Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.37 views

Open-Xchange Security Advisory 2013-11-06

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 29147 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: prior to 7.4.0 Vulnerable component: backend Fixed version: 7.2.2-rev25, 7.4.0-rev14 Report...

4.3CVSS6.5AI score0.00475EPSS
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.52 views

ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability.

ESA-2013-070.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. EMC Identifier: ESA-2013-070 CVE Identifier: CVE-2013-3281 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected products: • EMC Documentum Webtop...

4.3CVSS0.2AI score0.00589EPSS
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.33 views

Light Display Manager protection bypass

AppArmor policy is not applied correctly...

3.3CVSS2AI score0.0006EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.839 views

Dahua DVR Authentication Bypass - CVE-2013-6117

Dahua DVR Authentication Bypass - CVE-2013-6117 --Summary-- Dahua web-enabled DVRs and rebranded versions do not enforce authentication on their administrative services. Zhejiang Dahua Technology Co., Ltd. http://www.dahuasecurity.com --Affects-- Dahua web-enabled DVRs Dahua-rebranded web-enabled...

10CVSS7.6AI score0.8998EPSS
Exploits6
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.65 views

Superuser "su --daemon" vulnerability on Android >= 4.3

Current releases of the CyanogenMod/ClockWorkMod/Koush Superuser package may allow restricted local users to execute arbitrary commands as root in certain, non-default device configurations. Android 4.3 introduced the concept of "restricted profiles," created through the Settings - Users menu. A...

7.6CVSS0.8AI score0.00175EPSS
Exploits3
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.45 views

[USN-2025-1] Libav vulnerabilities

========================================================================== Ubuntu Security Notice USN-2025-1 November 11, 2013 libav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

0.6AI score
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.24 views

Apple iOS authentication bypass

It's possible to complete AppStore transaction without entering password...

4.7CVSS2.6AI score0.00048EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.42 views

Vivotek IP cameras authentication bypass

RTSP access authentication bypass...

3.3AI score0.08757EPSS
Exploits6References1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.25 views

Cisco WAAS directory traversal

Directory traversal on file upload...

7.5CVSS2.7AI score0.00239EPSS
Exploits0Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.51 views

Superuser unsanitized environment vulnerability on Android <= 4.2.x

Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...

10CVSS2.2AI score0.00371EPSS
Exploits4
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.59 views

lighttpd multiple security vulnerabilities

Protection bypass, privilege escalation, memory corruption...

7.6CVSS2.3AI score0.09523EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.33 views

Libvirt code privilege escalation

virConnectDomainXMLToNative invalid privileges check...

8.5CVSS3AI score0.01463EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.32 views

EMC Documentum crossite scripting

Crossite scripting in different modules...

4.3CVSS1.9AI score0.00589EPSS
Exploits0References2Affected Software2
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.79 views

[USN-2027-1] SPICE vulnerability

========================================================================== Ubuntu Security Notice USN-2027-1 November 12, 2013 spice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS0.6AI score0.01116EPSS
Exploits2
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.54 views

[SECURITY] [DSA 2792-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2792-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 04, 2013 http://www.debian.org/security/faq -...

4.3CVSS1.7AI score0.00883EPSS
Exploits1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.316 views

CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass

Core Security - Corelabs Advisory http://corelabs.coresecurity.com Vivotek IP Cameras RTSP Authentication Bypass 1. Advisory Information Title: Vivotek IP Cameras RTSP Authentication Bypass Advisory ID: CORE-2013-0704 Advisory URL:...

0.3AI score0.08757EPSS
Exploits6
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.51 views

ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities.

ESA-2013-073.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. EMC Identifier: ESA-2013-073 CVE Identifier: CVE-2013-3286 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected product: • EMC...

4.3CVSS0.2AI score0.00318EPSS
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.50 views

[USN-2013-1] MAAS vulnerabilities

========================================================================== Ubuntu Security Notice USN-2013-1 November 07, 2013 maas vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.4AI score0.00666EPSS
Exploits1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.1379 views

XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3

Vulnerability Type: XSS Cross-Site Scripting - Original release date: November 11th, 2013 - Last revised: November 11th, 2013 - Discovered by: Andrea Bodei - A2SECURE - Severity: 4.3/10 CVSSv2 Base Scored Products and affected versions: JUNOS up to 11.4 probably 12.1 and 12.3 vulnerable...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.36 views

Android su applications privilege escalation

Unsafe environment variables and file descriptors usage...

10CVSS4.6AI score0.00371EPSS
Exploits9References3Affected Software2
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.43 views

Cisco IOS multiple security vulnerabilities

Multiple DoS conditions, information leakage...

7.8CVSS1.5AI score0.00427EPSS
Exploits0Affected Software2
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.87 views

Apple MacOSX 10.9 Hard Link Memory Corruption

Apple MacOSX 10.9 Hard Link Memory Corruption Date: 08.11.2013 http://cxsecurity.com/ http://cvemap.org/ URL: http://cxsecurity.com/issue/WLB-2013110059 - 0. Description --- In most UNIX-like systems a hard link to a directory is only reserved for the 'root' user when possible at all. In MacOSX...

4.9CVSS8.8AI score0.00319EPSS
Exploits16
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.46 views

[SECURITY] [DSA 2793-1] libav security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2793-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 09, 2013 http://www.debian.org/security/faq -...

9.3CVSS1.5AI score0.01154EPSS
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.43 views

[SECURITY] [DSA 2796-1] torque security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2796-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 13, 2013 http://www.debian.org/security/faq -...

10CVSS1.6AI score0.05416EPSS
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.39 views

Open-Xchange multiple security vulnerabilities

Multiple different vulnerabilities...

7.5CVSS1.8AI score0.00514EPSS
Exploits5References5Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.73 views

Apple Mac OS X and QuickTime multiple security vulnerabilities

Multiple vulnerabilities in kernel, networking components, printing services, AFP Server, AppKit, Apple Type Services, CFNetwork, CoreGraphics, CoreText, Directory Services, diskdevcmds, Disk Images, Image Capture, ImageIO, Image RAW, Password Server, QuickLook, QuickTime, Safari RSS, Time Machin...

9.3CVSS2.4AI score0.66867EPSS
Exploits40References7Affected Software2
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.88 views

wireshark multiple security vulnerabilities

Vulnerabilities in different protocols dissectors...

5CVSS2.9AI score0.00883EPSS
Exploits2References2Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.33 views

VMWare Workstation privilege escalation

Unsafe shared library loading...

7.2CVSS3AI score0.00046EPSS
Exploits0References1Affected Software2
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.114 views

[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03996804 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03996804 Version: 1 HPSBHF02939 rev....

6.8CVSS0.7AI score0.00623EPSS
Exploits0
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.75 views

[SECURITY] [DSA 2795-1] lighttpd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2795-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 13, 2013 http://www.debian.org/security/faq -...

7.6CVSS1.7AI score0.09523EPSS
Exploits1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.40 views

HP Integrated Lights-Out security vulnerabilities

Crossite scripting, information leakage...

6.8CVSS0.7AI score0.00623EPSS
Exploits0References1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.33 views

torque authentication bypass

It's possible to queue code execution by connecting directly to pbsmom port. Shell characters vulnerability...

10CVSS4.6AI score0.05416EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.561 views

Dahua DVR authentication bypass

Some commands may be executed without authentication via TCP/37777 protocol...

10CVSS5.3AI score0.8998EPSS
Exploits6References1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.35 views

libav memory corruptions

Memory corruptions on media formats parsing...

9.3CVSS4.4AI score0.01154EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.51 views

Android Superuser shell character escape vulnerability

Vulnerable releases of two common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root, either without prompting the user or after the user has denied the request: - CyanogenMod/ClockWorkMod/Koush Superuser current releases, including v1.0.2.1 ...

10CVSS2.6AI score0.00338EPSS
Exploits3
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.49 views

APPLE-SA-2013-11-14-1 iOS 7.0.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-11-14-1 iOS 7.0.4 iOS 7.0.4 is now available and addresses the following: App Store Available for: iPhone 4 and later, iPod touch 5th generation and later, iPad 2 and later Impact: App and In-App purchases may be completed with...

4.7CVSS0.2AI score0.00048EPSS
Exploits1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.36 views

MAAS privileg escalation

maas-import-pxe-files privilege escalations...

5.8CVSS3.1AI score0.00666EPSS
Exploits1References1Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.38 views

SPICE library buffer overflow

Buffer overflow on oversized password...

5CVSS4.6AI score0.01116EPSS
Exploits2References1Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.35 views

Juniper JunOS crossite scripting

Crossite scripting in EmbedThis...

1.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/11/18 12:0 a.m.47 views

NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2013-0013 Synopsis: VMware Workstation host privilege escalation vulnerability Issue date: 2013-11-14 Updated on: 2013-11-14 initial...

7.2CVSS6.7AI score0.00046EPSS
Exploits0
securityvulns
securityvulnsadded 2013/11/13 12:0 a.m.67 views

[USN-2015-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2015-1 November 08, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6CVSS0.4AI score0.00804EPSS
Exploits1
securityvulns
securityvulnsadded 2013/11/13 12:0 a.m.80 views

[ MDVSA-2013:265 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:265 http://www.mandriva.com/en/support/security/ Package : kernel Date : November 10, 2013 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been found and corrected in the Linu...

7.1CVSS8AI score0.0497EPSS
Exploits6
securityvulns
securityvulnsadded 2013/11/13 12:0 a.m.34 views

Microsoft Office multiple security vulnerabilities

Buffer overflow and memory corruption in Microsoft Word, memory corruption on WPD parsing, Outlook information leakage...

9.3CVSS4.3AI score0.5718EPSS
Exploits0Affected Software1
securityvulns
securityvulnsadded 2013/11/13 12:0 a.m.33 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple information leaks and memory corruptions...

9.3CVSS1.8AI score0.34563EPSS
Exploits1Affected Software1
securityvulns
securityvulnsadded 2013/11/13 12:0 a.m.47 views

XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow

+--------------------------------------------------------------------+ | XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow | +--------------------------------------------------------------------+ Vulnerable versions: - linux kernel 2.6.18 = Testbed: ubuntu Type: Local Impact:...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2013/11/13 12:0 a.m.59 views

Microsoft Windows multiple security vulnerabilities

GDI integer overflow, InformationCardSigninHelper ActiveX code execution, AFD driver information leak, X.509 certificates DoS, Hyper-V privilege escalation...

9.3CVSS3.1AI score0.88465EPSS
Exploits3Affected Software1
securityvulns
securityvulnsadded 2013/11/05 12:0 a.m.26 views

EMC Unisphere for VMAX information leakage

Under some conditions cleartext password is logged...

1.9CVSS2AI score0.00057EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/11/05 12:0 a.m.32 views

Varnish HTTP cache DoS

assert on empty request...

5CVSS0.6AI score0.01554EPSS
Exploits3References1Affected Software1
securityvulns
securityvulnsadded 2013/11/05 12:0 a.m.20 views

Linux kernel buffer overflow

Heap buffer overflow on eCryptfs request procesing...

2.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/11/05 12:0 a.m.74 views

[SECURITY] [DSA 2789-1] strongswan security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2789-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez November 01, 2013 http://www.debian.org/security/faq -...

5CVSS2.4AI score0.00228EPSS
Exploits0
Total number of security vulnerabilities47153