Securityvulns - Page 9 of Securityvulns Vulnerabilities List

securityvulns•added 2015/08/23 12:0 a.m.•77 views

APPLE-SA-2015-08-20-1 QuickTime 7.7.8

APPLE-SA-2015-08-20-1 QuickTime 7.7.8 QuickTime 7.7.8 is now available and addresses the following: QuickTime Available for: Windows 7 and Windows Vista Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: Multipl...

7.5CVSS0.1AI score0.0364EPSS

securityvulns•added 2015/08/23 12:0 a.m.•45 views

[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04735247 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04735247 Version: 1 HPSBUX03369 SSRT102037 rev.1 - HP-UX execve2, Local Elevation...

4.4CVSS0.6AI score0.00344EPSS

securityvulns•added 2015/08/17 12:0 a.m.•102 views

APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses the following: Safari Application Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and O...

6.8CVSS0.02754EPSS

securityvulns•added 2015/08/17 12:0 a.m.•58 views

Apple iOS multiple security vulnerabilities

Over 70 of different vulnerabilities...

9.3CVSS2.1AI score0.13322EPSS

Exploits5References1Affected Software1

securityvulns•added 2015/08/17 12:0 a.m.•24 views

Cisco Unified Communications Manager multiple security vulnerabilities

Code execution, authentication bypass, local files inclusion...

2.7AI score

securityvulns•added 2015/08/17 12:0 a.m.•57 views

Apple Safari / Webkit multiple security vulnerabilities

Interface spoofing, memory corruption, restrictions bypass...

6.8CVSS2.1AI score0.02754EPSS

securityvulns•added 2015/08/17 12:0 a.m.•96 views

APPLE-SA-2015-08-13-3 iOS 8.4.1

APPLE-SA-2015-08-13-3 iOS 8.4.1 iOS 8.4.1 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem...

9.3CVSS0.4AI score0.13322EPSS

Exploits5

securityvulns•added 2015/08/17 12:0 a.m.•1068 views

Apple Mac OS X / OS X Server multiple security vulnerabilities

Over 150 different vulnerabilities in system components and libraries...

9.3CVSS2.4AI score0.90945EPSS

Exploits65References2Affected Software2

securityvulns•added 2015/08/17 12:0 a.m.•1093 views

APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006

APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 OS X Yosemite v10.10.5 and Security Update 2015-006 is now available and addresses the following: apache Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in...

9.3CVSS0.7AI score0.74483EPSS

Exploits53

securityvulns•added 2015/08/17 12:0 a.m.•91 views

APPLE-SA-2015-08-13-4 OS X Server v4.1.5

APPLE-SA-2015-08-13-4 OS X Server v4.1.5 OS X Server v4.1.5 is now available and addresses the following: BIND Available for: OS X Yosemite v10.10.5 or later Impact: A remote attacker may be able to cause a denial of service Description: An assertion issue existed in the handling of TKEY packets...

7.8CVSS7.1AI score0.90945EPSS

Exploits12

securityvulns•added 2015/08/17 12:0 a.m.•144 views

Cisco Unified Communications Manager Multiple Vulnerabilities (VP2015-001)

Vantage Point Security Advisory 2015-001 ======================================== Title: Cisco Unified Communications Manager Multiple Vulnerabilities Vendor: Cisco Vendor URL: http://www.cisco.com/ Versions affected: 9.2, 10.5.2, 11.0.1. Severity: Low to medium Vendor notified: Yes Reported: Oct...

10CVSS1.2AI score0.99999EPSS

Exploits130

securityvulns•added 2015/08/11 12:0 a.m.•100 views

Microsoft Office multiple security vulnerabilities

Memory corruptions, code execution...

9.3CVSS2.9AI score0.53213EPSS

Exploits0Affected Software4

securityvulns•added 2015/08/11 12:0 a.m.•45 views

System Center Operations Manager crossite scripting

Crossite scripting in web interface...

4.3CVSS1.8AI score0.08807EPSS

securityvulns•added 2015/08/10 12:0 a.m.•52 views

squid restrictions bypass

Restrictions bypass is possible under some configurations...

6.8CVSS2.4AI score0.16525EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/08/10 12:0 a.m.•55 views

FreeBSD Security Advisory FreeBSD-SA-15:19.routed

============================================================================= FreeBSD-SA-15:19.routed Security Advisory The FreeBSD Project Topic: routed8 remote denial of service vulnerability Category: core Module: routed Announced: 2015-08-05 Credits: Hiroki Sato Affects: All supported version...

4CVSS6.9AI score0.02649EPSS

securityvulns•added 2015/08/10 12:0 a.m.•33 views

FreeBSD routed DoS

Crash on RIP request from non-directly connected network...

4CVSS1.1AI score0.02649EPSS

securityvulns•added 2015/08/10 12:0 a.m.•50 views

FreeBSD Security Advisory FreeBSD-SA-15:18.bsdpatch

============================================================================= FreeBSD-SA-15:18.bsdpatch Security Advisory The FreeBSD Project Topic: shell injection vulnerability in patch1 Category: contrib Module: patch Announced: 2015-08-05 Credits: Martin Natano Affects: FreeBSD 10.x. Correcte...

9.3CVSS8AI score0.03778EPSS

securityvulns•added 2015/08/10 12:0 a.m.•44 views

FreeBSD patch code execution

Commands injection is possible...

9.3CVSS2.6AI score0.03778EPSS

Exploits0References2Affected Software1

securityvulns•added 2015/08/10 12:0 a.m.•60 views

[SECURITY] [DSA 3327-1] squid3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3327-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 03, 2015 https://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.16525EPSS

securityvulns•added 2015/08/03 12:0 a.m.•33 views

HPLIP restrictions bypas

Invalid GPG key retrieval from server...

6.8CVSS1.6AI score0.06296EPSS

securityvulns•added 2015/08/03 12:0 a.m.•39 views

[USN-2699-1] HPLIP vulnerability

========================================================================== Ubuntu Security Notice USN-2699-1 July 30, 2015 hplip vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

6.8CVSS0.3AI score0.06296EPSS

securityvulns•added 2015/08/03 12:0 a.m.•49 views

ISC bind named DoS

Assert on TKEY request processing...

7.8CVSS1.9AI score0.90945EPSS

Exploits12References1Affected Software1

securityvulns•added 2015/08/03 12:0 a.m.•29 views

Cisco ASR routers DoS

Crash on fragmented packets processing...

7.8CVSS3.7AI score0.01982EPSS

Exploits0Affected Software1

securityvulns•added 2015/08/03 12:0 a.m.•54 views

[USN-2697-1] Ghostscript vulnerability

========================================================================== Ubuntu Security Notice USN-2697-1 July 30, 2015 ghostscript vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS0.6AI score0.03748EPSS

securityvulns•added 2015/08/03 12:0 a.m.•40 views

ghostscript memory corruption

Memory corruption on Postscript file parsing...

6.8CVSS2.7AI score0.03748EPSS

securityvulns•added 2015/08/03 12:0 a.m.•48 views

FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:14.bsdpatch Security Advisory The FreeBSD Project Topic: shell injection vulnerability in patch1 Category: contrib Module: patch Announced: 2015-07-28 Credit...

9.3CVSS8.1AI score0.03535EPSS

securityvulns•added 2015/08/03 12:0 a.m.•62 views

FreeBSD Security Advisory FreeBSD-SA-15:17.bind

============================================================================= FreeBSD-SA-15:17.bind Security Advisory The FreeBSD Project Topic: BIND remote denial of service vulnerability Category: contrib Module: bind Announced: 2015-07-28 Credits: ISC Affects: FreeBSD 8.x and FreeBSD 9.x...

7.8CVSS7.8AI score0.90945EPSS

Exploits12

securityvulns•added 2015/08/03 12:0 a.m.•83 views

[SECURITY] [DSA 3318-1] expat security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3318-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS July 26, 2015 https://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.19069EPSS

securityvulns•added 2015/08/03 12:0 a.m.•50 views

expat library integer overflow

Multiple integer overflows...

6.8CVSS3.5AI score0.19069EPSS

securityvulns•added 2015/08/03 12:0 a.m.•79 views

[USN-2692-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2692-1 July 28, 2015 qemu vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

7.2CVSS1.1AI score0.01594EPSS

securityvulns•added 2015/08/02 12:0 a.m.•37 views

[SECURITY] [DSA 3320-1] openafs security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3320-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 30, 2015 https://www.debian.org/security/faq -...

6.8CVSS1.3AI score0.02081EPSS

securityvulns•added 2015/08/02 12:0 a.m.•33 views

DoS против библиотеки XMLTooling

Unhandled exception on processing XML with invalid schema...

5CVSS1.8AI score0.02444EPSS

securityvulns•added 2015/08/02 12:0 a.m.•26 views

OpenAFS multiple security vulnerabilities

Information disclosure, DoS...

6.8CVSS1.1AI score0.02081EPSS

securityvulns•added 2015/08/02 12:0 a.m.•36 views

[SECURITY] [DSA 3321-1] xmltooling security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3321-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini July 30, 2015 https://www.debian.org/security/faq -...

5CVSS1.6AI score0.02444EPSS

securityvulns•added 2015/08/02 12:0 a.m.•114 views

FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:16.openssh Security Advisory The FreeBSD Project Topic: OpenSSH multiple vulnerabilities Category: contrib Module: openssh Announced: 2015-07-28, revised on...

8.5CVSS6.1AI score0.09302EPSS

Exploits2

securityvulns•added 2015/08/02 12:0 a.m.•95 views

[USN-2694-1] PCRE vulnerabilities

========================================================================== Ubuntu Security Notice USN-2694-1 July 29, 2015 pcre3 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.5CVSS1.1AI score0.09157EPSS

Exploits4

securityvulns•added 2015/08/02 12:0 a.m.•43 views

PCRE multiple security vulnerabilities

Multiple memory corruptions on PCRE parsing...

7.5CVSS2.9AI score0.09157EPSS

Exploits4References1Affected Software1

securityvulns•added 2015/07/27 12:0 a.m.•40 views

LXC directory traversal

Directory traversal on lock files creation...

7.2CVSS3.2AI score0.00459EPSS

Exploits1References1Affected Software1

securityvulns•added 2015/07/27 12:0 a.m.•91 views

SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express

5.5CVSS0.1AI score0.01716EPSS

Exploits2

securityvulns•added 2015/07/27 12:0 a.m.•44 views

CVE-2015-5379: Axigen XSS vulnerability for html attachments

CVEID: CVE-2015-5379 SUBJECT: Axigen XSS vulnerability for html attachments DESCRIPTION: Axigen's WebMail Ajax interface implements a view attachment function that executes javascript code that is part of email HTML attachments. This allows a malicious user to craft email messages that could expo...

3.5CVSS0.01552EPSS

securityvulns•added 2015/07/27 12:0 a.m.•33 views

Elastic Logstash directory traversal

Directory traversal in file output plugin...

6.4CVSS2.7AI score0.0303EPSS

Exploits1References2Affected Software1

securityvulns•added 2015/07/27 12:0 a.m.•102 views

NetCracker Resource Management 8.0 - SQL Injection Vulnerability

Vulnerability type: SQL Injection Vendor: http://www.netcracker.com/ Product: NetCracker Resource Management System Affected version: = 8.0 Patched version: 8.2 Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan CVE ID: CVE-2015-3423 PROOF OF CONCEPT SQLi SQL Injection SQLi vulnerability in multip...

1.2AI score0.02378EPSS

Exploits3

securityvulns•added 2015/07/27 12:0 a.m.•63 views

[SECURITY] [DSA 3312-1] cacti security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3312-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini July 22, 2015 https://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.02178EPSS

securityvulns•added 2015/07/27 12:0 a.m.•35 views

Cisco Videoscape Delivery System DoS

It's possible to reload device with HTTP request...

7.8CVSS1.1AI score0.01939EPSS

Exploits0Affected Software1

securityvulns•added 2015/07/27 12:0 a.m.•57 views

[USN-2675-1] LXC vulnerabilities

========================================================================== Ubuntu Security Notice USN-2675-1 July 22, 2015 lxc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.9CVSS0.1AI score0.00459EPSS

securityvulns•added 2015/07/27 12:0 a.m.•59 views

[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure

Severity: Important Vendor: The Apache Software Foundation Versions Affected: All unsupported versions ranging from 1.7.0 to 2.4.3. Impact Remote execution of untrusted code, DoS Description When an application has Groovy on classpath and that it uses standard Java serialization mechanims to...

0.9AI score0.44303EPSS

Exploits4

securityvulns•added 2015/07/27 12:0 a.m.•59 views

XSS vulnerability in OFBiz forms

https://issues.apache.org/jira/browse/OFBIZ-6506 In Ofbiz form need to escape characters from description column in a display-entity tag to avoid XSS attacks. display-entity entity-name="Table" description="$description" I tried to use bsh, as following: display-entity entity-name="Table"...

0.2AI score

securityvulns•added 2015/07/27 12:0 a.m.•40 views

Logstash vulnerability CVE-2015-5378

Summary: Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfully implement a man in the middle attack, intercepting communication between the Logstash Forwarder agent and...

2.6AI score0.02462EPSS