Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/08/12 12:0 a.m.46 views

Two Vulnerabilities in NetworkMiner : DLL Hijacking + Directory Traversal

Security Advisory ID: NETRESEC-1386968 http://netresec.com/?b=1386968 NetworkMiner version 1.4.1 and older is vulnerable to DLL hijacking and contains a directory traversal vulnerability. ==Description== NetworkMiner is a tool designed for network forensics and network security monitoring. It is...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.147 views

HP / 3COM / H3C switches security vulnerabilities

Code execution, information leakage...

10CVSS1.8AI score0.10719EPSS
Exploits0References3
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.93 views

[security bulletin] HPSBHF02912 rev.1 - HP Networking Products including H3C and 3COM Routers and Switches, OSPF Remote Information Disclosure and Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03880910 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03880910 Version: 1 HPSBHF02912 rev....

7CVSS0.1AI score0.01916EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.39 views

FTP OnConnect v1.4.11 iOS - Multiple Web Vulnerabilities

Title: ====== FTP OnConnect v1.4.11 iOS - Multiple Web Vulnerabilities Date: ===== 2013-08-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1041 VL-ID: ===== 1041 Common Vulnerability Scoring System: ==================================== 8.6 Introduction: =============...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.32 views

withU Music Share v1.3.7 iOS - Command Inject Vulnerability

Title: ====== withU Music Share v1.3.7 iOS - Command Inject Vulnerability Date: ===== 2013-08-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1040 VL-ID: ===== 1040 Common Vulnerability Scoring System: ==================================== 6.1 Introduction:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.88 views

Update: Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials

Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware 1.05.12 N900C Firmware 1.06.18 N900C Firmware 1.06.28 CVE...

4.3CVSS6.7AI score0.04555EPSS
Exploits5
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.104 views

[SECURITY] [DSA 2732-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2732-1 [email protected] http://www.debian.org/security/ Michael Gilbert July 31, 2013 http://www.debian.org/security/faq -...

7.5CVSS0.3AI score0.02493EPSS
Exploits5
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.83 views

Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities

Quarterly CPU fixes 89 dufferent vulnerabilities...

10CVSS2.1AI score0.94248EPSS
Exploits42References1Affected Software19
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.51 views

Chromium / Google Chrome multiple security vulnerabilities

Protection bypass, privilege escalation, DoS, use-after-free, information leakage, memory corruptions...

9.3CVSS2.7AI score0.04733EPSS
Exploits5References2Affected Software1
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.118 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Memory corruptions, buffer overflows, crossite data access, crossite scripting, information spoofing, privilege escalation, protection bypass, code execution, information leakage...

10CVSS3.9AI score0.40118EPSS
Exploits15Affected Software5
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.94 views

[security bulletin] HPSBMU02902 rev.1 - HP Integrated Lights-Out iLO3, iLO4 IPMI Cipher Suite 0 Authentication Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03844348 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03844348 Version: 1 HPSBMU02902 rev....

9CVSS0.7AI score0.0298EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.47 views

[slackware-security] gnupg / libgcrypt (SSA:2013-215-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security gnupg / libgcrypt SSA:2013-215-01 New gnupg and libgcrypt packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. New libgpg-error packages are also available for Slackware 13....

1.9CVSS7.5AI score0.00533EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.71 views

NGS00434 Technical Advisory: Oracle Hyperion 11 Directory Traversal

======= Summary ======= Name: Oracle Hyperion 11 - Directory Traversal Release Date: 30 July 2013 Reference: NGS00434 Discoverer: Richard Warren [email protected] Vendor: Oracle Vendor Reference: S0318807 Systems Affected: Oracle Hyperion 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129...

3.5CVSS5.6AI score0.06429EPSS
Exploits4
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.63 views

[SECURITY] [DSA 2734-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2734-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 05, 2013 http://www.debian.org/security/faq -...

5CVSS1.6AI score0.03738EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.128 views

Multiple vulnerabilities on D-Link DIR-645 devices

Multiple vulnerabilities on D-Link DIR-645 devices ================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities on D-Link DIR-645 devices Discovery date: 06/03/2013 Release date: 02/08/2013 Advisory URL:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/08/12 12:0 a.m.117 views

SEC Consult SA-20130805-0 :: Vodafone EasyBox Default WPS PIN Algorithm Weakness

SEC Consult Vulnerability Lab Security Advisory 20130805-0 ======================================================================= title: Vodafone EasyBox Default WPS PIN Algorithm Weakness product: EasyBox 802 & EasyBox 803 vulnerable version: EasyBox 802 - all versions EasyBox 803 - Production...

Exploits0
securityvulns
securityvulns
added 2013/08/05 12:0 a.m.46 views

HP printers information leakage

It's possible to obtain user accounts and WiFi PIN without authentication...

7.8CVSS2.4AI score0.04046EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/08/05 12:0 a.m.110 views

PuTTY SSH handshake heap overflow

PuTTY SSH handshake heap overflow CVE-2013-4852 Description: PuTTY versions 0.62 and earlier - as well as all software that integrates these versions of PuTTY - are vulnerable to an integer overflow leading to heap overflow during the SSH handshake before authentication, caused by improper bounds...

6.8CVSS0.03447EPSS
Exploits1
securityvulns
securityvulns
added 2013/08/05 12:0 a.m.90 views

HPSBPI02887 rev.2 - Certain HP LaserJet Pro Printers, Remote Information Disclosure

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2013-07-31 Last Updated: 2013-07-31 Potential Security Impact: Remote information disclosure Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A...

7.8CVSS0.5AI score0.04046EPSS
Exploits0
securityvulns
securityvulns
added 2013/08/05 12:0 a.m.336 views

HP LaserJet Pro printers remote admin password extraction

Some of the networked HP LaserJet printers have hidden URLs hardcoded in the firmware. The URLs are not authenticated and can be used to extract admin password in plaintext v among other information like WiFi settings including WPS PIN. Models affected: HP LaserJet Pro P1102w, HP LaserJet Pro...

Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.28 views

XnView buffer overflow

Buffer overflow on .PCT parsing...

9.3CVSS4.9AI score0.11839EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.57 views

CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Artweaver Buffer Overflow Vulnerability 1. Advisory Information Title: Artweaver Buffer Overflow Vulnerability Advisory ID: CORE-2013-0701 Advisory URL: http://www.coresecurity.com/advisories/artweaver-buffer-overflow-vulnerabili...

6.8CVSS0.09557EPSS
Exploits4
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.41 views

Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability

Title: ====== Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability Date: ===== 2013-07-20 References: =========== http://vulnerability-lab.com/getcontent.php?id=775 BARRACUDA NETWORK SECURITY ID: BNSEC-723 VL-ID: ===== 775 Common Vulnerability Scoring System:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.63 views

CVE-2013-2189: OpenOffice DOC Memory Corruption Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2189 OpenOffice DOC Memory Corruption Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 3.4.0 to 3.4.1 on all platforms. Predecessor versions of OpenOffice.org may be also affected...

6.8CVSS0.7AI score0.03958EPSS
Exploits1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.42 views

Little CMS library DoS

Crash on file parsing...

5CVSS2.4AI score0.02809EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.67 views

[USN-1911-1] Little CMS vulnerability

========================================================================== Ubuntu Security Notice USN-1911-1 July 29, 2013 lcms2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

5CVSS0.4AI score0.02809EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.174 views

Apache OpenOffice security vulnerabilities

Few memory corruptions...

6.8CVSS3AI score0.03958EPSS
Exploits2References2Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.26 views

Dell Kace security vulnerabilities

Crossite scripting and SQL injection in web administration...

2AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.32 views

Cisco Video Surveillance Manager multiple security vulnerabilities

Directory traversal, authentication bypass...

9CVSS3.3AI score0.10188EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.46 views

DirectShow Arbitrary Memory Overwrite Vulnerability ms13-056

Introduction: The Microsoft DirectShow application programming interface API is a media-streaming architecture for Microsoft Windows. Using DirectShow, your applications can perform high-quality video and audio playback or capture. Overview: DirectShow in Microsoft Windows XP SP2 and SP3, Windows...

9.3CVSS1.6AI score0.31979EPSS
Exploits5
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.57 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.12138EPSS
Exploits6References9Affected Software5
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.70 views

SEC Consult SA-20130726-0 :: Multiple vulnerabilities - Surveillance via Symantec Web Gateway

SEC Consult Vulnerability Lab Security Advisory 20130726-0 ======================================================================= title: Multiple vulnerabilities - Surveillance via Symantec Web Gateway product: Symantec Web Gateway vulnerable version: = 5.1.0. fixed version: 5.1.1 CVE number:...

8.3CVSS0.3AI score0.10747EPSS
Exploits4
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.62 views

FreeBSD Security Advisory FreeBSD-SA-13:08.nfsserver

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:08.nfsserver Security Advisory The FreeBSD Project Topic: Incorrect privilege validation in the NFS server Category: core Module: nfsserver Announced: 2013-07-...

6.4CVSS6.3AI score0.02137EPSS
Exploits1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.31 views

Samsung TV DoS

Crash on oversized GET request...

7.8CVSS2.5AI score0.02603EPSS
Exploits6References1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.27 views

SurgeFTP buffer overflow

Heap based buffer overflow...

7.5CVSS1.9AI score0.04248EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.83 views

[ MDVSA-2013:199 ] squid

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:199 http://www.mandriva.com/en/support/security/ Package : squid Date : July 25, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered an...

7.5CVSS9.2AI score0.43261EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.57 views

[security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03864640 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03864640 Version: 1 HPSBGN02906 rev....

4.3CVSS0.02105EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.28 views

Barracuda CudaTel multiple security vulnerabilities

Multiple web interface vulnerabilities...

2.4AI score
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.32 views

Juniper Secure Access crossite scripting

Crossite scripting in SSLVPN...

4.3CVSS1.5AI score0.00931EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.65 views

CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ FOSCAM IP-Cameras Improper Access Restrictions 1. Advisory Information Title: FOSCAM IP-Cameras Improper Access Restrictions Advisory ID: CORE-2013-0613 Advisory URL:...

0.1AI score0.29593EPSS
Exploits5
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.30 views

Artweaver buffer overflow

Buffer overflow on .AWD files parsing...

6.8CVSS4.8AI score0.09557EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.51 views

CORE-2013-0705 - XnView Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ XnView Buffer Overflow Vulnerability 1. Advisory Information Title: XnView Buffer Overflow Vulnerability Advisory ID: CORE-2013-0705 Advisory URL: http://www.coresecurity.com/advisories/xnview-buffer-overflow-vulnerability Date...

9.3CVSS0.11839EPSS
Exploits4
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.68 views

squid DoS

Crash on invalid Host: header...

7.5CVSS0.8AI score0.43261EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.45 views

CA Service Desk Manager crossite scripting

Web interface crossite scripting...

4.3CVSS1.9AI score0.00942EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.46 views

Photo Server 2.0 iOS - Multiple Critical Vulnerabilities

Title: ====== Photo Server 2.0 iOS - Multiple Critical Vulnerabilities Date: ===== 2013-07-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1029 VL-ID: ===== 1029 Common Vulnerability Scoring System: ==================================== 8.6 Introduction: =============...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.29 views

Symantec Web Gateway multiple security vulnerabilities

Crossite scripting, crossite request forgery, SQL injection, code execution, privilege escalation...

8.3CVSS3.2AI score0.10747EPSS
Exploits4References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.54 views

SurgeFtp Server BufferOverflow Vulnerability

------------------------------------------------------------------------------- | SurgeFtp Server BufferOverflow Vulnerability| -------------------------------------------------------------------------------- Summary ================ SurgeFTP Server has a buffer overflow vulnerability which effec...

7.5CVSS0.2AI score0.04248EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.119 views

Basic Forum by JM LLC - Multiple Vulnerabilities

Dear all, I have discovered some vulnerabilities in Basic Forum, developed by JM LLC. Cheers, Sp3ctrecore ADVISORY ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities ================================================ Software................: Basic For...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.36 views

OpenAFS security vulnerabilities

Weak enbcryption algorithm...

4.3CVSS2.1AI score0.01855EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.25 views

Barracuda Networks products multiple security vulnerabilities

Web filter administration crossite scripting...

1.7AI score
Exploits0References1Affected Software3
Total number of security vulnerabilities47153