Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/08/28 12:0 a.m.49 views

Chromium / Google Chrome multiple security vulnerabilities

Multiple memory corruptions, integer overflows, information leaks...

7.5CVSS3.1AI score0.01627EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.50 views

[ MDVSA-2013:217 ] spice

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:217 http://www.mandriva.com/en/support/security/ Package : spice Date : August 23, 2013 Affected: Business Server 1.0 Problem Description: Updated spice packages fix security vulnerability: An user able to...

5CVSS5.9AI score0.02629EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.42 views

FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FreeBSD-SA-13:09.ipmulticast Security Advisory The FreeBSD Project Topic: integer overflow in IPMSFILTER Category: core Module: kernel Announced: 2013-08-22 Credits: Clement Lecigne Google Security Team Affects: All supported versions of FreeBSD...

7.2CVSS6.4AI score0.00412EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.126 views

[ MDVSA-2013:216 ] perl-Proc-ProcessTable

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:216 http://www.mandriva.com/en/support/security/ Package : perl-Proc-ProcessTable Date : August 23, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated perl-Proc-ProcessTab...

2.6CVSS5.7AI score0.00303EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.119 views

[PSA-2013-0819-1] Oracle Java BytePackedRaster.verify() Signed Integer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0819-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Oracle...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.113 views

Oracle Java multiple security vulnerabilities

40 different vulnerabilities...

10CVSS2.4AI score0.98704EPSS
Exploits32References4Affected Software2
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.206 views

[ MDVSA-2013:221 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:221 http://www.mandriva.com/en/support/security/ Package : php Date : August 27, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and correct...

6.8CVSS6.3AI score0.05741EPSS
Exploits4
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.58 views

PHP / python certificate spoofing

Subject Alternative Name 0 invalid handling...

6.8CVSS1AI score0.05741EPSS
Exploits5References2
securityvulns
securityvulns
added 2013/08/28 12:0 a.m.145 views

[PSA-2013-0813-1] Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0813-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Oracle...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.229 views

Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access

----------------------------------------------------------------------------- Vulnerabilities: An unspecified bug can cause an unsafe/undocumented TCP port to open allowing for: - Unauthenticated remote access to all pages of the router administration GUI, bypassing any credential prompts under...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.51 views

Linksys EA access points authentication bypass

It's possible to access web administration without authentication...

4AI score0.03746EPSS
Exploits2References2
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.22 views

Sitecom wireless routers multiple security vulnerabilities

Undocumented hardcoded accounts, undocumented telnet access, weak WPA and administrator accounts generation...

3.1AI score
Exploits0References1
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.37 views

Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities

Title: ====== Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities Date: ===== 2013-08-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1047 VL-ID: ===== 1047 Common Vulnerability Scoring System: ==================================== 8.6 Introduction: ============...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.49 views

Multiple vulnerabilities on Sitecom N300/N600 devices

Multiple vulnerabilities on Sitecom N300/N600 devices ===================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities on Sitecom N300/N600 devices Discovery date: 01/06/2013 Release date: 19/08/2013 Credits: Roberto Paleari [email protected],...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.29 views

Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities

Title: ====== Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities Date: ===== 2013-08-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1047 VL-ID: ===== 1047 Common Vulnerability Scoring System: ==================================== 8.6 Introduction: ============...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.100 views

x90c WOFF Firefox 1day exploit

Hi Forks! I share my WOFF 1day exploit. attachment: http://www.x90c.org/exploits/x90cWOFFexploit.tgz dep bypass vulnerability: CVE-2010-1028 WOFF Heap Corruption due to Integer Overflow affacted Products: - Mozilla Firefox 3.6 Gecko 1.9.2 - Mozilla Firefox 3.6 Beta1, 3, 4, 5 Beta2 ko not released...

9.3CVSS1.1AI score0.08816EPSS
Exploits2
securityvulns
securityvulns
added 2013/08/20 12:0 a.m.62 views

Многочисленные уязвимости в Mozilla Firefox / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, integer overflows, array index overflows, information leak...

10CVSS3AI score0.87264EPSS
Exploits34References27Affected Software3
securityvulns
securityvulns
added 2013/08/17 12:0 a.m.36 views

libXfont memory corruption

Memory corruption on compressed font parsing...

9.3CVSS3.4AI score0.08355EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/08/14 12:0 a.m.95 views

PuTTY / WinSCP security vulnerabilities

SSH handshake heap buffer overflow, protection bypass, information leakage...

6.8CVSS2AI score0.03447EPSS
Exploits4References2Affected Software2
securityvulns
securityvulns
added 2013/08/14 12:0 a.m.51 views

Microsoft Exchange Oracle libraries security vulnerabilities

Outlook Web Access vulnerabilities because of vulnerable Oracle Outside In libraries...

6.8CVSS2.4AI score0.01732EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2013/08/14 12:0 a.m.85 views

[SECURITY] [DSA 2736-1] putty security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2736-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 11, 2013 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.03447EPSS
Exploits4
securityvulns
securityvulns
added 2013/08/14 12:0 a.m.120 views

[PSA-2013-0811-1] Oracle Java storeImageArray() Invalid Array Indexing

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0811-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Oracle...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/08/14 12:0 a.m.30 views

Microsoft Active Directory Federation Services information leakage

It's possible to obtain service account information to cause account locking via unsuccessful logon attempts...

5CVSS3.6AI score0.41432EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.47 views

Hikvision IP Cameras multiple security vulnerabilities

Code execution, protection bypass, information leakage...

10CVSS2.3AI score0.36112EPSS
Exploits10References1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.108 views

CORE-2013-0708 - Hikvision IP Cameras Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Hikvision IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: Hikvision IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0708 Advisory URL:...

10CVSS10AI score0.36112EPSS
Exploits10
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.32 views

Cisco TelePresence security vulnerabilities

DoS, directory traversal, backdoor account...

10CVSS4AI score0.02096EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.39 views

WD My Net security vulnerabilities

Unauthorized access, information leakages...

4.3CVSS3.1AI score0.04555EPSS
Exploits5References3
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.46 views

[slackware-security] gnupg / libgcrypt (SSA:2013-215-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security gnupg / libgcrypt SSA:2013-215-01 New gnupg and libgcrypt packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. New libgpg-error packages are also available for Slackware 13....

1.9CVSS7.5AI score0.00533EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.62 views

[SECURITY] [DSA 2734-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2734-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 05, 2013 http://www.debian.org/security/faq -...

5CVSS1.6AI score0.03738EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.39 views

Vodafone EasyBox weak WPS PIN

PIN is generated based on publically available data...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.31 views

Cisco Wide Area Application Services, CDS, VDS, CDM code execution

Code execution via HTTP POST request, privilege escalation...

10CVSS2.6AI score0.06002EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.37 views

TP-Link IP cameras security vulnerabilities

Code execution, protection bypass...

2.8AI score0.42243EPSS
Exploits7References2Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.97 views

HP Data Protector Arbitrary Remote Command Execution

""" HP Data Protector Arbitrary Remote Command Execution This script allows to execute a command with an arbitrary number of arguments. The trick calls 'perl.exe' interpreter installed with HP Data Protector inside the directory installpath/bin/. The main goal of the script is to bypass the...

10CVSS0.5AI score0.81081EPSS
Exploits30
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.78 views

Rgpg 0.2.2 Ruby Gem Remote Command Injection

Title: Rgpg 0.2.2 Ruby Gem Remote Command Injection Date: 7/31/2013 Advisory Author: Larry W. Cashdollar, @larry0 CVE: CVE-2013-4203 Download: https://rubygems.org/gems/rgpg Description: "A simple Ruby wrapper around gpg command for file encryption. rgpg is a simple API for interacting with the g...

7.5CVSS0.1AI score0.02075EPSS
Exploits3
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.127 views

Multiple vulnerabilities on D-Link DIR-645 devices

Multiple vulnerabilities on D-Link DIR-645 devices ================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities on D-Link DIR-645 devices Discovery date: 06/03/2013 Release date: 02/08/2013 Advisory URL:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.57 views

CORE-2013-0618 - Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras 1. Advisory Information Title: Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras Advisory ID: CORE-2013-0618 Advisory URL:...

10CVSS0.4AI score0.73713EPSS
Exploits10
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.26 views

Apache suexec security vulnerabilities

Protection bypass, privilege escalation...

3.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.43 views

HP Integrated Lights-Out authentication bypass

No description provided...

9CVSS2.1AI score0.0298EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.49 views

[ MDVSA-2013:207 ] samba

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:207 http://www.mandriva.com/en/support/security/ Package : samba Date : August 6, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected i...

5CVSS7.6AI score0.69008EPSS
Exploits7
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.22 views

Netresec NetworkMiner security vulnerabilities

Code execution, directory traversal...

4.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.116 views

SEC Consult SA-20130805-0 :: Vodafone EasyBox Default WPS PIN Algorithm Weakness

SEC Consult Vulnerability Lab Security Advisory 20130805-0 ======================================================================= title: Vodafone EasyBox Default WPS PIN Algorithm Weakness product: EasyBox 802 & EasyBox 803 vulnerable version: EasyBox 802 - all versions EasyBox 803 - Production...

Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.34 views

Wireshark multiple security vulnerabilities

Multiple vulnerabilities in different protocol dissectors...

7.8CVSS3AI score0.03738EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.47 views

HP Data Protector code execution

Unauthorized perl commands execution...

10CVSS2.5AI score0.81081EPSS
Exploits30References1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.28 views

D-Link DIR-645 unauthroized access

It's possible to obtain administration password without authentication, crossite scripting, buffer overflow...

3.8AI score
Exploits0References2
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.70 views

NGS00434 Technical Advisory: Oracle Hyperion 11 Directory Traversal

======= Summary ======= Name: Oracle Hyperion 11 - Directory Traversal Release Date: 30 July 2013 Reference: NGS00434 Discoverer: Richard Warren [email protected] Vendor: Oracle Vendor Reference: S0318807 Systems Affected: Oracle Hyperion 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129...

3.5CVSS5.6AI score0.06429EPSS
Exploits4
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.31 views

Apache mod_dav_svn DoS

Assertion failure on COPY, DELETE and MOVE commands processing...

4CVSS2.6AI score0.04383EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.41 views

gnupg / libcrypt RSA implementation flush+reload timing attack

Private key recovery by using CPU L3 cache timings...

1.9CVSS4.1AI score0.00533EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.62 views

Cisco IOS / ASA / FWSM / NX-OS / StarOS OSPF protocol vulnerability

LSA packet routing table manipulation...

5.8CVSS2.7AI score0.02206EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.34 views

Security vulnerabilities in different Ruby Gems

VUlnerabilities in different libraries...

7.5CVSS2.2AI score0.02075EPSS
Exploits3References8Affected Software5
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.39 views

Apache suEXEC privilege elevation / information disclosure

Apache suEXEC privilege elevation / information disclosure Discovered by Kingcope/Aug 2013 The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as...

0.2AI score
Exploits0
Total number of security vulnerabilities47153