Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulns•added 2014/03/03 12:0 a.m.•66 views

[ MDVSA-2014:041 ] python

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:041 http://www.mandriva.com/en/support/security/ Package : python Date : February 19, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability was reported in Pythons...

7.5CVSS8.3AI score0.33997EPSS
Exploits7
securityvulns
securityvulns•added 2014/03/03 12:0 a.m.•63 views

[RT-SA-2014-001] McAfee ePolicy Orchestrator: XML External Entity Expansion in Dashboard

Advisory: McAfee ePolicy Orchestrator XML External Entity Expansion in Dashboard RedTeam Pentesting identified an XML external entity expansion vulnerability in McAfee ePolicy Orchestrator's ePO dashboard feature. Users with the ability to create new dashboards in the ePO web interface who exploi...

6.2AI score
Exploits0
securityvulns
securityvulns•added 2014/03/03 12:0 a.m.•55 views

[security bulletin] HPSBMU02971 rev.1 - HP Application Information Optimizer, Remote Execution of Code, Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04140965 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04140965 Version: 1 HPSBMU02971 rev....

7.5CVSS0.7AI score0.05798EPSS
Exploits2
securityvulns
securityvulns•added 2014/03/03 12:0 a.m.•28 views

HP StoreVirtual code execution

No description provided...

10CVSS1.1AI score0.28401EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/03/03 12:0 a.m.•55 views

[security bulletin] HPSBST02937 rev.1 - HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03995204 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03995204 Version: 1 HPSBST02937 rev....

10CVSS0.8AI score0.28401EPSS
Exploits1
securityvulns
securityvulns•added 2014/03/02 12:0 a.m.•46 views

SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server

SEC Consult Vulnerability Lab Security Advisory 20140228-1 ======================================================================= title: Authentication bypass SSRF and local file disclosure product: Plex Media Server vulnerable version: =0.9.9.2.374-aa23a69 fixed version: =0.9.9.3 impact: Critic...

1.4AI score
Exploits0
securityvulns
securityvulns•added 2014/03/02 12:0 a.m.•95 views

SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch

SEC Consult Vulnerability Lab Security Advisory 20140228-0 ======================================================================= title: Privilege escalation vulnerability product: MICROSENS Profi Line Modular Industrial Switch Web Manager MS652119PM vulnerable version: Firmware version 10.3.1...

0.6AI score
Exploits0
securityvulns
securityvulns•added 2014/03/02 12:0 a.m.•131 views

[slackware-security] subversion (SSA:2014-058-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security subversion SSA:2014-058-01 New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

4.3CVSS8.4AI score0.27105EPSS
Exploits0
securityvulns
securityvulns•added 2014/03/02 12:0 a.m.•22 views

MICROSENS Profi Line Modular switches authentication bypass

Authentication results are not checked by server...

3.8AI score
Exploits0References1
securityvulns
securityvulns•added 2014/03/02 12:0 a.m.•42 views

Apache Subversion security vulnerabilities

moddontdothat protection bypass, DoS...

4.3CVSS3.7AI score0.27105EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns•added 2014/03/02 12:0 a.m.•41 views

Cisco Prime Infrastructure privilege escalation

Command execution on URL parsing...

9CVSS5.4AI score0.00544EPSS
Exploits1Affected Software1
securityvulns
securityvulns•added 2014/03/02 12:0 a.m.•33 views

Plex Media Server security vulnerabilities

Authentication bypass, information leakage...

3.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•107 views

[SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4590 Information disclosure via XXE when running untrusted web applications Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.0-RC5 - - Apache Tomcat 7.0.0 to 7.0.47 - - Apache Tomcat...

4.3CVSS0.6AI score0.00922EPSS
Exploits1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•107 views

APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2 Safari 6.1.2 and Safari 7.0.2 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1 Impac...

6.8CVSS0.5AI score0.01163EPSS
Exploits3
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•110 views

[SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4322 Incomplete fix for CVE-2012-3544 Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.0-RC5 - - Apache Tomcat 7.0.0 to 7.0.47 - - Apache Tomcat 6.0.0 to 6.0.37...

5CVSS0.44772EPSS
Exploits2
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•61 views

[USN-2122-1] FreeRADIUS vulnerabilities

========================================================================== Ubuntu Security Notice USN-2122-1 February 26, 2014 freeradius vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

7.5CVSS0.2AI score0.00881EPSS
Exploits1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•109 views

[SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 6.0.33 to 6.0.37 Description: Previous fixes to path parameter handling 1 introduc...

4.3CVSS0.1AI score0.16231EPSS
Exploits1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•32 views

Barracuda Firewall multiple security vulnerabilities

Crossite scripting, protection bypass...

2AI score
Exploits0References4Affected Software1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•64 views

PostgreSQL multiple security vulnerabilities

DoS, privilege escalations, memory corruptions...

6.5CVSS2.6AI score0.06674EPSS
Exploits7References1Affected Software1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•46 views

GnuTLS certificates validation vulnerability

Invalid validation of version 1 ceritficates...

5.8CVSS3.6AI score0.0023EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•78 views

Apple Mac OS X multiple security vulnerabilities

Multiple vulnerabilities in Network and Graphics subsystems, SSL bypass, multiple libraries and applications vulnerabilities...

10CVSS1.9AI score0.52396EPSS
Exploits30References1Affected Software1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•168 views

[SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4286 Incomplete fix for CVE-2005-2090 Information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 - - Apache Tomcat 7.0.0 to 7.0.42 - - Apache Tomcat 6.0.0 to 6.0.37...

5.8CVSS0.3AI score0.71377EPSS
Exploits4
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•46 views

Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities

Document Title: =============== Barracuda Networks Firewall Bug Bounty 32 - Filter Bypass & Persistent Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1069 Barracuda Networks Security ID BNSEC: BNSEC-2069 Release Date: =============...

7.6AI score
Exploits0
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•110 views

[USN-2120-1] PostgreSQL vulnerabilities

========================================================================== Ubuntu Security Notice USN-2120-1 February 24, 2014 postgresql-8.4, postgresql-9.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubunt...

6.5CVSS0.9AI score0.06674EPSS
Exploits6
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•68 views

[USN-2121-1] GnuTLS vulnerability

========================================================================== Ubuntu Security Notice USN-2121-1 February 25, 2014 gnutls26 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.4AI score0.0023EPSS
Exploits1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•67 views

Apple WebKit / Safari multiple security vulnerabilities

Multiple memory corruptions...

6.8CVSS1.9AI score0.01163EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•52 views

Apple products SSL validation vulnerability

Certificate validity is not checked due to software error...

5.8CVSS2.4AI score0.19827EPSS
Exploits6References3Affected Software3
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•55 views

APPLE-SA-2014-02-21-2 iOS 7.0.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-1 iOS 6.1.6 iOS 6.1.6 is now available and addresses the following: Data Security Available for: iPhone 3GS, iPod touch 4th generation Impact: An attacker with a privileged network position may capture or modify data in sessions...

5.8CVSS0.2AI score0.19827EPSS
Exploits6
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•72 views

APPLE-SA-2014-02-21-1 iOS 6.1.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-1 iOS 6.1.6 iOS 6.1.6 is now available and addresses the following: Data Security Available for: iPhone 3GS, iPod touch 4th generation Impact: An attacker with a privileged network position may capture or modify data in sessions...

5.8CVSS0.2AI score0.19827EPSS
Exploits6
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•96 views

APPLE-SA-2014-02-21-3 Apple TV 6.0.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-3 Apple TV 6.0.2 Apple TV 6.0.2 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with a privileged network position may capture or modify data in sessions...

5.8CVSS0.1AI score0.19827EPSS
Exploits6
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•128 views

APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001 OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses the following: Apache Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain...

10CVSS0.5AI score0.52396EPSS
Exploits30
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•77 views

Barracuda Networks Bug Bounty #35 - Persistent Web Vulnerability

Document Title: =============== Barracuda Networks Bug Bounty 35 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1101 Barracuda Networks Security ID BNSEC: BNSEC-2361 Release Date: ============= 2014-02-21 Vulnerability...

7.8AI score
Exploits0
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•55 views

Apple QuickTime multiple security vulnerabilities

Buffer overflows, memory corruptions, integer overflows on different media formats parsing...

9.3CVSS5.4AI score0.06825EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•78 views

APPLE-SA-2014-02-25-3 QuickTime 7.7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-3 QuickTime 7.7.5 QuickTime 7.7.5 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Playing a maliciously crafted movie file may lead to an unexpected application...

9.3CVSS0.9AI score0.06825EPSS
Exploits3
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•98 views

Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability

Document Title: =============== Barracuda Bug Bounty 36 Firewall - Client Side Exception Handling Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1102 Barracuda Networks Security ID BNSEC: BNSEC-2398...

0.1AI score
Exploits0
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•49 views

Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability

Document Title: =============== Barracuda Networks Bug Bounty 31 Firewall - Persistent Access Policy Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1070 Barracuda Networks Security ID BNSEC: BNSEC-2068 Release Date: ============= 2014-02-2...

0.2AI score
Exploits0
securityvulns
securityvulns•added 2014/02/28 12:0 a.m.•40 views

FreeRADIUS security vulnerabilities

rlmunix protection bypass, rlmpap memory corruption...

7.5CVSS2.6AI score0.00881EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•61 views

[ MDVSA-2014:035 ] libpng

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:035 http://www.mandriva.com/en/support/security/ Package : libpng Date : February 17, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated libpng and libpng12 packages fix...

5CVSS6.9AI score0.03546EPSS
Exploits1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•73 views

[ MDVSA-2014:038 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:038 http://www.mandriva.com/en/support/security/ Package : kernel Date : February 17, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been found and corrected in the Linu...

6.9CVSS7.5AI score0.51521EPSS
Exploits17
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•66 views

[SECURITY] [DSA 2861-1] file security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2861-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 16, 2014 http://www.debian.org/security/faq -...

5CVSS1.3AI score0.24895EPSS
Exploits0
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•37 views

Cisco Linksys unauthorized access

TCP/8083 web administration is accessible without authentication in some cases...

3.4AI score
Exploits0References1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•36 views

socat buffer overflow

Buffer overflow on command line arguments parsing...

1.9CVSS4.6AI score0.00086EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•86 views

Full Disclosure - Linksys EA2700, EA3500, E4200 and EA4500 - Authentication Bypass to Administrative Console

Vulnerable products : Linksys EA2700, EA3500, E4200, EA4500 Vulnerability: Due to an unknown bug, which occurs by every indication during the installation and/or upgrade process, port 8083 will often open, allowing for direct bypass of authentication to the "classic Linksys GUI" administrative...

0.5AI score
Exploits0
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•52 views

Chromium / Google Chrome multiple security vulnerabilities

Multiple memory corruptions, use-after-free and information leaks...

7.5CVSS1.8AI score0.02383EPSS
Exploits9References1Affected Software1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•68 views

[ MDVSA-2014:033 ] socat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:033 http://www.mandriva.com/en/support/security/ Package : socat Date : February 14, 2014 Affected: Business Server 1.0 Problem Description: A vulnerability has been discovered and corrected in socat:...

1.9CVSS4.2AI score0.00086EPSS
Exploits1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•39 views

[ MDVSA-2014:032 ] flite

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:032 http://www.mandriva.com/en/support/security/ Package : flite Date : February 14, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in flit...

3.3CVSS6AI score0.00058EPSS
Exploits1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•24 views

flite symbolic links vulnerability

Symlink vulnerability on temporary file creation...

3.3CVSS2.1AI score0.00058EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•96 views

[SECURITY] [DSA 2862-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2862-1 [email protected] http://www.debian.org/security/ Michael Gilbert February 16, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.2AI score0.02383EPSS
Exploits9
securityvulns
securityvulns•added 2014/02/18 12:0 a.m.•39 views

libpng DoS

NULL pointer dereferences...

5CVSS2.5AI score0.03546EPSS
Exploits1References1
securityvulns
securityvulns•added 2014/02/12 12:0 a.m.•31 views

Microsoft Forefront Protection for Exchange code execution

Code execution on message parsing...

10CVSS4.3AI score0.27212EPSS
Exploits1
Total number of security vulnerabilities47153