Securityvulns - Page 8 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/08/24 12:0 a.m.•67 views

[SECURITY] [DSA 3340-1] zendframework security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3340-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini August 19, 2015 https://www.debian.org/security/faq -...

6.8CVSS2AI score0.09911EPSS

securityvulns•added 2015/08/24 12:0 a.m.•88 views

[USN-2720-1] Django vulnerability

========================================================================== Ubuntu Security Notice USN-2720-1 August 18, 2015 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

5CVSS0.1AI score0.05163EPSS

securityvulns•added 2015/08/24 12:0 a.m.•105 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.10986EPSS

Exploits14References34Affected Software13

securityvulns•added 2015/08/24 12:0 a.m.•57 views

[oCERT-2015-009] VLC arbitrary pointer dereference

2015-009 VLC arbitrary pointer dereference Description: The VLC media player is an open source media player and streaming media server. The stable VLC version suffers from an arbitrary pointer dereference vulnerability. The vulnerability affects the 3GP file format parser, insufficient restrictio...

6.8CVSS1.4AI score0.13337EPSS

securityvulns•added 2015/08/24 12:0 a.m.•55 views

AN IT CMS - SQL Injection Vulnerability

========================================================== + Title :- WAN IT CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.wanitltd.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google...

securityvulns•added 2015/08/24 12:0 a.m.•67 views

Insufficient certificate validation in EMC Secure Remote Services Virtual Edition

------------------------------------------------------------------------ Insufficient certificate validation in EMC Secure Remote Services Virtual Edition ------------------------------------------------------------------------ Han Sahin, November 2014...

5.8CVSS1.9AI score0.00672EPSS

securityvulns•added 2015/08/24 12:0 a.m.•57 views

[SECURITY] [DSA 3332-1] wordpress security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3332-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst August 11, 2015 https://www.debian.org/security/faq -...

7.5CVSS1.1AI score0.10986EPSS

securityvulns•added 2015/08/24 12:0 a.m.•78 views

WiFi Pineapple protection bypass

Predictable CSRF tokens...

7.5CVSS2.8AI score0.36954EPSS

Exploits8References1Affected Software2

securityvulns•added 2015/08/24 12:0 a.m.•46 views

Apache ActiveMQ DoS

Undocumented shutdown command...

5CVSS2.8AI score0.12794EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•28 views

HP Central View applications information leakage

No description provided...

9CVSS0.9AI score0.0205EPSS

Exploits0References1Affected Software6

securityvulns•added 2015/08/24 12:0 a.m.•40 views

PHPfileNavigator v2.3.3 CSRF Add Arbitrary Users

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILENAVIGATOR0812a.txt Vendor: ================================ pfn.sourceforge.net Product: =================================== PHPfileNavigator v2.3.3 pfn Is...

securityvulns•added 2015/08/24 12:0 a.m.•25 views

HP Operations Manager i code execution

No description provided...

10CVSS1.6AI score0.09592EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•44 views

OpenStack Swift security vulnerabilities

Few restriction bypass vulnerabilities...

5.5CVSS3.1AI score0.03949EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•49 views

ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability EMC Identifier: ESA-2015-130 CVE Identifier: CVE-2015-4530 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected products: • EMC...

6.8CVSS0.7AI score0.00984EPSS

securityvulns•added 2015/08/24 12:0 a.m.•83 views

[USN-2711-1] Net-SNMP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2711-1 August 17, 2015 net-snmp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.5CVSS0.7AI score0.40002EPSS

securityvulns•added 2015/08/24 12:0 a.m.•52 views

Net-SNMP memory corruption

Memory corruption on server response parsing...

7.5CVSS3AI score0.40002EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•41 views

EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532)

Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...

9CVSS1.1AI score0.03127EPSS

securityvulns•added 2015/08/24 12:0 a.m.•103 views

EMC Secure Remote Services Virtual Edition multiple security vulnerabilities

Code execution, SQL injection, buffer overflow...

10CVSS4.2AI score0.94859EPSS

Exploits34References6Affected Software2

securityvulns•added 2015/08/24 12:0 a.m.•44 views

Thomson Reuters FATCA - Arbitrary File Upload

Title: Thomson Reuters FATCA - Arbitrary File Upload Author: Jakub Paaczyski Date: 10. June 2015 CVE: CVE-2015-5951 Affected software: ================== All versions of Thomson Reuters FATCA below v5.2 Exploit was tested on: ====================== Thomson Reuters FATCA v5.1.0.30 Description:...

0.9AI score0.02734EPSS

securityvulns•added 2015/08/24 12:0 a.m.•39 views

bizidea Design CMS 2015Q3 - SQL Injection Vulnerability

Document Title: =============== bizidea Design CMS 2015Q3 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1571 Release Date: ============= 2015-08-12 Vulnerability Laboratory ID VL-ID: ==================================== 15...

securityvulns•added 2015/08/24 12:0 a.m.•146 views

[SYSS-2015-032] Broken Authentication and Session Management (CWE-930) in Page2Flip Premium App 2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-032 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Broken Authentication...

securityvulns•added 2015/08/24 12:0 a.m.•24 views

McAfee Application Control multiple security vulnerabilities

Restrictions bypass, unsafe libraries usage, privilege escalation...

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•27 views

Linksys WAG120N crossite scripting

Crossite scripting in web interface...

Exploits0References1

securityvulns•added 2015/08/24 12:0 a.m.•33 views

Cumulus Linux's Switch Configuration Tools Backend privilege escalation

Privilege escalation via command injection...

7.2CVSS4.2AI score0.00404EPSS

Exploits1References1

securityvulns•added 2015/08/24 12:0 a.m.•43 views

Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation

Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation Vendor Website : http://www.sonicwall.com INDEX --------------------------------------- 1. CVE 2. Background 3. Description 4. Affected Products 5. Solution 6. Credit 7. Disclosure Timeline 1. CVE...

securityvulns•added 2015/08/24 12:0 a.m.•49 views

Vulnerability in VirtueMart for Joomla

Hello 3APA3A! This is Brute Force vulnerability in VirtueMart for Joomla. Which is at order details page. ------------------------- Affected products: ------------------------- Vulnerable are VirtueMart 3.0.9 for Joomla and previous versions. ---------- Details: ---------- Brute Force WASC-11:...

securityvulns•added 2015/08/24 12:0 a.m.•38 views

SAP Afaria 7 multiple security vulnerabilities

Buffer overflow, information leakage, DoS...

7.5CVSS3.4AI score0.03187EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•59 views

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

Document Title: =============== UBNT Bug Bounty 3 - Persistent Filename Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1467 Video: http://www.vulnerability-lab.com/getcontent.php?id=1468 Release Date: ============= 2015-08-11 Vulnerability...

securityvulns•added 2015/08/24 12:0 a.m.•42 views

OpenStack Keystone restrictions bypass

Certificates validation bypass...

4.3CVSS3AI score0.02586EPSS

Exploits0References1

securityvulns•added 2015/08/24 12:0 a.m.•34 views

Hawkeye-G v3.0.1 Persistent XSS & Information Leakage

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...

securityvulns•added 2015/08/24 12:0 a.m.•57 views

Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal

------------------------------------------------------------------------ Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal ------------------------------------------------------------------------ Han Sahin, November 2014...

9.3CVSS1.6AI score0.02518EPSS

securityvulns•added 2015/08/24 12:0 a.m.•151 views

[SYSS-2015-027] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-027 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Cross-Site Scripting...

securityvulns•added 2015/08/24 12:0 a.m.•181 views

ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities EMC Identifier: ESA-2015-131 CVE Identifier: CVE-2015-4531, CVE-2015-4532, CVE-2015-4533, CVE-2015-4534, CVE-2015-4535, CVE-2015-4536 Severity Rating: CVSS v2 Base Score: See below f...

9CVSS1.2AI score0.03926EPSS

securityvulns•added 2015/08/24 12:0 a.m.•63 views

[SECURITY] [DSA 3335-1] request-tracker4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3335-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 13, 2015 https://www.debian.org/security/faq...

4.3CVSS2.4AI score0.02075EPSS

securityvulns•added 2015/08/24 12:0 a.m.•119 views

ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities EMC Identifier: ESA-2015-081 CVE Identifier: CVE-2015-0533, CVE-2015-0534, CVE-2015-0535, CVE-2015-0536, CVE-2015-0537 Severity...

7.5CVSS1AI score0.98685EPSS

securityvulns•added 2015/08/24 12:0 a.m.•98 views

[SECURITY] [DSA 3330-1] activemq security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3330-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 07, 2015 https://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.12794EPSS

securityvulns•added 2015/08/24 12:0 a.m.•45 views

Apache Subversion security vulnerabilities

Authentication bypass, unauthorized files access...

5CVSS4.7AI score0.10607EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•210 views

3KITS CMS - SQL Injection Vulnerability

========================================================= + Title :- 3KITS CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.3kits.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google Dorks...

securityvulns•added 2015/08/24 12:0 a.m.•106 views

sysadmin privilege in EMC Documentum Content Server

Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed In 2011 Yuri Simone discovered a security flaw in EMC Documentum Content Server, which allows users with sysadmin privileges to elevate their privileges to superuser see CVE-2011-4144. On...

9CVSS6.4AI score0.02557EPSS

securityvulns•added 2015/08/24 12:0 a.m.•110 views

[USN-2721-1] Subversion vulnerabilities

========================================================================== Ubuntu Security Notice USN-2721-1 August 20, 2015 subversion vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

7.8CVSS1.2AI score0.12841EPSS

securityvulns•added 2015/08/24 12:0 a.m.•29 views

Fortiguard FortiSandbox XSS

Crossite scripting in web interface...

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•43 views

[security bulletin] HPSBGN03393 rev.1 - HP Operations Manager i, Remote Code Execution

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04762687 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04762687 Version: 1 HPSBGN03393 rev.1 - HP Operations Manager i, Remote Code...

10CVSS0.7AI score0.09592EPSS

securityvulns•added 2015/08/24 12:0 a.m.•38 views

PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability

Document Title: =============== PDF Shaper v3.5 - MSF Remote Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1579 Video: https://youtu.be/-HTEIisSiH8 Release Date: ============= 2015-08-16 Vulnerability Laboratory ID VL-ID:...

securityvulns•added 2015/08/24 12:0 a.m.•372 views

Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)

Document Title: =============== Microsoft HTA HTML Application - Remote Code Execution Vulnerability MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M...

9.3CVSS0.7AI score0.94996EPSS

securityvulns•added 2015/08/24 12:0 a.m.•53 views

CSRF and XSS vulnerabilities in D-Link DCS-2103

Hello 3APA3A! There are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities in D-Link DCS-2103 IP camera. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DCS-2103, Firmware 1.0.0. Version 1.20 and previous versions also...

securityvulns•added 2015/08/24 12:0 a.m.•64 views

[SECURITY] [DSA 3337-1] gdk-pixbuf security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3337-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 18, 2015 https://www.debian.org/security/faq -...

6.8CVSS1.6AI score0.084EPSS

securityvulns•added 2015/08/24 12:0 a.m.•46 views

gdk-pixbuf buffer overflow

Heap buffer overflow on BMP parsing...

6.8CVSS3.8AI score0.084EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/23 12:0 a.m.•25 views

HP-UX privilege escalation

Privilege escalation via execve...

Exploits0References1Affected Software1

securityvulns•added 2015/08/23 12:0 a.m.•61 views

Apple QuickTime multiple security vulnerabilities

Multiple memory corruptions...

7.5CVSS2.1AI score0.0364EPSS

Exploits0References1

securityvulns•added 2015/08/23 12:0 a.m.•35 views

Elastic Logstash insufficient certificate check

man-in-the-middle attack is possible...

4.3CVSS2.4AI score0.01219EPSS

Exploits0References1Affected Software1

Total number of security vulnerabilities47153