Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•26 views

PineApp Mail-SeCure privilege escalation

Unfiltered shell characters vulnerability...

8.5CVSS3.2AI score0.02992EPSS
Exploits6References1Affected Software1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•29 views

git / Apple Xcode certificate spoofing

Git certificate spoofing...

4.3CVSS1.4AI score0.01661EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•27 views

HP XP P9000 Command View Advanced Edition Suite Software crossite scripting

No description provided...

4.3CVSS1.1AI score0.0163EPSS
Exploits0References1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•23 views

HP ArcSight XSS

No description provided...

4.3CVSS0.1AI score0.00942EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•22 views

IconCool PDFCool Studio memory corruption

Memory corruption on PDF parsing...

6.8CVSS3.8AI score0.04083EPSS
Exploits2References1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•52 views

CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PinApp Mail-SeCure Access Control Failure 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:...

8.5CVSS0.1AI score0.02992EPSS
Exploits6
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•50 views

Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability

Title: ====== Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability Date: ===== 2013-09-20 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1081 VL-ID: ===== 1081 Common Vulnerability Scoring System: ==================================== 8.7 Introduction: =============...

0.6AI score
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•53 views

[ANN] Struts 2.3.15.2 GA release available - security fix

The Apache Struts group is pleased to announce that Struts 2.3.15.2 is available as a "General Availability" release.The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed ...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•55 views

APPLE-SA-2013-09-18-3 Xcode 5.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-18-3 Xcode 5.0 Xcode 5.0 is now available and addresses the following: Git Available for: OS X Mountain Lion v10.8.4 or later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive...

4.3CVSS0.2AI score0.01661EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•60 views

Multiple Vulnerabilities in X2CRM

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.2AI score0.05791EPSS
Exploits6
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•68 views

[USN-1928-1] Puppet vulnerabilities

========================================================================== Ubuntu Security Notice USN-1928-1 August 15, 2013 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.1CVSS0.8AI score0.01643EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•65 views

[USN-1967-1] Django vulnerabilities

========================================================================== Ubuntu Security Notice USN-1967-1 September 24, 2013 python-django vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

5CVSS0.3AI score0.03182EPSS
Exploits3
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•72 views

Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

Title: ====== Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability Date: ===== 2013-09-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1080 VL-ID: ===== 1080 Common Vulnerability Scoring System: ==================================== 6....

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•79 views

Python SSL certificate check bypass

Invalid NULL characters processing...

4.3CVSS3.8AI score0.05347EPSS
Exploits1Affected Software1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•52 views

[USN-1986-1] Network Audio System (NAS) vulnerabilities

========================================================================== Ubuntu Security Notice USN-1986-1 October 01, 2013 nas vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.6CVSS0.7AI score0.00702EPSS
Exploits1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•64 views

[ MDVSA-2013:241 ] perl-Crypt-DSA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:241 http://www.mandriva.com/en/support/security/ Package : perl-Crypt-DSA Date : September 25, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discover...

5.8CVSS6.2AI score0.02251EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•25 views

perl Crypt::DSA weak PRNG generator

Under some conditions, weak PRNG generator is used...

5.8CVSS1.1AI score0.02251EPSS
Exploits0References1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•65 views

[USN-1963-1] usb-creator vulnerability

========================================================================== Ubuntu Security Notice USN-1963-1 September 18, 2013 usb-creator vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

4.6CVSS0.2AI score0.00373EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•28 views

HP IceWall SSO, IceWall File Manager and IceWall Federation Agent multiple security vulnerabilities

Multiple unauthorized access vulnerabilities...

5CVSS2.1AI score0.03297EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•37 views

puppet security vulnerabilities

Code execution, privilege escalation...

5.1CVSS3.6AI score0.01643EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•59 views

[IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin

Bradesco Gateway Wordpress plugin Cross-site scripting XSS Vendor product description Bradesco Gateway for the WP-Ecommerce plugin. Bug Description Cross-site scripting XSS vulnerability in falha.php in the Bradesco Gateway plugin before 2.0 for WordPress allows remote attackers to inject arbitra...

4.3CVSS0.5AI score0.02023EPSS
Exploits2
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•80 views

CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS

Multiple Vulnerabilities in the Adtran Netvanta 7100 Impact: Multiple Local and Remote Compromise, XSS and other Injection Attacks Versions: firmware prior to R10.5.3.HA Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Multiple Vulnerabilities in Adtran Netvanta 7100 Date...

4.3CVSS1.3AI score0.01403EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•68 views

[ MDVSA-2013:239 ] wordpress

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:239 http://www.mandriva.com/en/support/security/ Package : wordpress Date : September 19, 2013 Affected: Business Server 1.0 Problem Description: Updated wordpress and php-phpmailer packages fix security...

7.5CVSS6.4AI score0.08749EPSS
Exploits8
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•55 views

[security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03898171 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03898171 Version: 1 HPSBST02919 rev....

4.3CVSS0.2AI score0.0163EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•62 views

[security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03901176 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03901176 Version: 1 HPSBGN02923 rev....

4.3CVSS0.2AI score0.00942EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•34 views

libvirt memory corruption

Memory corruption in remoteDispatchDomainMemoryStats...

4.6CVSS2.3AI score0.02678EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•66 views

[ MDVSA-2013:238 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:238 http://www.mandriva.com/en/support/security/ Package : wireshark Date : September 19, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and...

5CVSS6.4AI score0.0284EPSS
Exploits1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•70 views

Remote Code Execution in GLPI

Advisory ID: HTB23173 Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.84.1 and probably prior Tested Version: 0.84.1 Advisory Publication: September 11, 2013 without technical details Vendor Notification: September 11, 2013 Vendor Patch: September 12, 2013 Public Disclosure: October 2, 2013...

6.8CVSS0.4AI score0.07855EPSS
Exploits11
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•175 views

HP System Management Homepage multiple security vulnerabilities

XSS, privilege escalation, unauthorized access, information leakage, DoS...

7.5CVSS1.8AI score0.73327EPSS
Exploits27References1Affected Software1
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•174 views

[security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03839862 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03839862 Version: 3 HPSBMU02900 rev....

7.5CVSS0.9AI score0.73327EPSS
Exploits27
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•90 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.08749EPSS
Exploits47References13Affected Software10
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•89 views

Multiple Vulnerabilities in Gnew

Advisory ID: HTB23171 Product: Gnew Vendor: Raoul Proenca Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure: October 2, 2013 Vulnerability Type: PHP File...

7.5CVSS0.4AI score0.07149EPSS
Exploits7
securityvulns
securityvulns
•added 2013/10/02 12:0 a.m.•74 views

APPLE-SA-2013-09-20-1 Apple TV 6.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-20-1 Apple TV 6.0 Apple TV 6.0 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or...

9.3CVSS0.1AI score0.11999EPSS
Exploits7
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•34 views

Multiple vulnerabilities in RokMicroNews for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokMicroNews for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•29 views

Multiple vulnerabilities in RokIntroScroller for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokIntroScroller for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•57 views

Open-Xchange Security Advisory 2013-09-10

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28260 Bug ID Vulnerability type: CWE-16: Configuration, CWE-287: Improper Authentication, CWE-200: Information Exposure Vulnerable version: 7.0.0 to 7.2.2 Vulnerable component: backend default configuration Fixed version...

7.5CVSS0.2AI score0.01493EPSS
Exploits2
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•41 views

Multiple vulnerabilities in RokStories for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokStories for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•28 views

EMC VPLEX Information leakage

Cleartetext passwords in configuration files...

4.9CVSS1.8AI score0.00338EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•76 views

APPLE-SA-2013-09-18-2 iOS 7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-18-2 iOS 7 iOS 7 is now available and addresses the following: Certificate Trust Policy Available for: iPhone 4 and later, iPod touch 5th generation and later, iPad 2 and later Impact: Root certificates have been updated Description:...

9.3CVSS0.5AI score0.11999EPSS
Exploits10
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•42 views

Multiple vulnerabilities in RokNewsPager for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokNewsPager for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•27 views

txt2man symbolic links vulnerability

Unsafe temporary files creation...

3.3CVSS1.6AI score0.0034EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•34 views

Vino VNC server DoS

Resources exhauston via connections...

7.1CVSS3AI score0.0872EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•38 views

[USN-1980-1] Vino vulnerability

========================================================================== Ubuntu Security Notice USN-1980-1 September 30, 2013 vino vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.1CVSS0.3AI score0.0872EPSS
Exploits5
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•52 views

Open-Xchange Security Advisory 2013-09-30

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28642 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: prior to 7.2.2 Vulnerable component: backend Fixed version: 7.0.2-rev16, 7.2.2-rev20 Report...

3.5CVSS0.1AI score0.00767EPSS
Exploits0
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•45 views

CVE-2013-5118 - XSS Good for Enterprise iOS

Hello, Last month I identified a XSS vulnerability in the Good for Enterprise iOS application. The vulnerable versions are v2.2.2.1611 and earlier Proof of Concept: HTML Email including the following payload will execute Javascript statements when the victim open the email using the vulnerable...

4.3CVSS0.4AI score0.02418EPSS
Exploits6
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•31 views

[ MDVSA-2013:244 ] davfs2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:244 http://www.mandriva.com/en/support/security/ Package : davfs2 Date : September 30, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and...

7.2CVSS6.3AI score0.01168EPSS
Exploits2
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•93 views

APPLE-SA-2013-09-26-1 iOS 7.0.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-26-1 iOS 7.0.2 iOS 7.0.2 is now available and addresses the following: Passcode Lock Available for: iPhone 4 and later Impact: A person with physical access to the device may be able to make calls to any number Description: A NULL...

4.4CVSS0.2AI score0.00342EPSS
Exploits2
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•18 views

HylaFAX buffer overflow

Heap buffer overflow...

2.7AI score
Exploits4References1
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•30 views

DavFS2 privilege escalation

Shell characters vulnerability...

7.2CVSS3.7AI score0.01168EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
•added 2013/10/01 12:0 a.m.•45 views

XSS and Redirector vulnerabilities in InstantCMS

Hello 3APA3A! These are Cross-Site Scripting and Redirector vulnerabilities in InstantCMS. ------------------------- Affected products: ------------------------- Vulnerable are InstantCMS 1.10.2 and previous versions. ------------------------- Affected vendors: ------------------------- InstantSo...

0.4AI score
Exploits0
Total number of security vulnerabilities47153