Securityvulns - Page 71 of Securityvulns Vulnerabilities List

securityvulns•added 2014/03/03 12:0 a.m.•49 views

[ MDVSA-2014:045 ] libtar

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:045 http://www.mandriva.com/en/support/security/ Package : libtar Date : February 20, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A directory traversal attack was reported...

5.8CVSS6.8AI score0.03277EPSS

securityvulns•added 2014/03/02 12:0 a.m.•46 views

Cisco Prime Infrastructure privilege escalation

Command execution on URL parsing...

9CVSS5.4AI score0.02106EPSS

Exploits1Affected Software1

securityvulns•added 2014/03/02 12:0 a.m.•43 views

Apache Subversion security vulnerabilities

moddontdothat protection bypass, DoS...

4.3CVSS3.7AI score0.11052EPSS

Exploits0References2Affected Software1

securityvulns•added 2014/03/02 12:0 a.m.•98 views

SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch

SEC Consult Vulnerability Lab Security Advisory 20140228-0 ======================================================================= title: Privilege escalation vulnerability product: MICROSENS Profi Line Modular Industrial Switch Web Manager MS652119PM vulnerable version: Firmware version 10.3.1...

0.6AI score

securityvulns•added 2014/03/02 12:0 a.m.•47 views

SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server

SEC Consult Vulnerability Lab Security Advisory 20140228-1 ======================================================================= title: Authentication bypass SSRF and local file disclosure product: Plex Media Server vulnerable version: =0.9.9.2.374-aa23a69 fixed version: =0.9.9.3 impact: Critic...

1.4AI score

securityvulns•added 2014/03/02 12:0 a.m.•133 views

[slackware-security] subversion (SSA:2014-058-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security subversion SSA:2014-058-01 New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

4.3CVSS8.4AI score0.11052EPSS

securityvulns•added 2014/03/02 12:0 a.m.•35 views

Plex Media Server security vulnerabilities

Authentication bypass, information leakage...

3.2AI score

Exploits0References1Affected Software1

securityvulns•added 2014/03/02 12:0 a.m.•24 views

MICROSENS Profi Line Modular switches authentication bypass

Authentication results are not checked by server...

3.8AI score

Exploits0References1

securityvulns•added 2014/02/28 12:0 a.m.•75 views

APPLE-SA-2014-02-21-1 iOS 6.1.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-1 iOS 6.1.6 iOS 6.1.6 is now available and addresses the following: Data Security Available for: iPhone 3GS, iPod touch 4th generation Impact: An attacker with a privileged network position may capture or modify data in sessions...

5.8CVSS0.2AI score0.05715EPSS

Exploits6

securityvulns•added 2014/02/28 12:0 a.m.•64 views

PostgreSQL multiple security vulnerabilities

DoS, privilege escalations, memory corruptions...

6.5CVSS2.6AI score0.06666EPSS

Exploits6References1Affected Software1

securityvulns•added 2014/02/28 12:0 a.m.•56 views

Apple QuickTime multiple security vulnerabilities

Buffer overflows, memory corruptions, integer overflows on different media formats parsing...

9.3CVSS5.4AI score0.04107EPSS

Exploits3References1Affected Software1

securityvulns•added 2014/02/28 12:0 a.m.•32 views

Barracuda Firewall multiple security vulnerabilities

Crossite scripting, protection bypass...

2AI score

Exploits0References4Affected Software1

securityvulns•added 2014/02/28 12:0 a.m.•110 views

[SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 6.0.33 to 6.0.37 Description: Previous fixes to path parameter handling 1 introduc...

4.3CVSS0.1AI score0.09895EPSS

securityvulns•added 2014/02/28 12:0 a.m.•108 views

[SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4590 Information disclosure via XXE when running untrusted web applications Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.0-RC5 - - Apache Tomcat 7.0.0 to 7.0.47 - - Apache Tomcat...

4.3CVSS0.6AI score0.09487EPSS

securityvulns•added 2014/02/28 12:0 a.m.•171 views

[SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4286 Incomplete fix for CVE-2005-2090 Information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 - - Apache Tomcat 7.0.0 to 7.0.42 - - Apache Tomcat 6.0.0 to 6.0.37...

5.8CVSS0.3AI score0.29784EPSS

Exploits4

securityvulns•added 2014/02/28 12:0 a.m.•67 views

Apple WebKit / Safari multiple security vulnerabilities

Multiple memory corruptions...

6.8CVSS1.9AI score0.02181EPSS

Exploits3References1Affected Software1

securityvulns•added 2014/02/28 12:0 a.m.•79 views

Apple Mac OS X multiple security vulnerabilities

Multiple vulnerabilities in Network and Graphics subsystems, SSL bypass, multiple libraries and applications vulnerabilities...

10CVSS1.9AI score0.73327EPSS

Exploits26References1Affected Software1

securityvulns•added 2014/02/28 12:0 a.m.•151 views

APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001 OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses the following: Apache Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain...

10CVSS0.5AI score0.73327EPSS

Exploits26

securityvulns•added 2014/02/28 12:0 a.m.•72 views

[USN-2121-1] GnuTLS vulnerability

========================================================================== Ubuntu Security Notice USN-2121-1 February 25, 2014 gnutls26 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.4AI score0.03388EPSS

securityvulns•added 2014/02/28 12:0 a.m.•117 views

[USN-2120-1] PostgreSQL vulnerabilities

========================================================================== Ubuntu Security Notice USN-2120-1 February 24, 2014 postgresql-8.4, postgresql-9.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubunt...

6.5CVSS0.9AI score0.06666EPSS

Exploits5

securityvulns•added 2014/02/28 12:0 a.m.•100 views

APPLE-SA-2014-02-21-3 Apple TV 6.0.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-3 Apple TV 6.0.2 Apple TV 6.0.2 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with a privileged network position may capture or modify data in sessions...

5.8CVSS0.1AI score0.05715EPSS

Exploits6

securityvulns•added 2014/02/28 12:0 a.m.•52 views

Apple products SSL validation vulnerability

Certificate validity is not checked due to software error...

5.8CVSS2.4AI score0.05715EPSS

Exploits6References3Affected Software3

securityvulns•added 2014/02/28 12:0 a.m.•55 views

APPLE-SA-2014-02-21-2 iOS 7.0.6

5.8CVSS0.2AI score0.05715EPSS

Exploits6

securityvulns•added 2014/02/28 12:0 a.m.•48 views

Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities

Document Title: =============== Barracuda Networks Firewall Bug Bounty 32 - Filter Bypass & Persistent Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1069 Barracuda Networks Security ID BNSEC: BNSEC-2069 Release Date: =============...

7.6AI score

securityvulns•added 2014/02/28 12:0 a.m.•99 views

Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability

Document Title: =============== Barracuda Bug Bounty 36 Firewall - Client Side Exception Handling Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1102 Barracuda Networks Security ID BNSEC: BNSEC-2398...

0.1AI score

securityvulns•added 2014/02/28 12:0 a.m.•108 views

APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2 Safari 6.1.2 and Safari 7.0.2 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1 Impac...

6.8CVSS0.5AI score0.02181EPSS

Exploits3

securityvulns•added 2014/02/28 12:0 a.m.•79 views

Barracuda Networks Bug Bounty #35 - Persistent Web Vulnerability

Document Title: =============== Barracuda Networks Bug Bounty 35 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1101 Barracuda Networks Security ID BNSEC: BNSEC-2361 Release Date: ============= 2014-02-21 Vulnerability...

7.8AI score

securityvulns•added 2014/02/28 12:0 a.m.•112 views

[SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4322 Incomplete fix for CVE-2012-3544 Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.0-RC5 - - Apache Tomcat 7.0.0 to 7.0.47 - - Apache Tomcat 6.0.0 to 6.0.37...

5CVSS0.11001EPSS

Exploits2

securityvulns•added 2014/02/28 12:0 a.m.•46 views

GnuTLS certificates validation vulnerability

Invalid validation of version 1 ceritficates...

5.8CVSS3.6AI score0.03388EPSS

securityvulns•added 2014/02/28 12:0 a.m.•51 views

Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability

Document Title: =============== Barracuda Networks Bug Bounty 31 Firewall - Persistent Access Policy Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1070 Barracuda Networks Security ID BNSEC: BNSEC-2068 Release Date: ============= 2014-02-2...

0.2AI score

securityvulns•added 2014/02/28 12:0 a.m.•95 views

APPLE-SA-2014-02-25-3 QuickTime 7.7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-3 QuickTime 7.7.5 QuickTime 7.7.5 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Playing a maliciously crafted movie file may lead to an unexpected application...

9.3CVSS0.9AI score0.04107EPSS

Exploits3

securityvulns•added 2014/02/28 12:0 a.m.•63 views

[USN-2122-1] FreeRADIUS vulnerabilities

========================================================================== Ubuntu Security Notice USN-2122-1 February 26, 2014 freeradius vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

7.5CVSS0.2AI score0.03912EPSS

securityvulns•added 2014/02/28 12:0 a.m.•40 views

FreeRADIUS security vulnerabilities

rlmunix protection bypass, rlmpap memory corruption...

7.5CVSS2.6AI score0.03912EPSS

securityvulns•added 2014/02/18 12:0 a.m.•38 views

Cisco Linksys unauthorized access

TCP/8083 web administration is accessible without authentication in some cases...

3.4AI score

Exploits0References1

securityvulns•added 2014/02/18 12:0 a.m.•25 views

flite symbolic links vulnerability

Symlink vulnerability on temporary file creation...

3.3CVSS2.1AI score0.00331EPSS

securityvulns•added 2014/02/18 12:0 a.m.•42 views

[ MDVSA-2014:032 ] flite

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:032 http://www.mandriva.com/en/support/security/ Package : flite Date : February 14, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in flit...

3.3CVSS6AI score0.00331EPSS

securityvulns•added 2014/02/18 12:0 a.m.•38 views

socat buffer overflow

Buffer overflow on command line arguments parsing...

1.9CVSS4.6AI score0.00404EPSS

securityvulns•added 2014/02/18 12:0 a.m.•97 views

[SECURITY] [DSA 2862-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2862-1 [email protected] http://www.debian.org/security/ Michael Gilbert February 16, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.2AI score0.02032EPSS

Exploits9

securityvulns•added 2014/02/18 12:0 a.m.•69 views

[ MDVSA-2014:033 ] socat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:033 http://www.mandriva.com/en/support/security/ Package : socat Date : February 14, 2014 Affected: Business Server 1.0 Problem Description: A vulnerability has been discovered and corrected in socat:...

1.9CVSS4.2AI score0.00404EPSS

securityvulns•added 2014/02/18 12:0 a.m.•63 views

[ MDVSA-2014:035 ] libpng

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:035 http://www.mandriva.com/en/support/security/ Package : libpng Date : February 17, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated libpng and libpng12 packages fix...

5CVSS6.9AI score0.04692EPSS

securityvulns•added 2014/02/18 12:0 a.m.•39 views

libpng DoS

NULL pointer dereferences...

5CVSS2.5AI score0.04692EPSS

Exploits1References1

securityvulns•added 2014/02/18 12:0 a.m.•75 views

[ MDVSA-2014:038 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:038 http://www.mandriva.com/en/support/security/ Package : kernel Date : February 17, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been found and corrected in the Linu...

6.9CVSS7.5AI score0.34649EPSS

Exploits17

securityvulns•added 2014/02/18 12:0 a.m.•52 views

Chromium / Google Chrome multiple security vulnerabilities

Multiple memory corruptions, use-after-free and information leaks...

7.5CVSS1.8AI score0.02032EPSS

Exploits9References1Affected Software1

securityvulns•added 2014/02/18 12:0 a.m.•88 views

Full Disclosure - Linksys EA2700, EA3500, E4200 and EA4500 - Authentication Bypass to Administrative Console

Vulnerable products : Linksys EA2700, EA3500, E4200, EA4500 Vulnerability: Due to an unknown bug, which occurs by every indication during the installation and/or upgrade process, port 8083 will often open, allowing for direct bypass of authentication to the "classic Linksys GUI" administrative...

0.5AI score

securityvulns•added 2014/02/18 12:0 a.m.•67 views

[SECURITY] [DSA 2861-1] file security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2861-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 16, 2014 http://www.debian.org/security/faq -...

5CVSS1.3AI score0.0507EPSS

securityvulns•added 2014/02/12 12:0 a.m.•31 views

Microsoft Forefront Protection for Exchange code execution

Code execution on message parsing...

10CVSS4.3AI score0.20895EPSS