Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/10/03 12:0 a.m.30 views

VMWare Zimbra Collaboration Suite replay attack

It's possible to bypass authentication by replaying captured session...

6.8CVSS2.3AI score0.01384EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.37 views

Apple iTunes memory corruption

ActiveX control memory corruption...

9.3CVSS2.7AI score0.04091EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.44 views

[USN-1950-1] Light Display Manager vulnerability

========================================================================== Ubuntu Security Notice USN-1950-1 September 12, 2013 lightdm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

2.1CVSS5.7AI score0.00368EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.59 views

[slackware-security] glibc (SSA:2013-260-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security glibc SSA:2013-260-01 New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

2.1CVSS9.4AI score0.0037EPSS
Exploits1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.52 views

elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities

Title: ====== elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities Date: ===== 2013-09-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1086 VL-ID: ===== 1086 Common Vulnerability Scoring System: ==================================== 6.7 Introduction: ============...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.28280 views

Cross-Site Scripting (XSS) in WikkaWiki

Advisory ID: HTB23170 Product: WikkaWiki Vendor: Wikka Development Team Vulnerable Versions: 1.3.4 and probably prior Tested Version: 1.3.4 Vendor Notification: August 21, 2013 Vendor Patch: August 31, 2013 Public Disclosure: September 11, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

4.3CVSS6.3AI score0.02732EPSS
Exploits3
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.59 views

Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability

Product: Zimbra Collaboration Suite Vendor: VMWare Vulnerable Version: 6.0.16 and probably prior Tested Version: 6.0.16 Vendor Notification: 09/03/2013 Public Disclosure: 09/13/2013 Vulnerability Type: Authentication Bypass by Capture-replay CWE-294 CVE: CVE-2013-5119 Discovered and Provided By:...

6.8CVSS2.8AI score0.01384EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.84 views

Event Easy Calendar 1.0.0 WP plugin

Details ======================== Application: Event Easy Calendar Version: 1.0.0 Type: WordPress Plugin Vendor: Adamson http://profiles.wordpress.org/adamson/ Url: http://wordpress.org/plugins/event-easy-calendar/ Vulnerability: - Improper Input Validation CWE-20 - Cross-Site Scripting CWE-79 -...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.50 views

[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin

Design-Approval-System Wordpress plugin XSS vendor product description A system to streamline the process of getting designs, photos, documents, videos or music approved by clients quickly. Bug Description The walkthrouth web page does not validate the step parameter leading to a Cross-site...

4.3CVSS0.7AI score0.01637EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.25 views

Security Guard CMS QT buffer overflow

Buffer overflow on client request processing...

3.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.33 views

Chrony security vulnerabilities

Buffer overflow and uninitializaed pointer dereference on server reply parsing...

5CVSS4.9AI score0.03271EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.40 views

GSTOOL weak PRNG generator

Weak PRNG generator in CHIASMUS implementation...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.28 views

Gnome gdm symbolic links vulnerability

Insecure temporary files creation...

6.9CVSS1.4AI score0.00371EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.27 views

Apple Face-Time protection bypass

It's possible to access images...

3.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.40 views

Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities

Title: ====== Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities Date: ===== 2013-09-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1083 VL-ID: ===== 1083 Common Vulnerability Scoring System: ==================================== 6.7 Introduction: ============...

Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.86 views

OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption

OWASP ESAPI for Java Security Advisory 1 The OWASP Foundation MAC Bypass in ESAPI Symmetric Encryption Summary ======= Category: Symmetric cryptography Module: ESAPI Encryptor interface Announced: 2013-08-23 via ESAPI-Dev mailing list...

2.6CVSS9AI score0.02426EPSS
Exploits1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.40 views

[ MDVSA-2013:230 ] gdm

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:230 http://www.mandriva.com/en/support/security/ Package : gdm Date : September 11, 2013 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in gdm: GNOME...

6.9CVSS6AI score0.00371EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.176 views

Insecure CHIASMUS encryption in GSTOOL

== Insecure CHIASMUS encryption in GSTOOL == GSTOOL versions 3.0 to 4.7 inclusive contain an insecure encryption feature using the non-public CHIASMUS block cipher. Due to the use of an insecure PRNG for key generation, files encrypted using the encryption feature of this tool can be decrypted...

Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.62 views

SilverStripe Framework CMS 3.0.5 - Multiple Web Vulnerabilities

Title: ====== SilverStripe Framework CMS 3.0.5 - Multiple Vulnerabilities Date: ===== 2013-09-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1084 VL-ID: ===== 1084 Common Vulnerability Scoring System: ==================================== 3.9 Introduction:...

Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.43 views

SEC Consult SA-20131003-0 :: Denial of service vulnerability in Citrix NetScaler

SEC Consult Vulnerability Lab Security Advisory 20131003-0 ======================================================================= title: nsconfigd NSRPCREMOTECMD Denial of service vulnerability product: Citrix NetScaler vulnerable version: NetScaler 10.0 Build 76.7 fixed version: NetScaler 10.0...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.40 views

Cisco Prime Data Center / Prime Central security vulnerabilities

Information disclosure, code execution, DoS conditions...

10CVSS3AI score0.75962EPSS
Exploits6Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.150 views

APPLE-SA-2013-09-12-2 Safari 5.1.10

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-12-2 Safari 5.1.10 Safari 5.1.10 is now available and addresses the following: JavaScriptCore Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Visiting a maliciously crafted website may lead to an unexpected applicatio...

6.8CVSS0.3AI score0.14415EPSS
Exploits3
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.122 views

[ MDVSA-2013:235 ] mediawiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:235 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : September 16, 2013 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in...

5CVSS6.7AI score0.02084EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.584 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.02732EPSS
Exploits11References12Affected Software12
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.170 views

Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability

============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail ============================================= VULNERABILITY ---------------------- Moodle CMS version 2.5.0...

7.5CVSS0.4AI score0.02098EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.113 views

Microsoft Sharepoint Server multiple security vulnerabilities

DoS, crossite scripting, memory corruptions, code execution...

10CVSS2AI score0.77458EPSS
Exploits4References1Affected Software2
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.118 views

SQL Injection in vtiger CRM

Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS0.01238EPSS
Exploits5
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.57 views

WebAssist PowerCMS PHP - Multiple Web Vulnerabilities

Title: ====== WebAssist PowerCMS PHP - Multiple Web Vulnerabilities Date: ===== 2013-09-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1098 VL-ID: ===== 1098 Common Vulnerability Scoring System: ==================================== 4 Introduction: ============= Desi...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.51 views

Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability

Title: ====== Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability Date: ===== 2013-09-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1085 VL-ID: ===== 1085 Common Vulnerability Scoring System: ==================================== 6.1 Introduction...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.60 views

[SECURITY] [DSA 2752-1] phpbb3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2752-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 07, 2013 http://www.debian.org/security/faq -...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.72 views

[USN-1962-1] ubuntu-system-service vulnerability

========================================================================== Ubuntu Security Notice USN-1962-1 September 18, 2013 ubuntu-system-service vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

4.6CVSS0.3AI score0.00358EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.111 views

Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability

Title: ====== Microsoft SharePoint 2013 Cloud - Persistent Exception Handling Web Vulnerability Date: ===== 2013-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.63 views

Apple Safari security vulnerabilities

Memory corruptions...

6.8CVSS2.7AI score0.14415EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.54 views

APPLE-SA-2013-09-18-1 iTunes 11.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-18-1 iTunes 11.1 iTunes 11.1 is now available and addresses the following: iTunes Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or...

9.3CVSS0.1AI score0.04091EPSS
Exploits1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.31 views

Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability

Title: ====== Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability Date: ===== 2013-09-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1087 Video: http://www.youtube.com/watch?v=7acWAEZpbgs VL-ID: ===== 1087 Common Vulnerability Scoring System:...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.25 views

lightdm weak permissions

.Xauthority files weak permissions...

2.1CVSS1.2AI score0.00368EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.107 views

ExpressionEngine 2.6 Persistent XSS

Hi, I'd like to disclose a vulnerability I found in ExpressionEngine 2.6 and below. The issue is when you submit a new entry through Admin - Content - Publish and you are using the RTE, if you enter HTML into that editor, the next page will execute the HTML, which it shouldn’t. The RTE should...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.27 views

Citrix NetScaler DoS

Crash on request processing in nsconfigd TCP/3008, TCP/3010...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.54 views

[SECURITY] [DSA 2760-1] chrony security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2760-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 18, 2013 http://www.debian.org/security/faq -...

5CVSS0.1AI score0.03271EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.111 views

APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lio...

10CVSS0.4AI score0.54312EPSS
Exploits26
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.48 views

polkit authorization bypass in multiple application

Invalid Policy Kit authorization usage...

6.9CVSS2.2AI score0.00419EPSS
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.62 views

[iBliss Security Advisory] Blind SQL injection vulnerability in NOSpamPTI wordpress plugin

NOSpamPTI Wordpress plugin Blind SQL Injection Vendor product description NOSpamPTI eliminates the spam in your comment box so strong and free, developed from the idea of Nando Vieira a href="http://bit.ly/d38gB8" rel="nofollow"http://bit.ly/d38gB8/a, but some themes do not support changes to the...

7.5CVSS0.5AI score0.02854EPSS
Exploits6
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.66 views

Wordpress fgallery_plus Plugin Xss vulnerabilities

The Wordpress fgalleryplusy Plugin suffers from a Cross-Site Scripting vulnerability. Iranian Exploit DataBase Forum http://iedb.ir/acc http://iedb.ir Exploit Title : Wordpress fgalleryplus Plugin Xss vulnerabilities Author : Iranian Exploit DataBase Discovered By : IeDb Email : [email protected]...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.53 views

joomla com_zimbcomment Components Local File Include vulnerability

The joomla comzimbcomment Components suffers from a Local File Include Vulnerability. Iranian Exploit DataBase Forum http://iedb.ir/acc http://iedb.ir Exploit Title : joomla comzimbcomment Components Local File Include vulnerability Author : Iranian Exploit DataBase Discovered By : IeDb Email :...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.58 views

Apple TV multiple security vulnerabilities

Multiple vulnerabilities in differen subsystems...

9.3CVSS1.7AI score0.11999EPSS
Exploits7References1
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.46 views

[PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager

----------------------------------------------------------- PT-2013-41 Positive Technologies Security Advisory Arbitrary Code Execution in Ajax File and Image Manager ----------------------------------------------------------- --- Vulnerable software Ajax File and Image Manager Version: 1.1 and...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.55 views

[SECURITY] [DSA 2764-1] libvirt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2764-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 25, 2013 http://www.debian.org/security/faq -...

4CVSS0.5AI score0.02678EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.28 views

Adtran Netvanta multiple security vulnerabilities

Multiple web interface vulnerabilities...

4.3CVSS2.4AI score0.01403EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.40 views

CORE-2013-0828 - PDFCool Studio Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PDFCool Studio Buffer Overflow Vulnerability 1. Advisory Information Title: PDFCool Studio Buffer Overflow Vulnerability Advisory ID: CORE-2013-0828 Advisory URL:...

6.8CVSS7.5AI score0.04083EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.53 views

[security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03918632 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03918632 Version: 1 HPSBGN02925 rev....

5CVSS6.2AI score0.03297EPSS
Exploits0
Total number of security vulnerabilities47153