Securityvulns - Page 84 of Securityvulns Vulnerabilities List

securityvulns•added 2013/10/09 12:0 a.m.•26 views

HP Service Manager unauthorized access

No description provided...

10CVSS2.6AI score0.04203EPSS

securityvulns•added 2013/10/09 12:0 a.m.•29 views

AVTech digital video recorders multiple security vulnerabilities

RTSP parsing buffer overflow, web interface buffer overflow, protection bypass...

9CVSS4.4AI score0.39617EPSS

Exploits8References1

securityvulns•added 2013/10/09 12:0 a.m.•26 views

Synology DiskStation Manager multiple security vulnerabilities

Multiple web interface vulnerabilities...

2.1AI score

securityvulns•added 2013/10/09 12:0 a.m.•25 views

Apple Motion Integer Overflow Vulnerability

Apple Motion Integer Overflow Vulnerability =========================================== Vendor: Apple http://www.apple.com Software: Motion 5.0.7 Testcase verified on: OS X 10.8 Credit: Jean Pascal Pereira [email protected] DESCRIPTION =========== An integer overflow vulnerability has been...

0.9AI score

securityvulns•added 2013/10/09 12:0 a.m.•178 views

Synology DSM multiple vulnerabilities

Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manager DSM it's a Linux based operating system, use...

securityvulns•added 2013/10/09 12:0 a.m.•82 views

[security bulletin] HPSBGN02930 rev.1 - HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module, Remote Authentication Bypass, Disclosure of Information, Unauthorized Access, SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03943547 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03943547 Version: 1 HPSBGN02930 rev....

7.5CVSS0.7AI score0.777EPSS

Exploits5

securityvulns•added 2013/10/09 12:0 a.m.•73 views

Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service

BACKGROUND According to the vendor, Netgear ProSafe is a cost-effective line of smart switches for Small and Medium Businesses SMBs. The products cover an essential set of network features and easy-to-use web-based management. Power over Ethernet PoE and Stacking versions are also available. 2...

7.8CVSS0.8AI score0.37969EPSS

Exploits10

securityvulns•added 2013/10/09 12:0 a.m.•63 views

CyberArk User Enumeration - Multiple vulnerabilities

Security Advisory - CyberArk User Enumeration - Multiple vulnerabilities ======================================================================== Summary : CyberArk Vault was found prone to multiple user enumeration/harvesting vulnerabilities. Date : 1 August 2013 Affected versions : All Vault...

6.9AI score0.00512EPSS

securityvulns•added 2013/10/09 12:0 a.m.•46 views

[slackware-security] xpdf (SSA:2013-233-02)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security xpdf SSA:2013-233-02 New xpdf packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

7.4AI score0.00397EPSS

securityvulns•added 2013/10/09 12:0 a.m.•28 views

Samsung DVR security vulnerability

Authentication bypass, information leakage...

2.8AI score

Exploits0References1

securityvulns•added 2013/10/09 12:0 a.m.•43 views

VMWare ESX / ESXi NFC DoS

Unhandled exception on Network File Copy protocol handling...

4.3CVSS1.4AI score0.00364EPSS

Exploits1References1Affected Software2

securityvulns•added 2013/10/09 12:0 a.m.•43 views

Microsoft Office multiple security vulnerabilities

Memory corruptions on Word and Excel documents parsing...

9.3CVSS3.5AI score0.64993EPSS

Exploits0Affected Software2

securityvulns•added 2013/10/09 12:0 a.m.•34 views

AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP

Asterisk Project Security Advisory - AST-2013-004 Product Asterisk Summary Remote Crash From Late Arriving SIP ACK With SDP Nature of Advisory Remote Crash Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known None Reported On February 11, 2013 Reported By Colin Cuthbertson...

0.6AI score

securityvulns•added 2013/10/09 12:0 a.m.•53 views

CORE-2013-0808 - EPS Viewer Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ EPS Viewer Buffer Overflow Vulnerability 1. Advisory Information Title: EPS Viewer Buffer Overflow Vulnerability Advisory ID: CORE-2013-0808 Advisory URL:...

9.3CVSS0.1AI score0.11711EPSS

Exploits2

securityvulns•added 2013/10/09 12:0 a.m.•55 views

Two Instagram Android App Security Vulnerabilities

Affected app: Instagram for Android Affected versions: 4.0.2 and 4.1.2, probably also earlier versions as well as iOS affected. Summary After the Instagram iOS vulnerability discovered last year 1, the app's HTTP API has been extended with a cryptographic authentication for changes like "likes" a...

securityvulns•added 2013/10/09 12:0 a.m.•65 views

NEW VMSA-2013-0011 VMware ESXi and ESX address an NFC Protocol Unhandled Exception

4.3CVSS6.1AI score0.00364EPSS

securityvulns•added 2013/10/09 12:0 a.m.•21 views

Apple Motion integer overflow

Integer overflow on .motn files parsing...

5AI score

securityvulns•added 2013/10/09 12:0 a.m.•29 views

Evolution / libcamel messages encryption vulnerabilities

Under some conditions messages are encrypted with wrong key...

3.3AI score0.01005EPSS

securityvulns•added 2013/10/09 12:0 a.m.•30 views

HP StoreOnce DoS

No description provided...

7.8CVSS0.4AI score0.01441EPSS

Exploits0References1

securityvulns•added 2013/10/09 12:0 a.m.•49 views

RSA Authentication Agent for PAM protection bypass

5CVSS4AI score0.00275EPSS

securityvulns•added 2013/10/09 12:0 a.m.•134 views

[SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities

SOJOBO-ADV-13-01 - Zenphoto 1.4.5.2 multiple vulnerabilities I. Information ================== Name : Zenphoto 1.4.5.2 multiple vulnerabilities Software : Zenphoto 1.4.5.2 and possibly below. Vendor Homepage : http://www.zenphoto.org/ Vulnerability Type : SQL Injection, Reflected Cross-Site...

8.5AI score

securityvulns•added 2013/10/09 12:0 a.m.•37 views

xpdf / poppler ESC sequences injection

Terminal control ESC sequences injection...

2.2AI score0.00397EPSS

Exploits1References2Affected Software2

securityvulns•added 2013/10/09 12:0 a.m.•49 views

[slackware-security] poppler (SSA:2013-233-03)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security poppler SSA:2013-233-03 New poppler packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

7.4AI score0.00397EPSS

securityvulns•added 2013/10/09 12:0 a.m.•32 views

Netgear ProSafe switches security vulnerabilities

Information leakage, DoS...

7.8CVSS1.8AI score0.37969EPSS

Exploits10References1

securityvulns•added 2013/10/09 12:0 a.m.•39 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.77788EPSS

Exploits16References3Affected Software2

securityvulns•added 2013/10/09 12:0 a.m.•32 views

AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request

Asterisk Project Security Advisory - AST-2013-005 Product Asterisk Summary Remote Crash when Invalid SDP is sent in SIP Request Nature of Advisory Remote Crash Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known None Reported On July 03, 2013 Reported By Walter Doekes, OS...

0.2AI score

securityvulns•added 2013/10/09 12:0 a.m.•68 views

[KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability

------------------------------------------------------------------------------------------- Vanilla Forums = 2.0.18.5 class.utilitycontroller.php PHP Object Injection Vulnerability ------------------------------------------------------------------------------------------- - Software Link:...

7.5CVSS0.3AI score0.04513EPSS

Exploits7

securityvulns•added 2013/10/09 12:0 a.m.•27 views

EPS Viewer buffer overflow

Buffer overflow on .EPS files parsing...

9.3CVSS4.8AI score0.11711EPSS

Exploits2References1Affected Software1

securityvulns•added 2013/10/09 12:0 a.m.•61 views

[security bulletin] HPSBST02897 rev.1 - HP StoreOnce D2D Backup System, Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03828580 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03828580 Version: 1 HPSBST02897 rev....

7.8CVSS0.7AI score0.01441EPSS

securityvulns•added 2013/10/09 12:0 a.m.•30 views

Cisco Secure Access Control Server authentication bypass

Authentication bypass if EAP-FAST protocol is used...

9.3CVSS3.7AI score0.00952EPSS

Exploits0Affected Software1

securityvulns•added 2013/10/09 12:0 a.m.•29 views

IBM Lotus iNotes XSS

Few crossite scripting vulnerabilities...

4.3CVSS1.6AI score0.00266EPSS

Exploits0Affected Software1

securityvulns•added 2013/10/09 12:0 a.m.•46 views

CORE-2013-0726 - AVTECH DVR multiple vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ AVTECH DVR multiple vulnerabilities 1. Advisory Information Title: AVTECH DVR multiple vulnerabilities Advisory ID: CORE-2013-0726 Advisory URL: http://www.coresecurity.com/advisories/avtech-dvr-multiple-vulnerabilities Date...

9CVSS0.2AI score0.39617EPSS

Exploits8

securityvulns•added 2013/10/09 12:0 a.m.•138 views

Samsung DVR authentication bypass

Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Samsung provides a wide range of DVR...

0.4AI score

securityvulns•added 2013/10/09 12:0 a.m.•82 views

[ MDVSA-2013:246 ] openjpa

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:246 http://www.mandriva.com/en/support/security/ Package : openjpa Date : October 7, 2013 Affected: Business Server 1.0 Problem Description: Updated openjpa packages fix security vulnerability: The...

7.5CVSS8.8AI score0.14602EPSS

securityvulns•added 2013/10/09 12:0 a.m.•42 views

[CORE-2013-0805] Aloaha PDF Suite Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Aloaha PDF Suite Buffer Overflow Vulnerability 1. Advisory Information Title: Aloaha PDF Suite Buffer Overflow Vulnerability Advisory ID: CORE-2013-0805 Advisory URL:...

9.3CVSS7.5AI score0.50251EPSS

securityvulns•added 2013/10/09 12:0 a.m.•28 views

Cyber-Ark Vault user enumeration

Servers unswers are different for wrong username and password...

3.3AI score0.00512EPSS

securityvulns•added 2013/10/09 12:0 a.m.•190 views

[security bulletin] HPSBGN02929 rev.1 - HP Intelligent Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Informati

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03943425 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03943425 Version: 1 HPSBGN02929 rev....

10CVSS0.77228EPSS

Exploits7

securityvulns•added 2013/10/09 12:0 a.m.•48 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruption...

9.3CVSS2AI score0.88207EPSS

Exploits24Affected Software1

securityvulns•added 2013/10/09 12:0 a.m.•23 views

Asterisk security vulnerabilities

Few DoS conditions on SIP parsing...

2.8AI score

Exploits0References2Affected Software1

securityvulns•added 2013/10/09 12:0 a.m.•72 views

ESA-2013-047: RSA® Authentication Agent for PAM Unlimited Login Attempts Vulnerability

ESA-2013-047.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-047: RSA® Authentication Agent for PAM Unlimited Login Attempts Vulnerability EMC Identifier: ESA-2013-047 CVE Identifier: CVE-2013-3271 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected Products: R...

5CVSS0.4AI score0.00275EPSS

securityvulns•added 2013/10/05 12:0 a.m.•52 views

Apple Mac OS X multiple security vulnerabilities

Different vulnerabilities in multiple sustem components...

6.8CVSS2AI score0.01127EPSS

Exploits5References2Affected Software1

securityvulns•added 2013/10/05 12:0 a.m.•48 views

[security bulletin] HPSBPI02892 rev.1 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03888014 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03888014 Version: 1 HPSBPI02892 rev....

4.3CVSS0.2AI score0.00594EPSS

securityvulns•added 2013/10/05 12:0 a.m.•49 views

ESA-2013-062: EMC Atmos Unauthenticated Database Access Vulnerability

ESA-2013-062.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-062: EMC Atmos Unauthenticated Database Access Vulnerability EMC Identifier: ESA-2013-062 CVE Identifier: CVE-2013-3279 Severity Rating: CVSS v2 Base Score: CVSS 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • All version...

5CVSS1.4AI score0.0025EPSS

securityvulns•added 2013/10/05 12:0 a.m.•64 views

APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update OS X v10.8.5 Supplemental Update is now available and addresses the following: Directory Services Available for: OS X Mountain Lion v10.8 to v10.8.5 Impact: A local user may modify Directory...

6.6CVSS6.3AI score0.00041EPSS

securityvulns•added 2013/10/05 12:0 a.m.•25 views

EMC Atmos weak default installation

Default database access with no password is allowed...

5CVSS3.7AI score0.0025EPSS