Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•33 views

Yealink VoIP phones security vulnerabilities

Crossite scripting, CRLF injection...

5CVSS2.1AI score0.03499EPSS
Exploits3References1
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•31 views

dpkg directory traversal

No description provided...

7.1CVSS2.5AI score0.0529EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•71 views

CVE-2014-3427 CRLF Injection and CVE-2014-3428 XSS Injection in Yealink VoIP Phones

I. ADVISORY CVE-2014-3427 CRLF Injection in Yealink VoIP Phones CVE-2014-3428 XSS vulnerabilities in Yealink VoIP Phones Date published: 06/12/2014 Vendor Contacted: 05/08/2014 II. BACKGROUND Yealink is a manufacturer of VoIP and Video products. To minimize noise read more at:...

5CVSS6.1AI score0.03499EPSS
Exploits3
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•48 views

[oss-security] Re: CVE request: possible miniupnpc buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It was pointed out in https://bugzilla.redhat.com/showbug.cgi?id=1085618 that miniupnpc version 1.9 fixes a possible buffer overflow: https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9 On a related note ... in version...

5CVSS0.7AI score0.01931EPSS
Exploits1
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•71 views

AST-2014-006: Asterisk Manager User Unauthorized Shell Access

Asterisk Project Security Advisory - AST-2014-006 Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On April 9, 2014 Reported By Corey Farrell...

6.5CVSS0.01378EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•38 views

[oss-security] CVE request: Linux kernel DoS with syscall auditing

Issuing a system call with a random large number will OOPS, depending on configuration. A configuration that will enable this bug is: auditctl -a exit,always -S open No privilege whatsoever is required to trigger the OOPS. It's possible that this can be extended to more than just a DoS -- with so...

2.5AI score
Exploits0
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•68 views

[security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04333125 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04333125 Version: 1 HPSBMU03045 rev....

10CVSS0.5AI score0.84144EPSS
Exploits4
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•53 views

AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections

Asterisk Project Security Advisory - AST-2014-007 Product Asterisk Summary Exhaustion of Allowed Concurrent HTTP Connections Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On May 25, 2014 Reported By Richard Mudgett...

5CVSS0.03038EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•39 views

HP Service Virtualization code execution

Code execution via AutoPass License Server...

10CVSS3.3AI score0.84144EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•130 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Buffer overflows, memory corruptions, clickjacking...

10CVSS3.3AI score0.04721EPSS
Exploits0Affected Software3
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•51 views

AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework

Asterisk Project Security Advisory - AST-2014-005 Product Asterisk Summary Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On March 17, 2014 Reported...

4.3CVSS0.5AI score0.01637EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•45 views

[oss-security] Re: CVE request: another path traversal in dpkg-source during unpack

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Another path traversal was discovered The short answer is that bug 746498 is CVE-2014-3864, and bug 749183 is CVE-2014-3865. We can also, first, review the status of the CVEs related to our 1 May 2014 message. The proposed CVE mappings for all four of...

7.1CVSS6AI score0.0529EPSS
Exploits1
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•50 views

[SECURITY] [DSA 2958-1] apt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2958-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 12, 2014 http://www.debian.org/security/faq -...

4CVSS1.7AI score0.0023EPSS
Exploits1
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•33 views

apt insufficient certificate validation

Insufficient certificate validation during apt-get source...

4CVSS1.8AI score0.0023EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/06/13 12:0 a.m.•37 views

Asterisk multiple security vulnerabilities

DoS, restrictions bypass, code execution...

6.5CVSS2.7AI score0.03038EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•37 views

[SECURITY] [DSA 2951-1] mupdf security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2951-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 05, 2014 http://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.34472EPSS
Exploits1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•102 views

[oss-security] Linux kernel futex local privilege escalation (CVE-2014-3153)

Hi, This was handled via linux-distros, hence the mandatory oss-security posting. The issue was made public earlier today, and is included in this Debian advisory: https://lists.debian.org/debian-security-announce/2014/msg00130.html --- CVE-2014-3153 Pinkie Pie discovered an issue in the futex...

7.2CVSS1AI score0.75331EPSS
Exploits15
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•65 views

VUPEN Security Research - Adobe Acrobat & Reader XI-X "AcroBroker" Sandbox Bypass (Pwn2Own)

VUPEN Security Research - Adobe Acrobat & Reader XI-X "AcroBroker" Sandbox Bypass Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Adobe Acrobat and Reader are the global standards for electronic document sharing. They are used to creat...

10CVSS6AI score0.02793EPSS
Exploits1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•63 views

triple-fault when executing from a threaded process

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-14:06.exec Errata Notice The FreeBSD Project Topic: triple-fault when executing from a threaded process Category: core Module: kern Announced: 2014-06-03 Credit...

4.9CVSS6.2AI score0.00048EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•70 views

Linux privilege escalation

ring 0 code execution via futex syscall...

7.2CVSS4.9AI score0.75331EPSS
Exploits15References1Affected Software1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•50 views

Google Chrome / Chromium multiple security vulnerabilities

Protection bypass, use-after-free, memory corruptions, integer overflow...

7.8CVSS3.7AI score0.03199EPSS
Exploits0References3Affected Software2
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•48 views

chkrootkit privilege escalation

It's possible to execute file from /tmp...

3.7CVSS3.3AI score0.11441EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•55 views

[oss-security] CVE-2014-0476 chkrootkit vulnerability

Hi, Thomas Stangner reported the following chkrootkit vulnerability. We assigned CVE-2014-0476 Cheers, Giuseppe -------- Original Message -------- Subject: Serious chkrootkit vulnerability Date: Sun, 25 May 2014 00:53:00 +0200 From: Thomas Stangner [email protected] Organization: Hetzner...

3.7CVSS0.5AI score0.11441EPSS
Exploits6
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•25 views

libav multiple security vulnerabilities

No description provided...

10CVSS1.8AI score0.09612EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•28 views

FreeBSD DoS

Race conditions on threads context switching...

4.9CVSS1.8AI score0.00048EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•67 views

[SECURITY] [DSA 2939-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2939-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 31, 2014 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.03199EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•33 views

mupdf buffer overflow

Buffer overflow on XPS parsing...

7.5CVSS5.1AI score0.34472EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•24 views

[SECURITY] [DSA 2947-1] libav security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2947-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 04, 2014 http://www.debian.org/security/faq -...

1.2AI score
Exploits0
securityvulns
securityvulns•added 2014/06/09 12:0 a.m.•42 views

Adobe Reader / Acrobat multiple security vulnerabilities

Buffer overflows, memory corruptions, information disclosures, use-after-free...

10CVSS2.7AI score0.31313EPSS
Exploits2References2Affected Software2
securityvulns
securityvulns•added 2014/06/06 12:0 a.m.•68 views

OpenSSL multiple security vulnerabilities

Protection level downgrade attacks, multiple DTLS vulnerabilities, DoS...

6.8CVSS2.6AI score0.92751EPSS
Exploits13
securityvulns
securityvulns•added 2014/06/04 12:0 a.m.•29 views

FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:11.sendmail Security Advisory The FreeBSD Project Topic: sendmail improper close-on-exec flag handling Category: contrib Module: sendmail Announced: 2014-06-...

7.3AI score
Exploits0
securityvulns
securityvulns•added 2014/06/04 12:0 a.m.•23 views

OpenPAM protection bypass

In some situations policy from valid location may not be loaded...

1.8AI score0.01485EPSS
Exploits0References1
securityvulns
securityvulns•added 2014/06/04 12:0 a.m.•66 views

FreeBSD Security Advisory FreeBSD-SA-14:12.ktrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:12.ktrace Security Advisory The FreeBSD Project Topic: ktrace kernel memory disclosure Category: core Module: kern Announced: 2014-06-03 Credits: Jilles...

2.1CVSS6.3AI score0.00061EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/04 12:0 a.m.•31 views

FreeBSD ktrace information leakage

It's possible to obtain kernel memory content...

2.1CVSS2.2AI score0.00061EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/06/04 12:0 a.m.•35 views

[oss-security] FreeBSD Security Advisory FreeBSD-SA-14:13.pam

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:13.pam Security Advisory The FreeBSD Project Topic: Incorrect error handling in PAM policy parser Category: contrib Module: pam Announced: 2014-06-03 Credits...

9.7AI score0.01485EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/04 12:0 a.m.•33 views

sendmail file descriptor leakage

File descriptors are not closed on external applications call...

1.9CVSS1.7AI score0.0008EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•95 views

[ MDVSA-2014:097 ] libvirt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:097 http://www.mandriva.com/en/support/security/ Package : libvirt Date : May 16, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in libvirt...

5.8CVSS8.2AI score0.0024EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•51 views

NEW VMSA-2014-0005 - VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2014-0005 Synopsis: VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation Issue date: 2014-05-29...

5.8CVSS6.5AI score0.00193EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•34 views

Wing FTP Rush insufficient certificate validation

SSL certificate is not validated...

1.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•19 views

JavaMail header injection

It's possible to inject header via setSubject...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•55 views

[oss-security] GnuTLS and libtasn1 security fixes

Hi! New GnuTLS and libtasn1 versions fix few issues you might be interested to look at: http://www.gnutls.org/security.htmlGNUTLS-SA-2014-3 https://bugzilla.redhat.com/showbug.cgi?id=CVE-2014-3465 https://bugzilla.redhat.com/showbug.cgi?id=CVE-2014-3466...

6.8CVSS0.4AI score0.13715EPSS
Exploits1
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•41 views

CVE-2014-3450 - Privilege Escalation in Panda Security

Vulnerability title: Privilege Escalation in Panda Security CVE: CVE-2014-3450 Vendor: Panda Product: Security Affected version: See below Fixed version: See below Reported by: Kyriakos Economou Details: All users of the following and possibly earlier versions of Panda security products for Windo...

7.2CVSS1.6AI score0.00043EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•29 views

VMWare privilege escalation

NULL pointer dereference in VMWare Tools for Windows...

5.8CVSS3.9AI score0.00193EPSS
Exploits0References1Affected Software4
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•72 views

FTP Rush: missing X.509 validation (FTP with TLS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-002 Product: FTP Rush Vendor: Wing FTP Software Affected Versions: v2.1.8 Tested Versions: v2.1.8 Windows 7 32 bit and Windows 8.1 64 bit Vulnerability Type: X.509 validation Risk Level: Medium Solution Status: Vendor...

5.8CVSS0.2AI score0.00229EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•48 views

libvirt XXE vulnerability

No description provided...

5.8CVSS2.2AI score0.0024EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•44 views

GnuTLS and libtasn1 multiple security vulnerabilities

Buffer overflows, integer overflows, NULL pointer dereference...

6.8CVSS3.1AI score0.13715EPSS
Exploits1References1Affected Software2
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•31 views

Panda products privilege escalation

No description provided...

7.2CVSS2.4AI score0.00043EPSS
Exploits0References1Affected Software3
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•58 views

[security bulletin] HPSBGN03007 rev.1 - HP IceWall MCRP and HP IceWall SSO, Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04278900 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04278900 Version: 1 HPSBGN03007 rev....

5CVSS0.3AI score0.01563EPSS
Exploits0
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•1563 views

JavaMail SMTP Header Injection via method setSubject [CSNC-2014-001]

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: JavaMail Vendor: Oracle CSNC ID: CSNC-2014-001 CVD ID: none Subject: SMTP Header Injection via method setSubject Risk: Medium Effect: Remotely exploitable Author: Alexandre Herzog [email protected] Date:...

7.2AI score
Exploits0
securityvulns
securityvulns•added 2014/06/02 12:0 a.m.•26 views

HP IceWall DoS

No description provided...

5CVSS0.9AI score0.01563EPSS
Exploits0References1Affected Software2
Total number of security vulnerabilities47153