Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SecurityvulnsRecent
RecentMost viewed

47153 matches found

securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.47 views

joomla com_zimbcomment Components Local File Include vulnerability

The joomla comzimbcomment Components suffers from a Local File Include Vulnerability. Iranian Exploit DataBase Forum http://iedb.ir/acc http://iedb.ir Exploit Title : joomla comzimbcomment Components Local File Include vulnerability Author : Iranian Exploit DataBase Discovered By : IeDb Email :...

0.8AI score
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.74 views

CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS

Multiple Vulnerabilities in the Adtran Netvanta 7100 Impact: Multiple Local and Remote Compromise, XSS and other Injection Attacks Versions: firmware prior to R10.5.3.HA Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Multiple Vulnerabilities in Adtran Netvanta 7100 Date...

4.3CVSS1.3AI score0.00225EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.23 views

HP ArcSight XSS

No description provided...

4.3CVSS0.1AI score0.00263EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.61 views

[ MDVSA-2013:241 ] perl-Crypt-DSA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:241 http://www.mandriva.com/en/support/security/ Package : perl-Crypt-DSA Date : September 25, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discover...

5.8CVSS6.2AI score0.00358EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.69 views

APPLE-SA-2013-09-20-1 Apple TV 6.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-20-1 Apple TV 6.0 Apple TV 6.0 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or...

9.3CVSS0.1AI score0.21099EPSS
Exploits7
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.61 views

[iBliss Security Advisory] Blind SQL injection vulnerability in NOSpamPTI wordpress plugin

NOSpamPTI Wordpress plugin Blind SQL Injection Vendor product description NOSpamPTI eliminates the spam in your comment box so strong and free, developed from the idea of Nando Vieira a href="http://bit.ly/d38gB8" rel="nofollow"http://bit.ly/d38gB8/a, but some themes do not support changes to the...

7.5CVSS0.5AI score0.01563EPSS
Exploits6
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.61 views

[USN-1963-1] usb-creator vulnerability

========================================================================== Ubuntu Security Notice USN-1963-1 September 18, 2013 usb-creator vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

4.6CVSS0.2AI score0.00061EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.24 views

perl Crypt::DSA weak PRNG generator

Under some conditions, weak PRNG generator is used...

5.8CVSS1.1AI score0.00358EPSS
Exploits0References1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.29 views

git / Apple Xcode certificate spoofing

Git certificate spoofing...

4.3CVSS1.4AI score0.01488EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.48 views

[security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03898171 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03898171 Version: 1 HPSBST02919 rev....

4.3CVSS0.2AI score0.00623EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.46 views

[security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03918632 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03918632 Version: 1 HPSBGN02925 rev....

5CVSS6.2AI score0.00689EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.174 views

[security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03839862 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03839862 Version: 3 HPSBMU02900 rev....

7.5CVSS0.9AI score0.79567EPSS
Exploits66
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.174 views

HP System Management Homepage multiple security vulnerabilities

XSS, privilege escalation, unauthorized access, information leakage, DoS...

7.5CVSS1.8AI score0.79567EPSS
Exploits66References1Affected Software1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.48 views

Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability

Title: ====== Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability Date: ===== 2013-09-20 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1081 VL-ID: ===== 1081 Common Vulnerability Scoring System: ==================================== 8.7 Introduction: =============...

0.6AI score
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.27 views

Adtran Netvanta multiple security vulnerabilities

Multiple web interface vulnerabilities...

4.3CVSS2.4AI score0.00225EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.27 views

HP XP P9000 Command View Advanced Edition Suite Software crossite scripting

No description provided...

4.3CVSS1.1AI score0.00623EPSS
Exploits0References1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.67 views

[ MDVSA-2013:239 ] wordpress

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:239 http://www.mandriva.com/en/support/security/ Package : wordpress Date : September 19, 2013 Affected: Business Server 1.0 Problem Description: Updated wordpress and php-phpmailer packages fix security...

7.5CVSS6.4AI score0.09588EPSS
Exploits8
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.86 views

Multiple Vulnerabilities in Gnew

Advisory ID: HTB23171 Product: Gnew Vendor: Raoul Proenca Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure: October 2, 2013 Vulnerability Type: PHP File...

7.5CVSS0.4AI score0.04589EPSS
Exploits7
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.21 views

IconCool PDFCool Studio memory corruption

Memory corruption on PDF parsing...

6.8CVSS3.8AI score0.08036EPSS
Exploits2References1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.57 views

Apple TV multiple security vulnerabilities

Multiple vulnerabilities in differen subsystems...

9.3CVSS1.7AI score0.21099EPSS
Exploits7References1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.53 views

APPLE-SA-2013-09-18-3 Xcode 5.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-18-3 Xcode 5.0 Xcode 5.0 is now available and addresses the following: Git Available for: OS X Mountain Lion v10.8.4 or later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive...

4.3CVSS0.2AI score0.01488EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.64 views

[USN-1967-1] Django vulnerabilities

========================================================================== Ubuntu Security Notice USN-1967-1 September 24, 2013 python-django vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

5CVSS0.3AI score0.01041EPSS
Exploits3
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.52 views

[ANN] Struts 2.3.15.2 GA release available - security fix

The Apache Struts group is pleased to announce that Struts 2.3.15.2 is available as a "General Availability" release.The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed ...

0.2AI score
Exploits0
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.28 views

HP IceWall SSO, IceWall File Manager and IceWall Federation Agent multiple security vulnerabilities

Multiple unauthorized access vulnerabilities...

5CVSS2.1AI score0.00689EPSS
Exploits0References1Affected Software2
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.37 views

puppet security vulnerabilities

Code execution, privilege escalation...

5.1CVSS3.6AI score0.0062EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.51 views

CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PinApp Mail-SeCure Access Control Failure 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:...

8.5CVSS0.1AI score0.11231EPSS
Exploits6
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.34 views

libvirt memory corruption

Memory corruption in remoteDispatchDomainMemoryStats...

4.6CVSS2.3AI score0.03294EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.36 views

CORE-2013-0828 - PDFCool Studio Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PDFCool Studio Buffer Overflow Vulnerability 1. Advisory Information Title: PDFCool Studio Buffer Overflow Vulnerability Advisory ID: CORE-2013-0828 Advisory URL:...

6.8CVSS7.5AI score0.08036EPSS
Exploits2
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.68 views

Remote Code Execution in GLPI

Advisory ID: HTB23173 Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.84.1 and probably prior Tested Version: 0.84.1 Advisory Publication: September 11, 2013 without technical details Vendor Notification: September 11, 2013 Vendor Patch: September 12, 2013 Public Disclosure: October 2, 2013...

6.8CVSS0.4AI score0.63954EPSS
Exploits11
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.59 views

Multiple Vulnerabilities in X2CRM

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.2AI score0.09328EPSS
Exploits6
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.50 views

[USN-1986-1] Network Audio System (NAS) vulnerabilities

========================================================================== Ubuntu Security Notice USN-1986-1 October 01, 2013 nas vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.6CVSS0.7AI score0.00151EPSS
Exploits1
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.57 views

[IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin

Bradesco Gateway Wordpress plugin Cross-site scripting XSS Vendor product description Bradesco Gateway for the WP-Ecommerce plugin. Bug Description Cross-site scripting XSS vulnerability in falha.php in the Bradesco Gateway plugin before 2.0 for WordPress allows remote attackers to inject arbitra...

4.3CVSS0.5AI score0.0027EPSS
Exploits2
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.79 views

Python SSL certificate check bypass

Invalid NULL characters processing...

4.3CVSS3.8AI score0.01382EPSS
Exploits1Affected Software1
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.77 views

Firefox for Android - Same-origin bypass through symbolic links

CVE Number: CVE-2013-1727 Vender Identifier: MFSA 2013-84 Title: Firefox for Android - Same-origin bypass through symbolic links Affected Software: Prior to v24 confirmed on v14 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v24 was released which fixes this...

4CVSS6AI score0.0224EPSS
Exploits2
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.46 views

Open-Xchange Security Advisory 2013-08-16

Product: Open-Xchange AppSuite / HTMLCleaner Vendor: Open-Xchange GmbH / HTMLCleaner team Internal reference: 27708 Open-Xchange Bug ID, 86 HTMLcleaner ticket Vulnerability type: Race condition within a thread CWE-366 Vulnerable version: 7.2.2 Vulnerable component: backend Fixed version:...

4.9CVSS0.00132EPSS
Exploits1
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.45 views

Open-Xchange Security Advisory 2013-09-30

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28642 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: prior to 7.2.2 Vulnerable component: backend Fixed version: 7.0.2-rev16, 7.2.2-rev20 Report...

3.5CVSS0.1AI score0.00159EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.55 views

PolicyKit protection bypass

pkcheck race conditions...

7.2CVSS2AI score0.00065EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.72 views

[ MDVSA-2013:243 ] polkit

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:243 http://www.mandriva.com/en/support/security/ Package : polkit Date : September 27, 2013 Affected: Business Server 1.0 Problem Description: Updated polkit packages fix security vulnerability: A race...

7.2CVSS7.4AI score0.00065EPSS
Exploits0
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.74 views

APPLE-SA-2013-09-18-2 iOS 7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-18-2 iOS 7 iOS 7 is now available and addresses the following: Certificate Trust Policy Available for: iPhone 4 and later, iPod touch 5th generation and later, iPad 2 and later Impact: Root certificates have been updated Description:...

9.3CVSS0.5AI score0.21099EPSS
Exploits10
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.37 views

Multiple vulnerabilities in RokStories for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokStories for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.30 views

[CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability

Affected Vendor: http://metaclassy.com/ - Affected Software: Byword for iOS - Affected Version: 2.x prior to 2.1 - Issue Type: Lack of validation/user confirmation leading to destruction of data - Release Date: 29 Sept 2013 - Discovered by: Guillaume Ross - CVE Identifier: CVE-2013-5725 - Issue...

5CVSS6AI score0.00243EPSS
Exploits3
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.50 views

Open-Xchange Security Advisory 2013-07-31

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 27473 Bug ID Vulnerability type: Phishing / Data injection Vulnerable version: 7.2.2 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev9, 7.2.1-rev10, 7.2.0-rev11, 7.0.2-rev14 Solution status: Fixed by...

3.5CVSS1.3AI score0.00284EPSS
Exploits2
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.63 views

[USN-1978-1] libKDcraw vulnerabilities

========================================================================== Ubuntu Security Notice USN-1978-1 September 30, 2013 libkdcraw vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

4.3CVSS0.1AI score0.00512EPSS
Exploits1
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.32 views

Multiple vulnerabilities in RokMicroNews for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokMicroNews for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.68 views

[USN-1974-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1974-1 September 27, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.9CVSS6.9AI score0.00107EPSS
Exploits2
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.42 views

CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic.

Details =========================================================== Application: "HylaFAX+" Version: 5.2.4 April, 2008 through 5.5.3 August 6, 2013 Type: Daemon that manages a fax server via an FTP-like protocol. Vendor / Maintainer: Lee Howard faxguy at howardsilvan.com Project Homepage:...

6.8CVSS0.1AI score0.3279EPSS
Exploits5
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.18 views

HylaFAX buffer overflow

Heap buffer overflow...

2.7AI score
Exploits4References1
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.76 views

[SECURITY] [DSA 27671-1] proftpd-dfsg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2767-1 [email protected] http://www.debian.org/security/ Nico Golde September 29, 2013 http://www.debian.org/security/faq -...

5CVSS2.1AI score0.01402EPSS
Exploits2
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.39 views

AFU, AFD and XSS vulnerabilities in Uploadify

Hello 3APA3A! These are Arbitrary File Uploading, Arbitrary File Deletion and Cross-Site Scripting vulnerabilities in Uploadify. Particularly in the version used in aCMS it looks like these developers use modified version of Uploadify, but other developers also can use such version...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2013/10/01 12:0 a.m.34 views

Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities

Title: ====== Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities Date: ===== 2013-08-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1062 VL-ID: ===== 1063 Common Vulnerability Scoring System: ==================================== 8.8 Introduction:...

0.4AI score
Exploits0
Total number of security vulnerabilities47153