83C1II&domainname=home27;alert28029;//&enblUpnp=1&enblLan2=0 Any user browsing to...

securityvulns•added 2014/11/10 12:0 a.m.•97 views

IL and CSRF vulnerabilities in D-Link DAP-1360

Hello 3APA3A! There are Information Leakage and Cross-Site Request Forgery vulnerabilities in D-Link DAP-1360 Wi-Fi Access Point and Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DAP-1360, Firmware 1.0.0. This model with other...

securityvulns•added 2014/11/10 12:0 a.m.•97 views

CVE-2014-6616 Softing FG-100 Webui XSS

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Softing FG-100 PB Vendor: Softing AG www.softing.com CVD ID: CVE-2014-6616 Subject: XSS Risk: High Effect: Remotely exploitable Author: Johannes Klick Daniel Marzin Ingmar Rosenhagen Date: 05.11.2014 Introduction:...

4.3CVSS6.4AI score0.00254EPSS

securityvulns•added 2014/11/10 12:0 a.m.•68 views

ZTE ZXDSL 831CII Direct Object Reference

The modem usually serves html files & protects them with HTTP Basic authentication. however, the cgi files, does not get this protection. so simply requesting any cgi file without no authentication would give a remote attacker full access to the modem and then can easily be used to root the modem...

securityvulns•added 2014/11/10 12:0 a.m.•32 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers Advisory ID: cisco-sa-20141105-rv Revision 1.0 For Public Release 2014 November 5 16:00 UTC GMT...

securityvulns•added 2014/11/10 12:0 a.m.•24 views

ZTE modems multiple security vulnereabilities

Multiple vulnerabilities in Web interface...

Exploits0References3Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•36 views

RSA Web Threat Detection SQL injection

SQL injection by authenticated user...

9CVSS3.6AI score0.01586EPSS

Exploits0References1Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•67 views

FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:25.setlogin Security Advisory The FreeBSD Project Topic: Kernel stack disclosure in setlogin2 / getlogin2 Category: core Module: kernel Announced: 2014-11-04...

2.1CVSS6.3AI score0.00068EPSS

securityvulns•added 2014/11/10 12:0 a.m.•107 views

ZTE ZXDSL 831 Multiple Cross Site Scripting

TR-069 Client page: Stored. executes when users go to http://192.168.1.1/tr69cfg.html...

securityvulns•added 2014/11/10 12:0 a.m.•81 views

Softing FG-100 security vulnerabilities

Backdoor accounts, crossite scripting...

10CVSS2.5AI score0.16321EPSS

Exploits4References2

securityvulns•added 2014/11/10 12:0 a.m.•29 views

CA Cloud Service Management multiple security vulnerabilities

Replay-атаки, XSS, XXE, token validation vulnerability...

7.5CVSS2.5AI score0.00831EPSS

Exploits1References1Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•43 views

Cisco RV Series multiple vulnerabilities

------------------------------------------------------------------------ Cisco RV Series multiple vulnerabilities ------------------------------------------------------------------------ Yorick Koster, June 2013 ------------------------------------------------------------------------ Abstract...

9CVSS2.1AI score0.00529EPSS

securityvulns•added 2014/11/10 12:0 a.m.•44 views

ESA-2014-135: RSA® Web Threat Detection SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-135: RSA® Web Threat Detection SQL Injection Vulnerability EMC Identifier: ESA-2014-135 CVE Identifier: CVE-2014-4627 Severity Rating: CVSS v2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C Affected Products: RSA Web Threat Detection 4.x versions...

9CVSS0.2AI score0.01586EPSS

securityvulns•added 2014/11/10 12:0 a.m.•27 views

FreeBSD OpenSSH DoS

Race condition because of invalid thread-safe library linking...

4.3CVSS1.8AI score0.0127EPSS

Exploits0References1Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•41 views

FreeBSD information leakage

Kernel information disclosure in setlogin/getlogin calls...

2.1CVSS0.5AI score0.00068EPSS

Exploits0References1Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•92 views

CVE-2014-6617 Softing FG-100 Backdoor Account

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Softing FG-100 PB Vendor: Softing AG www.softing.com CVD ID: CVE-2014-6617 Subject: Backdoor Account Risk: High Effect: Remotely exploitable Author: Ingmar Rosenhagen Daniel Marzin Johannes Klick Date: 05.11.2014...

10CVSS9.4AI score0.16321EPSS

securityvulns•added 2014/11/10 12:0 a.m.•61 views

FreeBSD Security Advisory FreeBSD-SA-14:26.ftp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:26.ftp Security Advisory The FreeBSD Project Topic: Remote command execution in ftp1 Category: core Module: ftp Announced: 2014-11-04 Credits: Jared McNeill,...

7.5CVSS4.5AI score0.84981EPSS

securityvulns•added 2014/11/10 12:0 a.m.•50 views

FreeBSd ftp code execution

Shell characters vulnerability on server response parsing...

7.5CVSS3.2AI score0.84981EPSS

Exploits8References1Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•53 views

Open-Xchange Security Advisory 2014-11-07

Product: OX App Suite Vendor: Open-Xchange GmbH Internal reference: 34765 Bug ID Vulnerability type: SQL Injection CWE-89 Vulnerable version: 7.6.0 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Researcher credits: SoftScheck GmbH Fixed...

6.5CVSS0.3AI score0.00308EPSS

securityvulns•added 2014/11/10 12:0 a.m.•35 views

Cisco RV multiple security vulnerabilities

Files access, code execution, crossite scripting...

9CVSS2.5AI score0.00529EPSS

Exploits0References2

securityvulns•added 2014/11/10 12:0 a.m.•36 views

Symantec Endpoint Protection multiple security vulnerabilities

XSS, XXE, unauthroized files access...

7.5CVSS2.8AI score0.17681EPSS

Exploits9References1Affected Software1

securityvulns•added 2014/11/10 12:0 a.m.•41 views

FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:24.sshd Security Advisory The FreeBSD Project Topic: Denial of service attack against sshd8 Category: contrib Module: openssh Announced: 2014-11-04 Credits:...

4.3CVSS7AI score0.0127EPSS

securityvulns•added 2014/11/10 12:0 a.m.•35 views

Open-Xchange SQL injection

SQLi in jslob API...

6.5CVSS2.1AI score0.00308EPSS

Exploits3References1Affected Software1

securityvulns•added 2014/11/03 12:0 a.m.•69 views

[ MDVSA-2014:208 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:208 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : October 24, 2014 Affected: Business Server 1.0 Problem Description: Updated phpmyadmin package fixes security vulnerability: In...

3.5CVSS6.5AI score0.00269EPSS

securityvulns•added 2014/11/03 12:0 a.m.•40 views

iFunBox Free v1.1 iOS - File Include Vulnerability

Document Title: =============== iFunBox Free v1.1 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1344 Release Date: ============= 2014-10-20 Vulnerability Laboratory ID VL-ID: ==================================== 1344...

securityvulns•added 2014/11/03 12:0 a.m.•43 views

Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability

Document Title: =============== Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1222 Release Date: ============= 2014-10-21 Vulnerability Laboratory ID VL-ID: ====================================...

securityvulns•added 2014/11/03 12:0 a.m.•52 views

SEC Consult SA-20141029-0 :: Multiple critical vulnerabilities in Vizensoft Admin Panel

SEC Consult Vulnerability Lab Security Advisory 20141029-0 ======================================================================= title: Multiple critical vulnerabilities product: Vizensoft Admin Panel vulnerable version: 2014 fixed version: - impact: critical homepage: http://www.vizensoft.com...

securityvulns•added 2014/11/03 12:0 a.m.•42 views

Pidgin multiple security vulnerabilities

Insufficient certificate validation, emoticons parsing DoS, Groupwise messages DoS, information leakages via XMPP...

6.4CVSS4AI score0.02136EPSS

Exploits0References1Affected Software1

securityvulns•added 2014/11/03 12:0 a.m.•92 views

[USN-2394-1] Linux kernel (Trusty HWE) vulnerabilities

========================================================================== Ubuntu Security Notice USN-2394-1 October 30, 2014 linux-lts-trusty vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

7.8CVSS6.1AI score0.01205EPSS

securityvulns•added 2014/11/03 12:0 a.m.•84 views

[SECURITY] [DSA 3059-1] dokuwiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3059-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 29, 2014 http://www.debian.org/security/faq -...

5CVSS1.9AI score0.01224EPSS

securityvulns•added 2014/11/03 12:0 a.m.•76 views

Elastix Multiple vulnerabilities (Remote Command Execution, XSS, CSRF)

Title: Elastix Multiple vulnerabilities Remote Command Execution, XSS, CSRF Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: September 1 2014 Published: October 17 2014 MorXploit Research http://www.MorXploit.com Software: Elastix Version: Elastix 2.4.0 Stable Vendor url:...

securityvulns•added 2014/11/03 12:0 a.m.•21 views

File Manager v4.2.10 iOS - Code Execution Vulnerability

Document Title: =============== File Manager v4.2.10 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1343 Release Date: ============= 2014-10-21 Vulnerability Laboratory ID VL-ID: ==================================== 13...

securityvulns•added 2014/11/03 12:0 a.m.•40 views

Vulnerabilities in WordPress Database Manager v2.7.1

Title: Vulnerabilities in WordPress Database Manager v2.7.1 Author: Larry W. Cashdollar, @larry0 Date: 10/13/2014 Download: https://wordpress.org/plugins/wp-dbmanager/ Downloads: 1,171,358 Vendor: Lester Chan, https://profiles.wordpress.org/gamerz/ Contacted: 10/13/2014, Vulnerabilities addressed...

Total number of security vulnerabilities47153