Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/10/01 12:0 a.m.51 views

Open-Xchange Security Advisory 2013-08-16

Product: Open-Xchange AppSuite / HTMLCleaner Vendor: Open-Xchange GmbH / HTMLCleaner team Internal reference: 27708 Open-Xchange Bug ID, 86 HTMLcleaner ticket Vulnerability type: Race condition within a thread CWE-366 Vulnerable version: 7.2.2 Vulnerable component: backend Fixed version:...

4.9CVSS0.00691EPSS
Exploits1
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.74 views

[USN-1968-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1968-1 September 27, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.9CVSS0.1AI score0.0044EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.70 views

[USN-1974-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1974-1 September 27, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.9CVSS6.9AI score0.00452EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.52 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.6AI score0.0521EPSS
Exploits6References10Affected Software7
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.110 views

XAMPP 1.8.1 Local Write Access Vulnerability

============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 6,8/10 CVSS Base Score - CVE-ID: CVE-2013-2586...

4.3CVSS0.5AI score0.0521EPSS
Exploits6
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.32 views

[CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability

Affected Vendor: http://metaclassy.com/ - Affected Software: Byword for iOS - Affected Version: 2.x prior to 2.1 - Issue Type: Lack of validation/user confirmation leading to destruction of data - Release Date: 29 Sept 2013 - Discovered by: Guillaume Ross - CVE Identifier: CVE-2013-5725 - Issue...

5CVSS6AI score0.01072EPSS
Exploits3
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.50 views

CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic.

Details =========================================================== Application: "HylaFAX+" Version: 5.2.4 April, 2008 through 5.5.3 August 6, 2013 Type: Daemon that manages a fax server via an FTP-like protocol. Vendor / Maintainer: Lee Howard faxguy at howardsilvan.com Project Homepage:...

6.8CVSS0.1AI score0.0785EPSS
Exploits5
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.31 views

Multiple vulnerabilities in InstantCMS

Hello 3APA3A! These are Login Enumeration, Cross-Site Scripting and Content Spoofing vulnerabilities in InstantCMS. ------------------------- Affected products: ------------------------- Vulnerable are InstantCMS 1.10.2 and previous versions. ------------------------- Affected vendors:...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.80 views

[SECURITY] [DSA 27671-1] proftpd-dfsg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2767-1 [email protected] http://www.debian.org/security/ Nico Golde September 29, 2013 http://www.debian.org/security/faq -...

5CVSS2.1AI score0.02985EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.42 views

hplip symbolic lcinks vulnerability

Unsafe temporary files handling...

1.9CVSS0.5AI score0.00444EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.36 views

Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities

Title: ====== Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities Date: ===== 2013-08-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1062 VL-ID: ===== 1063 Common Vulnerability Scoring System: ==================================== 8.8 Introduction:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.80 views

eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability

Title: ====== eTransfer Lite v1.0 iOS - Persistent Filename Vulnerability Date: ===== 2013-08-31 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1064 VL-ID: ===== 1064 Common Vulnerability Scoring System: ==================================== 3.8 Introduction:...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.36 views

Multiple vulnerabilities in RokMicroNews for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokMicroNews for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.48 views

proftpd DoS

DoS via modsftp and modsftppam modules...

5CVSS2.4AI score0.02985EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.73 views

[ MDVSA-2013:243 ] polkit

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:243 http://www.mandriva.com/en/support/security/ Package : polkit Date : September 27, 2013 Affected: Business Server 1.0 Problem Description: Updated polkit packages fix security vulnerability: A race...

7.2CVSS7.4AI score0.00419EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.55 views

PolicyKit protection bypass

pkcheck race conditions...

7.2CVSS2AI score0.00419EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.46 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Memory corruptions, integer overdlows, privilege escalations, code executions, information leakage...

10CVSS3.9AI score0.08894EPSS
Exploits4References1Affected Software4
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.61 views

ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability

ESA-2013-060.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability EMC Identifier: ESA-2013-060 CVE Identifier: CVE-2013-3278 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected products: • EMC VPLEX Local/Metro/Geo...

4.9CVSS0.4AI score0.00338EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.52 views

Open-Xchange Security Advisory 2013-07-31

Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 27473 Bug ID Vulnerability type: Phishing / Data injection Vulnerable version: 7.2.2 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev9, 7.2.1-rev10, 7.2.0-rev11, 7.0.2-rev14 Solution status: Fixed by...

3.5CVSS1.3AI score0.0093EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.64 views

[USN-1978-1] libKDcraw vulnerabilities

========================================================================== Ubuntu Security Notice USN-1978-1 September 30, 2013 libkdcraw vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

4.3CVSS0.1AI score0.02059EPSS
Exploits1
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.39 views

libraw / libKDCraw DoS

Crash on raw images parsing...

4.3CVSS2.9AI score0.02059EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.71 views

[USN-1981-1] HPLIP vulnerabilities

========================================================================== Ubuntu Security Notice USN-1981-1 September 30, 2013 hplip vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

1.9CVSS0.2AI score0.00444EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.79 views

Firefox for Android - Same-origin bypass through symbolic links

CVE Number: CVE-2013-1727 Vender Identifier: MFSA 2013-84 Title: Firefox for Android - Same-origin bypass through symbolic links Affected Software: Prior to v24 confirmed on v14 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v24 was released which fixes this...

4CVSS6AI score0.05189EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.60 views

[USN-1979-1] txt2man

========================================================================== Ubuntu Security Notice USN-1979-1 September 30, 2013 txt2man vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

3.3CVSS0.1AI score0.0034EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.89 views

USN-1976-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1976-1 September 30, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.2CVSS0.5AI score0.0181EPSS
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.46 views

XSS and Redirector vulnerabilities in InstantCMS

Hello 3APA3A! These are Cross-Site Scripting and Redirector vulnerabilities in InstantCMS. ------------------------- Affected products: ------------------------- Vulnerable are InstantCMS 1.10.2 and previous versions. ------------------------- Affected vendors: ------------------------- InstantSo...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.32 views

[ MDVSA-2013:244 ] davfs2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:244 http://www.mandriva.com/en/support/security/ Package : davfs2 Date : September 30, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and...

7.2CVSS6.3AI score0.01168EPSS
Exploits2
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.42 views

Multiple vulnerabilities in RokStories for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in plugin RokStories for WordPress. In August 2012 I wrote about multiple vulnerabilities in RokBox for WordPress http://securityvulns.ru/docs28871.html. These vulnerabilities are similar, since the same developers put the same...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.38 views

Subversion symbolic links vulnerabilitiy

Privilege escalation via symbolic links...

3.3CVSS4.6AI score0.00688EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.31 views

FreeBSD multiple security vulnerabilities

ifioctls privilege escalation, nullfs privilege escalation, sendfile information leakage...

6.9CVSS2.4AI score0.00376EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.77 views

HP ProCurve Manager, HP Identity Driven Manager multiple security vulnerabilities

Code execution, session reusage, SQL injection...

10CVSS2.1AI score0.79003EPSS
Exploits21References1Affected Software2
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.45 views

FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:12.ifioctl Security Advisory The FreeBSD Project Topic: Insufficient credential checks in network ioctl2 Category: core Module: sysnetinet6 sysnetatm Announced...

6.9CVSS6.8AI score0.00376EPSS
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.79 views

[ MDVSA-2013:229 ] bzr

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:229 http://www.mandriva.com/en/support/security/ Package : bzr Date : September 10, 2013 Affected: Business Server 1.0 Problem Description: Updated bzr packages fix security vulnerabilities: A denial of...

4.3CVSS6.3AI score0.04857EPSS
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.53 views

python libraries security vulnerabilities

SSL certificates parsing DoS, protection bypass...

6.8CVSS3.5AI score0.04857EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.54 views

FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:11.sendfile Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sendfile2 Category: core Module: sendfile Announced: 2013-09-10 Credits: E...

4.7CVSS6.4AI score0.00306EPSS
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.47 views

Sophos Web Protection Appliance code execution

Few command injections...

10CVSS3.9AI score0.90133EPSS
Exploits17References1Affected Software1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.63 views

[slackware-security] subversion (SSA:2013-251-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security subversion SSA:2013-251-01 New subversion packages are available for Slackware 14.0 and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

3.3CVSS9.1AI score0.00688EPSS
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.229 views

[security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03897409 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03897409 Version: 1 HPSBPV02918 rev....

10CVSS0.2AI score0.79003EPSS
Exploits21
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.65 views

Microsoft Windows multiple security vulnerabilities

OLE code execution, Windows Theme files code execution, kernel mode drivers privilege escalation, SCM privilege escalation, Acrive Directory DoS...

9.3CVSS5.5AI score0.59885EPSS
Exploits12Affected Software1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.40 views

Multiple vulnerabilities on D-Link Dir-505 devices

Multiple vulnerabilities on D-Link Dir-505 devices ================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities on D-Link Dir-505 devices Discovery date: 05/04/2013 Release date: 09/09/2013 Credits: Alessandro Di Pinto alessandro.dipinto artificialstudio...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.25 views

D-Link DIR-505 routers multiple security vulnerabilities

Code execution, directory taversal, weak encryption, privilege escalation, authentication bypass...

4.4AI score
Exploits0References1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.24 views

Microsoft Frontpage information leakage

XML information disclosure...

4.3CVSS0.6AI score0.32444EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.33 views

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruptions...

9.3CVSS2AI score0.66277EPSS
Exploits10Affected Software1
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.147 views

Microsoft Office multiple security vulnerabilities

Memory corruption on Outlook S/MIME parsing. Information leakage, multiple memory corruptions...

9.3CVSS3.3AI score0.28702EPSS
Exploits7Affected Software2
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.49 views

FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:13.nullfs Security Advisory The FreeBSD Project Topic: Cross-mount links between nullfs5 mounts Category: core Module: nullfs Announced: 2013-09-10 Credits:...

3.7CVSS6AI score0.00294EPSS
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.74 views

[ MDVSA-2013:227 ] python-setuptools

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:227 http://www.mandriva.com/en/support/security/ Package : python-setuptools Date : September 9, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been...

6.8CVSS6.4AI score0.01949EPSS
Exploits0
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.115 views

[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...

10CVSS0.8AI score0.90133EPSS
Exploits17
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.37 views

RSA Archer GRC security vulnerabilities

Invalid login restrictions, open redirect...

6CVSS3.2AI score0.01057EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.63 views

VUPEN Security Research - Microsoft Internet Explorer Protected Mode Sandbox Bypass (Pwn2Own 2013 / MS13-059)

VUPEN Security Research - Microsoft Internet Explorer Protected Mode Sandbox Bypass Pwn2Own 2013 / MS13-059 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as pa...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.80 views

[KIS-2013-05] vtiger CRM <= 5.4.0 (customerportal.php) Two Local File Inclusion Vulnerabilities

--------------------------------------------------------------------------------- vtiger CRM = 5.4.0 customerportal.php Two Local File Inclusion Vulnerabilities --------------------------------------------------------------------------------- - Software Link: http://www.vtiger.com/ - Affected...

0.3AI score0.07543EPSS
Exploits5
Total number of security vulnerabilities47153