Securityvulns - Page 85 of Securityvulns Vulnerabilities List | Vulners.com

SecurityvulnsRecent

Recent Most viewed

47153 matches found

securityvulns•added 2013/10/03 12:0 a.m.•44 views

Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability

Title: ====== Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability Date: ===== 2013-09-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1085 VL-ID: ===== 1085 Common Vulnerability Scoring System: ==================================== 6.1 Introduction...

securityvulns•added 2013/10/03 12:0 a.m.•40 views

GSTOOL weak PRNG generator

Weak PRNG generator in CHIASMUS implementation...

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•59 views

Apple Safari security vulnerabilities

Memory corruptions...

6.8CVSS2.7AI score0.11812EPSS

Exploits3References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•146 views

APPLE-SA-2013-09-12-2 Safari 5.1.10

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-12-2 Safari 5.1.10 Safari 5.1.10 is now available and addresses the following: JavaScriptCore Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Visiting a maliciously crafted website may lead to an unexpected applicatio...

6.8CVSS0.3AI score0.11812EPSS

securityvulns•added 2013/10/03 12:0 a.m.•25 views

Security Guard CMS QT buffer overflow

Buffer overflow on client request processing...

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•166 views

Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability

============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail ============================================= VULNERABILITY ---------------------- Moodle CMS version 2.5.0...

7.5CVSS0.4AI score0.0057EPSS

securityvulns•added 2013/10/03 12:0 a.m.•175 views

Insecure CHIASMUS encryption in GSTOOL

== Insecure CHIASMUS encryption in GSTOOL == GSTOOL versions 3.0 to 4.7 inclusive contain an insecure encryption feature using the non-public CHIASMUS block cipher. Due to the use of an insecure PRNG for key generation, files encrypted using the encryption feature of this tool can be decrypted...

securityvulns•added 2013/10/03 12:0 a.m.•28 views

Gnome gdm symbolic links vulnerability

Insecure temporary files creation...

6.9CVSS1.4AI score0.00027EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•60 views

SilverStripe Framework CMS 3.0.5 - Multiple Web Vulnerabilities

Title: ====== SilverStripe Framework CMS 3.0.5 - Multiple Vulnerabilities Date: ===== 2013-09-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1084 VL-ID: ===== 1084 Common Vulnerability Scoring System: ==================================== 3.9 Introduction:...

securityvulns•added 2013/10/03 12:0 a.m.•101 views

ExpressionEngine 2.6 Persistent XSS

Hi, I'd like to disclose a vulnerability I found in ExpressionEngine 2.6 and below. The issue is when you submit a new entry through Admin - Content - Publish and you are using the RTE, if you enter HTML into that editor, the next page will execute the HTML, which it shouldn’t. The RTE should...

securityvulns•added 2013/10/03 12:0 a.m.•42 views

[USN-1950-1] Light Display Manager vulnerability

========================================================================== Ubuntu Security Notice USN-1950-1 September 12, 2013 lightdm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

2.1CVSS5.7AI score0.00043EPSS

securityvulns•added 2013/10/03 12:0 a.m.•49 views

elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities

Title: ====== elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities Date: ===== 2013-09-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1086 VL-ID: ===== 1086 Common Vulnerability Scoring System: ==================================== 6.7 Introduction: ============...

securityvulns•added 2013/10/03 12:0 a.m.•52 views

Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability

Product: Zimbra Collaboration Suite Vendor: VMWare Vulnerable Version: 6.0.16 and probably prior Tested Version: 6.0.16 Vendor Notification: 09/03/2013 Public Disclosure: 09/13/2013 Vulnerability Type: Authentication Bypass by Capture-replay CWE-294 CVE: CVE-2013-5119 Discovered and Provided By:...

6.8CVSS2.8AI score0.00265EPSS

securityvulns•added 2013/10/03 12:0 a.m.•37 views

Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities

Title: ====== Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities Date: ===== 2013-09-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1083 VL-ID: ===== 1083 Common Vulnerability Scoring System: ==================================== 6.7 Introduction: ============...

securityvulns•added 2013/10/03 12:0 a.m.•107 views

Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability

Title: ====== Microsoft SharePoint 2013 Cloud - Persistent Exception Handling Web Vulnerability Date: ===== 2013-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft...

securityvulns•added 2013/10/03 12:0 a.m.•114 views

SQL Injection in vtiger CRM

Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS0.00353EPSS

securityvulns•added 2013/10/03 12:0 a.m.•581 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.00984EPSS

Exploits11References12Affected Software12

securityvulns•added 2013/10/03 12:0 a.m.•28274 views

Cross-Site Scripting (XSS) in WikkaWiki

Advisory ID: HTB23170 Product: WikkaWiki Vendor: Wikka Development Team Vulnerable Versions: 1.3.4 and probably prior Tested Version: 1.3.4 Vendor Notification: August 21, 2013 Vendor Patch: August 31, 2013 Public Disclosure: September 11, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

4.3CVSS6.3AI score0.00984EPSS

securityvulns•added 2013/10/03 12:0 a.m.•39 views

[ MDVSA-2013:230 ] gdm

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:230 http://www.mandriva.com/en/support/security/ Package : gdm Date : September 11, 2013 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in gdm: GNOME...

6.9CVSS6AI score0.00027EPSS

securityvulns•added 2013/10/03 12:0 a.m.•40 views

SEC Consult SA-20131003-0 :: Denial of service vulnerability in Citrix NetScaler

SEC Consult Vulnerability Lab Security Advisory 20131003-0 ======================================================================= title: nsconfigd NSRPCREMOTECMD Denial of service vulnerability product: Citrix NetScaler vulnerable version: NetScaler 10.0 Build 76.7 fixed version: NetScaler 10.0...

securityvulns•added 2013/10/03 12:0 a.m.•54 views

WebAssist PowerCMS PHP - Multiple Web Vulnerabilities

Title: ====== WebAssist PowerCMS PHP - Multiple Web Vulnerabilities Date: ===== 2013-09-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1098 VL-ID: ===== 1098 Common Vulnerability Scoring System: ==================================== 4 Introduction: ============= Desi...

securityvulns•added 2013/10/03 12:0 a.m.•46 views

APPLE-SA-2013-09-18-1 iTunes 11.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-18-1 iTunes 11.1 iTunes 11.1 is now available and addresses the following: iTunes Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or...

9.3CVSS0.1AI score0.01714EPSS

securityvulns•added 2013/10/03 12:0 a.m.•26 views

Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability

Title: ====== Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability Date: ===== 2013-09-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1087 Video: http://www.youtube.com/watch?v=7acWAEZpbgs VL-ID: ===== 1087 Common Vulnerability Scoring System:...

securityvulns•added 2013/10/03 12:0 a.m.•52 views

[SECURITY] [DSA 2760-1] chrony security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2760-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 18, 2013 http://www.debian.org/security/faq -...

5CVSS0.1AI score0.00838EPSS

securityvulns•added 2013/10/03 12:0 a.m.•83 views

OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption

OWASP ESAPI for Java Security Advisory 1 The OWASP Foundation MAC Bypass in ESAPI Symmetric Encryption Summary ======= Category: Symmetric cryptography Module: ESAPI Encryptor interface Announced: 2013-08-23 via ESAPI-Dev mailing list...

2.6CVSS9AI score0.00053EPSS

securityvulns•added 2013/10/03 12:0 a.m.•49 views

[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin

Design-Approval-System Wordpress plugin XSS vendor product description A system to streamline the process of getting designs, photos, documents, videos or music approved by clients quickly. Bug Description The walkthrouth web page does not validate the step parameter leading to a Cross-site...

4.3CVSS0.7AI score0.00239EPSS

securityvulns•added 2013/10/03 12:0 a.m.•59 views

[SECURITY] [DSA 2752-1] phpbb3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2752-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 07, 2013 http://www.debian.org/security/faq -...

securityvulns•added 2013/10/03 12:0 a.m.•39 views

Cisco Prime Data Center / Prime Central security vulnerabilities

Information disclosure, code execution, DoS conditions...

10CVSS3AI score0.88677EPSS

Exploits6Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•34 views

Apple iTunes memory corruption

ActiveX control memory corruption...

9.3CVSS2.7AI score0.01714EPSS

Exploits1References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•27 views

Citrix NetScaler DoS

Crash on request processing in nsconfigd TCP/3008, TCP/3010...

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•106 views

APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lio...

10CVSS0.4AI score0.81124EPSS

securityvulns•added 2013/10/03 12:0 a.m.•27 views

Apple Face-Time protection bypass

It's possible to access images...

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•33 views

Chrony security vulnerabilities

Buffer overflow and uninitializaed pointer dereference on server reply parsing...

5CVSS4.9AI score0.00838EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•121 views

[ MDVSA-2013:235 ] mediawiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:235 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : September 16, 2013 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in...

5CVSS6.7AI score0.00713EPSS

securityvulns•added 2013/10/03 12:0 a.m.•29 views

VMWare Zimbra Collaboration Suite replay attack

It's possible to bypass authentication by replaying captured session...

6.8CVSS2.3AI score0.00265EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•113 views

Microsoft Sharepoint Server multiple security vulnerabilities

DoS, crossite scripting, memory corruptions, code execution...

10CVSS2AI score0.78394EPSS

Exploits4References1Affected Software2

securityvulns•added 2013/10/03 12:0 a.m.•48 views

polkit authorization bypass in multiple application

Invalid Policy Kit authorization usage...

6.9CVSS2.2AI score0.00065EPSS

Exploits0References2Affected Software2

securityvulns•added 2013/10/03 12:0 a.m.•81 views

Event Easy Calendar 1.0.0 WP plugin

Details ======================== Application: Event Easy Calendar Version: 1.0.0 Type: WordPress Plugin Vendor: Adamson http://profiles.wordpress.org/adamson/ Url: http://wordpress.org/plugins/event-easy-calendar/ Vulnerability: - Improper Input Validation CWE-20 - Cross-Site Scripting CWE-79 -...

securityvulns•added 2013/10/03 12:0 a.m.•25 views

lightdm weak permissions

.Xauthority files weak permissions...

2.1CVSS1.2AI score0.00043EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/10/03 12:0 a.m.•58 views

[slackware-security] glibc (SSA:2013-260-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security glibc SSA:2013-260-01 New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

2.1CVSS9.4AI score0.00065EPSS

securityvulns•added 2013/10/03 12:0 a.m.•71 views

[USN-1962-1] ubuntu-system-service vulnerability

========================================================================== Ubuntu Security Notice USN-1962-1 September 18, 2013 ubuntu-system-service vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

4.6CVSS0.3AI score0.00047EPSS

securityvulns•added 2013/10/02 12:0 a.m.•56 views

[security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03901176 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03901176 Version: 1 HPSBGN02923 rev....

4.3CVSS0.2AI score0.00263EPSS

securityvulns•added 2013/10/02 12:0 a.m.•59 views

Wordpress fgallery_plus Plugin Xss vulnerabilities

The Wordpress fgalleryplusy Plugin suffers from a Cross-Site Scripting vulnerability. Iranian Exploit DataBase Forum http://iedb.ir/acc http://iedb.ir Exploit Title : Wordpress fgalleryplus Plugin Xss vulnerabilities Author : Iranian Exploit DataBase Discovered By : IeDb Email : [email protected]...

securityvulns•added 2013/10/02 12:0 a.m.•26 views

PineApp Mail-SeCure privilege escalation

Unfiltered shell characters vulnerability...

8.5CVSS3.2AI score0.11231EPSS

Exploits6References1Affected Software1

securityvulns•added 2013/10/02 12:0 a.m.•65 views

[ MDVSA-2013:238 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:238 http://www.mandriva.com/en/support/security/ Package : wireshark Date : September 19, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and...

5CVSS6.4AI score0.00883EPSS

securityvulns•added 2013/10/02 12:0 a.m.•89 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.63954EPSS

Exploits47References13Affected Software10

securityvulns•added 2013/10/02 12:0 a.m.•43 views

[PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager

----------------------------------------------------------- PT-2013-41 Positive Technologies Security Advisory Arbitrary Code Execution in Ajax File and Image Manager ----------------------------------------------------------- --- Vulnerable software Ajax File and Image Manager Version: 1.1 and...

securityvulns•added 2013/10/02 12:0 a.m.•71 views

Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

Title: ====== Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability Date: ===== 2013-09-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1080 VL-ID: ===== 1080 Common Vulnerability Scoring System: ==================================== 6....

securityvulns•added 2013/10/02 12:0 a.m.•50 views

[SECURITY] [DSA 2764-1] libvirt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2764-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 25, 2013 http://www.debian.org/security/faq -...

4CVSS0.5AI score0.03294EPSS

securityvulns•added 2013/10/02 12:0 a.m.•67 views

[USN-1928-1] Puppet vulnerabilities

========================================================================== Ubuntu Security Notice USN-1928-1 August 15, 2013 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.1CVSS0.8AI score0.0062EPSS

Total number of security vulnerabilities47153