Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.88 views

[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2014-033: SAP Business Warehouse Missing Authorization Check 1. Impact on Business ===================== By exploiting this vulnerability an authenticated attacker will be able to abuse of functionality that should be...

6.6AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.75 views

[ MDVSA-2014:164 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:164 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : September 2, 2014 Affected: Business Server 1.0 Problem Description: Updated phpmyadmin package fixes security vulnerabilities: In...

3.5CVSS6.5AI score0.01706EPSS
Exploits2
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.69 views

Reflected Cross-Site Scripting (XSS) in Textpattern

Advisory ID: HTB23223 Product: Textpattern Vendor: http://textpattern.com/ Vulnerable Versions: 4.5.5 and probably prior Tested Version: 4.5.5 Advisory Publication: July 9, 2014 without technical details Vendor Notification: July 9, 2014 Vendor Patch: September 20, 2014 Public Disclosure: October...

4.3CVSS6.1AI score0.01925EPSS
Exploits3
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.90 views

SAP Security Note 1908531 - XXE in BusinessObjects Explorer

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: BusinessObjects Explorer Vendor: SAP AG Subject: Untrusted XML input parsing possible in SBOP Explorer Risk: High Effect: Remotely exploitable Author: Stefan Horlacher Date: 2014-10-10 SAP Security Note: 1908531 0...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.44 views

Android NFC Service Denial of Service

Android NFC Service Denial of Service ------------------------------------------------------------------ I. Summary NFC Service is a process of Android OS for providing access to NFC functionality, allowing applications to read NDEF message in NFC tags. A flaw has beend found in NFC Service...

1.2AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.88 views

Reflected Cross-Site Scripting (XSS) in BlackCat CMS

Advisory ID: HTB23228 Product: BlackCat CMS Vendor: Black Cat Development Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: August 13, 2014 without technical details Vendor Notification: August 13, 2014 Vendor Patch: August 13, 2014 Public Disclosure:...

4.3CVSS6.4AI score0.02041EPSS
Exploits3
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.71 views

Moab Authentication Bypass [CVE-2014-5300]

Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author: John Fitzpatrick, MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendor: Adaptive Computing Vendor Response: Resolved in Moa...

5CVSS0.3AI score0.0736EPSS
Exploits6
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.81 views

[KIS-2014-10] X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability

-------------------------------------------------------------------------------- X2Engine = 4.1.7 FileUploadsFilter.php Unrestricted File Upload Vulnerability -------------------------------------------------------------------------------- - Software Link: http://www.x2engine.com/ - Affected...

5CVSS0.4AI score0.03002EPSS
Exploits2
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.49 views

perl-Email-Address DoS

resources exhaustion on address parsing...

5CVSS3.3AI score0.03584EPSS
Exploits2References1
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.113 views

HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability

Document Title: =============== HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1329 Release Date: ============= 2014-10-02 Vulnerability Laboratory ID VL-ID:...

0.2AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.59 views

[SECURITY] [DSA 3041-1] xen security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3041-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 01, 2014 http://www.debian.org/security/faq -...

8.3CVSS1.6AI score0.01058EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.40 views

Xen multiple security vulnerabilities

DoS, information leakage, privilege escalation...

8.3CVSS2.8AI score0.01058EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.72 views

[Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2014-020: SAP Business Objects Information Disclosure 1. Impact on Business ===================== A malicious user can discover information relating to valid users using a vulnerable Business Objects Enterprise instance. This...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.57 views

[ MDVSA-2014:126 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:126 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : July 8, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in...

3.5CVSS6.1AI score0.0213EPSS
Exploits2
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.58 views

Multiple vulnerabilities in Refraction theme for WordPress

Hello 3APA3A! In 2012 I've disclosed vulnerabilities in JW Player and in RokBox. Which were fixed by the developers - JW Player developers fixed one hole and promised to fix others later and RokBox developers fixed all holes but it was questionable how they fixed holes related to JW Player. In...

6.1AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.60 views

SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: BusinessObjects Explorer Vendor: SAP AG Subject: Potential information disclosure relating to SBOP Explorer Risk: Medium Effect: Remotely exploitable Author: Stefan Horlacher Date: 2014-10-10 SAP Security Note:...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.128 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.79476EPSS
Exploits86References35Affected Software24
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.79 views

Multiple vulnerabilities in DrayTek VigorACS SI

DrayTek VigorACS SI = 1.3.0 Vigor ACS-SI Edition is a Central Management System for DrayTek routers and firewalls, providing System Integrators or system administration personnel a real-time integrated monitoring, configuration and management platform...

0.6AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.64 views

[ MDVSA-2014:183 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:183 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : September 24, 2014 Affected: Business Server 1.0 Problem Description: Updated phpmyadmin package fixes security vulnerability: In...

4.3CVSS6.8AI score0.01862EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.183 views

SAP Security Note 1908647 - Cross Site Flashing in BusinessObjects Explorer

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: BusinessObjects Explorer Vendor: SAP AG Subject: Cross Site Flashing Risk: High Effect: Remotely exploitable Author: Stefan Horlacher Date: 2014-10-10 SAP Security Note: 1908647 0 Abstract: -------------...

0.2AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.168 views

Multiple Vulnerabilities in Draytek Vigor 2130

VIGOR 2130 firmware 1.5.4.9 1.1. Command injection in traceroute functionality A user can execute arbitrary commands RCE on the router by abusing the traceroute functionality. The interface expects an IP address as input, but does not validate the input. Just provide the input: ; id The above...

3.1AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.93 views

Path Traversal in webEdition

Advisory ID: HTB23227 Product: webEdition Vendor: webEdition e.V. Vulnerable Versions: 6.3.8.0 SVN-Revision: 6985 and probably prior Tested Version: 6.3.8.0 SVN-Revision: 6985 Advisory Publication: August 6, 2014 without technical details Vendor Notification: August 6, 2014 Vendor Patch: Septembe...

4CVSS6.2AI score0.19764EPSS
Exploits6
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.85 views

[ MDVSA-2014:182 ] zarafa

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:182 http://www.mandriva.com/en/support/security/ Package : zarafa Date : September 24, 2014 Affected: Business Server 1.0 Problem Description: Updated zarafa packages fix security vulnerabilities: Robert...

2.1CVSS5.4AI score0.00424EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.45 views

[SECURITY] [DSA 3048-1] apt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3048-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 08, 2014 http://www.debian.org/security/faq -...

3.6CVSS1.5AI score0.00386EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.31 views

Exuberant Ctags DoS

Infinite loop leads to resources exhaustion...

5CVSS1.7AI score0.04276EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.63 views

[USN-2371-1] Exuberant Ctags vulnerability

========================================================================== Ubuntu Security Notice USN-2371-1 October 08, 2014 exuberant-ctags vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

5CVSS0.4AI score0.04276EPSS
Exploits1
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.42 views

apt symbolic links vulnerability

Symbolic links vulnerability on temporary file creation...

3.6CVSS1.5AI score0.00386EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.71 views

[SECURITY] [DSA 3045-1] qemu security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3045-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 04, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.7AI score0.02116EPSS
Exploits4
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.40 views

Cisco ASA multiple DoS vulnerabilities

DoS on multiple protocols parsing, code executions, information leakgs, insufficient certificate validation...

9CVSS4.1AI score0.02797EPSS
Exploits0Affected Software1
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.113 views

bash code execution

It's possible to place a function into content of any environment variable...

10CVSS4.1AI score0.99999EPSS
Exploits157References13Affected Software1
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.737 views

CA20141001-01: Security Notice for Bash Shellshock Vulnerability

CA20141001-01: Security Notice for Bash Shellshock Vulnerability Issued: October 01, 2014 Updated: October 03, 2014 CA Technologies is investigating multiple GNU Bash vulnerabilities, referred to as the "Shellshock" vulnerabilities, which were publicly disclosed on September 24-27, 2014. CVE...

10CVSS9.2AI score0.99999EPSS
Exploits157
securityvulns
securityvulnsadded 2014/10/13 12:0 a.m.273 views

[security bulletin] HPSBST03122 rev.1 - HP StoreAll Operating System Software running Bash Shell, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04471532 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04471532 Version: 1 HPSBST03122 rev....

10CVSS0.7AI score0.99999EPSS
Exploits139
securityvulns
securityvulnsadded 2014/10/11 12:0 a.m.60 views

[security bulletin] HPSBGN03108 rev.1 - HP Records Manager, Remote Cross-Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04441391 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04441391 Version: 1 SUPPORT...

4.3CVSS0.3AI score0.02187EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/11 12:0 a.m.36 views

HP Sprinter multiple security vulnerabilities

Multiple shell execution vulnerabilities...

7.5CVSS1.4AI score0.06936EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/10/11 12:0 a.m.27 views

HP Records Manager crossite scripting

No description provided...

4.3CVSS1.1AI score0.02187EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/10/11 12:0 a.m.90 views

[security bulletin] HPSBMU03127 rev.1 - HP Operations Manager for UNIX, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04472866 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04472866 Version: 1 HPSBMU03127 rev....

10CVSS0.8AI score0.08859EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/11 12:0 a.m.107 views

[USN-2379-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2379-1 October 09, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.8CVSS1.4AI score0.06167EPSS
Exploits8
securityvulns
securityvulnsadded 2014/10/11 12:0 a.m.48 views

HP Operations Manager for UNIX security vulnerabilities

Few code edxecution vulnerabilities...

10CVSS1.8AI score0.08859EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/10/11 12:0 a.m.121 views

[security bulletin] HPSBMU03110 rev.1 - HP Sprinter, Remote Execution of Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04454636 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04454636 Version: 1 HPSBMU03110 rev....

7.5CVSS0.2AI score0.06936EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.287 views

NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VMware Security Advisory Advisory ID: VMSA-2014-0010 Synopsis: VMware product updates address critical Bash security vulnerabilities Issue date: 2014-09-30 Updated on: 2014-09-30 Initial Advisory CVE numbers: CVE-2014-6271, CVE-2014-7169, CVE-2014-718...

10CVSS7.9AI score0.99999EPSS
Exploits141
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.72 views

[SECURITY] [DSA 3039-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3039-1 [email protected] http://www.debian.org/security/ Michael Gilbert September 28, 2014 http://www.debian.org/security/faq -...

10CVSS0.4AI score0.09758EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.77 views

[USN-2366-1] libvirt vulnerabilities

========================================================================== Ubuntu Security Notice USN-2366-1 September 30, 2014 libvirt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

5.8CVSS0.2AI score0.02751EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.24 views

HP MPIO privilege escalation

No description provided...

4.6CVSS1.5AI score0.00609EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.93 views

Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities

Ultra Electronics / AEP Networks - SSL VPN Netilla / Series A / Ultra Protect Vulnerabilities http://www.osisecurity.com.au/advisories/ultra-aep-netilla-vulnerabilities Release Date: 02-Oct-2014 Software: Ultra Electronics - Series A...

Exploits0
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.47 views

ZyXEL SBG-3300 security vulnerabilities

DoS, crossite scripting...

5CVSS1.7AI score0.02476EPSS
Exploits6References2
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.63 views

CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway

Vulnerability Title: Stored Server XSS in ZyXEL SBG-3300 Security Gateway Date: 02/10/2014 CVE-ID: CVE-2014-7277 Product: ZyXEL SBG3300-N series Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure V1.00AADY.4C0 and below tested Patch: Unpatched Authored by: Mirko...

4.3CVSS1.1AI score0.01201EPSS
Exploits3
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.47 views

Google Chrome / Chromium multiple security vulnerabilities

Restrictions bypass, memroy corruptions, information leakage, URL spoofing...

10CVSS1.8AI score0.09758EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.37 views

rsyslog DoS

DoS on request parsing...

7.5CVSS2.4AI score0.07546EPSS
Exploits2References1Affected Software1
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.63 views

Elasticsearch vulnerability CVE-2014-6439

Summary: Elasticsearch versions 1.3.x and prior have a default configuration for CORS that allows an attacker to craft links that could cause a user’s browser to send requests to Elasticsearch instances on their local network. These requests could cause data loss or compromise. We have been...

4.3CVSS1.3AI score0.02023EPSS
Exploits0
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.41 views

[ MDVSA-2014:191 ] perl-XML-DT

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:191 http://www.mandriva.com/en/support/security/ Package : perl-XML-DT Date : September 29, 2014 Affected: Business Server 1.0 Problem Description: Updated perl-XML-DT package fixes security vulnerability: T...

6.3CVSS6.1AI score0.00349EPSS
Exploits0
Total number of security vulnerabilities47153