Securityvulns - Page 8 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2015/08/24 12:0 a.m.•30 views

vBulletin x.x.x rce "0day"

Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a...

securityvulns•added 2015/08/24 12:0 a.m.•30 views

Hawkeye-G XSS

Crossite scripting in web interface...

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•27 views

Fortiguard FortiSandbox XSS

Crossite scripting in web interface...

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•64 views

[USN-2704-1] Swift vulnerabilities

========================================================================== Ubuntu Security Notice USN-2704-1 August 06, 2015 swift vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.5CVSS0.5AI score0.00858EPSS

securityvulns•added 2015/08/24 12:0 a.m.•101 views

ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities EMC Identifier: ESA-2015-081 CVE Identifier: CVE-2015-0533, CVE-2015-0534, CVE-2015-0535, CVE-2015-0536, CVE-2015-0537 Severity...

7.5CVSS1AI score0.91945EPSS

securityvulns•added 2015/08/24 12:0 a.m.•59 views

[SECURITY] [DSA 3335-1] request-tracker4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3335-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 13, 2015 https://www.debian.org/security/faq...

4.3CVSS2.4AI score0.00442EPSS

securityvulns•added 2015/08/24 12:0 a.m.•125 views

Microsoft Windows multiple security vulnerabilities

OpenType fonts parsing code execution, multiple Internet Explorer and Edge vulnerabilities, code execution and information disclosure in system libraries, code execution via RDP and AMB, privilege escalation, information disclosure via WebDAV...

9.3CVSS6AI score0.91754EPSS

Exploits36References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•203 views

Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne

English: Multiple vulnerabilities in Basware Banking/Maksuliikenne software that were reported already 08/2012 may still enable undetectable economic crimes against user organizations companies Finnish: Basware Banking/Maksuliikenne -ohjelmiston haavoittuvuudet, joista raportoitiin jo 08/2012,...

5.8CVSS0.9AI score0.00134EPSS

securityvulns•added 2015/08/24 12:0 a.m.•198 views

3KITS CMS - SQL Injection Vulnerability

========================================================= + Title :- 3KITS CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.3kits.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google Dorks...

securityvulns•added 2015/08/24 12:0 a.m.•144 views

SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-033 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Missing Function Leve...

securityvulns•added 2015/08/24 12:0 a.m.•42 views

Glorylogic PDF Shaper buffer overflow

Buffer overflow on PDF parsing...

Exploits0References2Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•76 views

WebSolutions India Design CMS - SQL Injection Vulnerability

Document Title: =============== WebSolutions India Design CMS - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1577 Release Date: ============= 2015-08-20 Vulnerability Laboratory ID VL-ID: ===================================...

securityvulns•added 2015/08/24 12:0 a.m.•40 views

Trend Micro Deep Discovery Authentication Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DDI-0818.txt Vendor: ================================ www.trendmicro.com Product: =================================== Trend Micro Deep Discovery 3.7.1096...

5.5CVSS0.1AI score0.02538EPSS

securityvulns•added 2015/08/24 12:0 a.m.•36 views

[SECURITY] [DSA 3334-1] gnutls28 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3334-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 12, 2015 https://www.debian.org/security/faq...

securityvulns•added 2015/08/24 12:0 a.m.•137 views

[SYSS-2015-041] XSS in OpenText Secure MFT

Advisory ID: SYSS-2015-041 Product: Secure MFT Vendor: OpenText Affected Versions: 2013 R1, 2014 R1, 2014 R2 Tested Versions: 2014 R2 SP4 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2015-08-05 Solution Date: 2015-08-14 Public...

securityvulns•added 2015/08/24 12:0 a.m.•23 views

Linksys WAG120N crossite scripting

Crossite scripting in web interface...

Exploits0References1

securityvulns•added 2015/08/24 12:0 a.m.•39 views

Apache Subversion security vulnerabilities

Authentication bypass, unauthorized files access...

5CVSS4.7AI score0.17005EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•37 views

OpenStack Swift security vulnerabilities

Few restriction bypass vulnerabilities...

5.5CVSS3.1AI score0.00858EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•39 views

EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532)

Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...

9CVSS1.1AI score0.02152EPSS

securityvulns•added 2015/08/24 12:0 a.m.•41 views

OpenStack Keystone restrictions bypass

Certificates validation bypass...

4.3CVSS3AI score0.00643EPSS

Exploits0References1

securityvulns•added 2015/08/24 12:0 a.m.•97 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.48368EPSS

Exploits14References34Affected Software13

securityvulns•added 2015/08/24 12:0 a.m.•61 views

[SECURITY] [DSA 3337-1] gdk-pixbuf security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3337-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 18, 2015 https://www.debian.org/security/faq -...

6.8CVSS1.6AI score0.03692EPSS

securityvulns•added 2015/08/24 12:0 a.m.•51 views

[oCERT-2015-009] VLC arbitrary pointer dereference

2015-009 VLC arbitrary pointer dereference Description: The VLC media player is an open source media player and streaming media server. The stable VLC version suffers from an arbitrary pointer dereference vulnerability. The vulnerability affects the 3GP file format parser, insufficient restrictio...

6.8CVSS1.4AI score0.07445EPSS

securityvulns•added 2015/08/24 12:0 a.m.•38 views

Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation

Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation Vendor Website : http://www.sonicwall.com INDEX --------------------------------------- 1. CVE 2. Background 3. Description 4. Affected Products 5. Solution 6. Credit 7. Disclosure Timeline 1. CVE...

securityvulns•added 2015/08/24 12:0 a.m.•52 views

Dell Netvault Backup Remote Denial of Service

Product: Dell Netvault Backup Link: http://software.dell.com/products/netvault-backup/ Vendor: Dell Vulnerable Versions: 10.0.1.24 and probably prior Tested Version: Version 10.0.1.24 Advisory Publication: July 30, 2015 Vendor Notification: January 9, 2015 Public Disclosure: July 30, 2015...

5CVSS1AI score0.1625EPSS

securityvulns•added 2015/08/24 12:0 a.m.•35 views

conntrack DoS

Crash on different network packets...

5CVSS2.1AI score0.02789EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•49 views

[SYSS-2015-029] Insecure Direct Object Reference (CWE-932) in Page2Flip Premium App 2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-029 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Insecure Direct Objec...

securityvulns•added 2015/08/24 12:0 a.m.•35 views

Dell Netvault Backup DoS

Crash on network request parsing...

5CVSS2.9AI score0.1625EPSS

Exploits5References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•54 views

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

Document Title: =============== UBNT Bug Bounty 3 - Persistent Filename Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1467 Video: http://www.vulnerability-lab.com/getcontent.php?id=1468 Release Date: ============= 2015-08-11 Vulnerability...

securityvulns•added 2015/08/24 12:0 a.m.•100 views

EMC Secure Remote Services Virtual Edition multiple security vulnerabilities

Code execution, SQL injection, buffer overflow...

10CVSS4.2AI score0.8487EPSS

Exploits34References6Affected Software2

securityvulns•added 2015/08/24 12:0 a.m.•24 views

HP Operations Manager i code execution

No description provided...

10CVSS1.6AI score0.27276EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•22 views

McAfee Application Control multiple security vulnerabilities

Restrictions bypass, unsafe libraries usage, privilege escalation...

Exploits0References1Affected Software1

securityvulns•added 2015/08/24 12:0 a.m.•50 views

Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal

------------------------------------------------------------------------ Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal ------------------------------------------------------------------------ Han Sahin, November 2014...

9.3CVSS1.6AI score0.00827EPSS

securityvulns•added 2015/08/24 12:0 a.m.•47 views

CSRF and XSS vulnerabilities in D-Link DCS-2103

Hello 3APA3A! There are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities in D-Link DCS-2103 IP camera. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DCS-2103, Firmware 1.0.0. Version 1.20 and previous versions also...

securityvulns•added 2015/08/24 12:0 a.m.•30 views

Hawkeye-G v3.0.1 Persistent XSS & Information Leakage

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...

securityvulns•added 2015/08/24 12:0 a.m.•45 views

SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20150805-0 ======================================================================= title: Stack buffer overflow in handledebugnetwork product: Websense Triton Content Manager vulnerable version: 8.0.0...

4CVSS7.1AI score0.00739EPSS

securityvulns•added 2015/08/24 12:0 a.m.•31 views

Cumulus Linux's Switch Configuration Tools Backend privilege escalation

Privilege escalation via command injection...

7.2CVSS4.2AI score0.00057EPSS

Exploits1References1

securityvulns•added 2015/08/24 12:0 a.m.•77 views

Ferrari - PHP CGI Argument Injection (RCE) Vulnerability

Document Title: =============== Ferrari - PHP CGI Argument Injection RCE Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1562 Video: http://www.vulnerability-lab.com/getcontent.php?id=1561 Vulnerability Magazine:...

securityvulns•added 2015/08/24 12:0 a.m.•49 views

AN IT CMS - SQL Injection Vulnerability

========================================================== + Title :- WAN IT CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.wanitltd.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google...

securityvulns•added 2015/08/24 12:0 a.m.•77 views

WiFi Pineapple protection bypass

Predictable CSRF tokens...

7.5CVSS2.8AI score0.4762EPSS

Exploits8References1Affected Software2

securityvulns•added 2015/08/24 12:0 a.m.•89 views

[SECURITY] [DSA 3330-1] activemq security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3330-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 07, 2015 https://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.40735EPSS

securityvulns•added 2015/08/24 12:0 a.m.•51 views

phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILEMANAGER0729.txt Vendor: ================================ phpfm.sourceforge.net Product: ============================ phpFileManager version 0.9.8 Vulnerability Type:...

securityvulns•added 2015/08/24 12:0 a.m.•142 views

BFS-SA-2015-001: Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability

Blue Frost Security GmbH https://www.bluefrostsecurity.de/ researchatbluefrostsecurity.de BFS-SA-2015-001 12-August-2015 Vendor: Microsoft, http://www.microsoft.com Affected Products: Internet Explorer Affected Version: IE 8-11 Vulnerability: CTreeNode::GetCascadedLang Use-After-Free Vulnerabilit...

9.3CVSS5.8AI score0.25579EPSS

securityvulns•added 2015/08/24 12:0 a.m.•170 views

ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities EMC Identifier: ESA-2015-131 CVE Identifier: CVE-2015-4531, CVE-2015-4532, CVE-2015-4533, CVE-2015-4534, CVE-2015-4535, CVE-2015-4536 Severity Rating: CVSS v2 Base Score: See below f...

9CVSS1.2AI score0.03277EPSS

securityvulns•added 2015/08/24 12:0 a.m.•51 views

[USN-2705-1] Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-2705-1 August 06, 2015 python-keystoneclient, python-keystonemiddleware vulnerabilities ========================================================================== A security issue affects these...

4.3CVSS1.3AI score0.00643EPSS

securityvulns•added 2015/08/24 12:0 a.m.•51 views

[SECURITY] [DSA 3322-1] ruby-rack security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq...

5CVSS3.2AI score0.13251EPSS

securityvulns•added 2015/08/24 12:0 a.m.•45 views

gdk-pixbuf buffer overflow

Heap buffer overflow on BMP parsing...

6.8CVSS3.8AI score0.03692EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/08/23 12:0 a.m.•40 views

Logstash vulnerability CVE-2015-5619

Summary: Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjac...

4.3CVSS1.9AI score0.00306EPSS

securityvulns•added 2015/08/23 12:0 a.m.•38 views

[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04735247 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04735247 Version: 1 HPSBUX03369 SSRT102037 rev.1 - HP-UX execve2, Local Elevation...

4.4CVSS0.6AI score0.00052EPSS

securityvulns•added 2015/08/23 12:0 a.m.•23 views

HP-UX privilege escalation

Privilege escalation via execve...

Exploits0References1Affected Software1

Total number of security vulnerabilities47153