Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/07/29 12:0 a.m.38 views

Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability

Title: ====== Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability Date: ===== 2013-07-20 References: =========== http://vulnerability-lab.com/getcontent.php?id=775 BARRACUDA NETWORK SECURITY ID: BNSEC-723 VL-ID: ===== 775 Common Vulnerability Scoring System:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.66 views

Easy Blog by JM LLC - Multiple Vulnerabilities

Dear all, I have discovered some vulnerabilities in Easy Blog, developed by JM LLC. Cheers, Sp3ctrecore ADVISORY =========================================== Easy Blog JM LLC - Multiple Vulnerabilities =========================================== Software................: Easy Blog Software...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.64 views

Cross-Site Scripting (XSS) in Duplicator WordPress Plugin

Advisory ID: HTB23162 Product: Duplicator WordPress Plugin Vendor: LifeInTheGrid Vulnerable Versions: 0.4.4 and probably prior Tested Version: 0.4.4 Vendor Notification: June 19, 2013 Vendor Patch: July 21, 2013 Public Disclosure: July 24, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

4.3CVSS5.5AI score0.11102EPSS
Exploits2
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.30 views

FreeBSD NFS privilege escalation

It's possible to access files with credentials of any user if anonymous NFS acccess is allowed...

6.4CVSS3.9AI score0.02137EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.79 views

Private Photos v1.0 iOS - Persistent Path Web Vulnerability

Title: ====== Private Photos v1.0 iOS - Persistent Path Web Vulnerability Date: ===== 2013-07-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1034 VL-ID: ===== 1034 Common Vulnerability Scoring System: ==================================== 3.5 Introduction:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.80 views

[CVE-2013-2137] Apache OFBiz XSS vulnerability in the "View Log" screen of the Webtools application

CVE-2013-2137 - Apache OFBiz XSS vulnerability in the "View Log" screen of the Webtools application Vendor: The Apache Software Foundation Versions Affected: Apache OFBiz 10.04.01 to 10.04.05 Apache OFBiz 11.04.01 to 11.04.02 Apache OFBiz 12.04.01 Description: XSS vulnerability in the "View Log"...

4.3CVSS0.4AI score0.07698EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.47 views

ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability

ESA-2013-033.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability EMC Identifier: ESA-2013-033 EMC Identifier: NW144712 CVE Identifier: CVE-2013-0943 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected products...

4.6CVSS0.8AI score0.00302EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.143 views

DoS and XSS vulnerabilities in Googlemaps plugin for Joomla

Hello 3APA3A! Earlier I wrote about multiple vulnerabilities in Googlemaps plugin for Joomla http://securityvulns.ru/docs29645.html. After my informing, the developer fixed these vulnerabilities in versions 2.19 and 3.1 of the plugin - by removing proxy functionality. And in version 3.2 of the...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.137 views

Xymon Systems and Network Monitor - remote file deletion vulnerability

Advisory ID: HTB23163 Product: Magnolia CMS Vendor: Magnolia International Ltd Vulnerable Versions: 4.5.7, 4.5.8, 4.5.9, 5.0 and 5.0.1 Community Edition Tested Version: 5.0 Community Edition Vendor Notification: July 3, 2013 Vendor Patch: July 18, 2013 Public Disclosure: July 24, 2013 Vulnerabili...

4.3CVSS0.8AI score0.0353EPSS
Exploits3
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.51 views

FreeBSD Security Advisory FreeBSD-SA-13:07.bind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:07.bind Security Advisory The FreeBSD Project Topic: BIND remote denial of service Category: contrib Module: bind Announced: 2013-07-26 Credits: Maxim Shudrak...

7.8CVSS6.7AI score0.3415EPSS
Exploits1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.28 views

EMC NetWorker information leakage

It's possible to retrieve sensible configuration information...

4.6CVSS1.9AI score0.00302EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.61 views

[USN-1911-1] Little CMS vulnerability

========================================================================== Ubuntu Security Notice USN-1911-1 July 29, 2013 lcms2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

5CVSS0.4AI score0.02809EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.65 views

Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials

Vulnerable Products - WD My Net N600 HD Dual Band Router Wireless N WiFi Router Accelerate HD WD My Net N750 HD Dual Band Router Wireless N WiFi Router Accelerate HD Linux 2.6.3 Kernel Firmware Ver. 1.03.xx 1.04.xx Firmware unaffected Ver 1.01.xx WD My Net N900 HD Dual Band Router Wireless N WiFi...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.52 views

Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities

Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.96 views

[security bulletin] HPSBGN02905 rev.1 - HP LoadRunner, Remote Code Execution and Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03862772 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03862772 Version: 1 HPSBGN02905 rev....

10CVSS1.3AI score0.67723EPSS
Exploits27
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.57 views

WebDisk 3.0.2 PhotoViewer iOS - Command Execution Vulnerability

Title: ====== WebDisk 3.0.2 PhotoViewer iOS - Command Execution Vulnerability Date: ===== 2013-07-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1035 VL-ID: ===== 1035 Common Vulnerability Scoring System: ==================================== 8.8 Introduction:...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.71 views

CVE-2013-4156: OpenOffice DOCM Memory Corruption Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4156 OpenOffice DOCM Memory Corruption Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 3.4.0 and 3.4.1, on all platforms. Predecessor versions of OpenOffice.org may be also affecte...

6.8CVSS0.7AI score0.03958EPSS
Exploits1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.71 views

Juniper Secure Access XSS Vulnerability

------------------------------------------------------------------------------- | Juniper Secure Access XSS Vulnerability| -------------------------------------------------------------------------------- Summary =============== Juniper Secure Access software has reflected XSS vulnerability CVE...

4.3CVSS0.4AI score0.00931EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.42 views

ISC bind DoS

assert on client request processing...

7.8CVSS2.1AI score0.3415EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.32 views

iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability

Title: ====== iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability Date: ===== 2013-07-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1031 VL-ID: ===== 1031 Common Vulnerability Scoring System: ==================================== 3.6 Introduction:...

Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.85 views

Microsoft Windows multiple security vulnerabilities

Multiple vulnerabilities in .Net and Silverlight, multiple kernel components vulnerabilities, GDI+ TrueType parsing memory corruption, DirectShow memory corruption, VMW parsing memory corruption, multiple Internet Explorer memory corruption, Windows Defender privilege escalation...

9.3CVSS3.2AI score0.70676EPSS
Exploits42References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.50 views

HP LoadRunner multiple security vulnerabilities

DoS, code execution...

10CVSS1.5AI score0.67723EPSS
Exploits27References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.64 views

Samsung TV - DoS vulnerability

Author: Malik Mesellem - @MMEIT - http://www.itsecgames.com Type: Denial of Service DoS attack Description: DoS vulnerability on some Samsung TVs The web server DMCRUIS/0.1 on port TCP/5600 is crashing by sending a long HTTP GET request Tested successfully on my Samsung PS50C7700 plasma TV...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.113 views

Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities

Title: ====== Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities Date: ===== 2013-07-22 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=832 VL-ID: ===== 832 Common Vulnerability Scoring System: ==================================== 7.5 Introduction: =============...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.53 views

[SECURITY] [DSA 2729-1] openafs security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2729-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 28, 2013 http://www.debian.org/security/faq -...

4.3CVSS0.7AI score0.01855EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.34 views

Download Lite v4.3 iOS - Persistent File Web Vulnerability

Title: ====== Download Lite v4.3 iOS - Persistent File Web Vulnerability Date: ===== 2013-07-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1023 VL-ID: ===== 1023 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.137 views

Cross-Site Scripting (XSS) in Magnolia CMS

Advisory ID: HTB23163 Product: Magnolia CMS Vendor: Magnolia International Ltd Vulnerable Versions: 4.5.7, 4.5.8, 4.5.9, 5.0 and 5.0.1 Community Edition Tested Version: 5.0 Community Edition Vendor Notification: July 3, 2013 Vendor Patch: July 18, 2013 Public Disclosure: July 24, 2013 Vulnerabili...

4.3CVSS0.6AI score0.0353EPSS
Exploits3
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.93 views

[CVE-2013-2250] Apache OFBiz Nested expression evaluation allows remote users to execute arbitrary UEL functions in OFBiz

CVE-2013-2250 - Apache OFBiz Nested expression evaluation allows remote users to execute arbitrary UEL functions in OFBiz Vendor: The Apache Software Foundation Versions Affected: Apache OFBiz 10.04.01 to 10.04.05 Apache OFBiz 11.04.01 to 11.04.02 Apache OFBiz 12.04.01 Description: Parameter valu...

10CVSS3.1AI score0.12138EPSS
Exploits1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.34 views

HP Application Lifecycle Management crossite scripting

HP Application Lifecycle Management Quality Center crossite scripting...

4.3CVSS1.1AI score0.02105EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.181 views

[security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03824583 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03824583 Version: 1 HPSBMU02894 rev....

7.5CVSS1.3AI score0.80318EPSS
Exploits43
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.79 views

HP Network Node Manager multiple security vulnerabilities

Unauthorized access, code execution, DoS...

7.5CVSS1.8AI score0.80318EPSS
Exploits43References2Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.53 views

Foscam cameras security vulnerabilities

Directory traversal, CSRF...

7.8CVSS3.4AI score0.29593EPSS
Exploits6References3
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.45 views

CA20130725-01: Security Notice for CA Service Desk Manager

-----BEGIN PGP SIGNED MESSAGE----- CA20130725-01: Security Notice for CA Service Desk Manager Issued: July 25, 2013 CA Technologies Support is alerting customers to a potential risk with CA Service Desk Manager. A vulnerability exists that can allow a remote attacker to conduct cross-site scripti...

4.3CVSS0.5AI score0.00942EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.145 views

Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities

Title: ====== Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities Date: ===== 2013-07-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=791 VL-ID: ===== 791 Common Vulnerability Scoring System: ==================================== 3.5 Introduction:...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.7438 views

Multiple vulnerabilities in Googlemaps plugin for Joomla

Hello 3APA3A! These are Denial of Service, XML Injection, Cross-Site Scripting and Full path disclosure vulnerabilities in Googlemaps plugin for Joomla. ------------------------- Affected products: ------------------------- Vulnerable are Googlemaps plugin for Joomla versions 2.x and 3.x and...

1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.31 views

Symantec Workspace Virtualization privilege escalation

Unsafe function's hook...

2.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.27 views

HP Smart Zero Client unauthorized access

No description provided...

4.6CVSS2.1AI score0.00521EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.53 views

SEC Consult SA-20130719-0 :: Multiple vulnerabilities in Sybase EAServer

SEC Consult Vulnerability Lab Security Advisory 20130719-0 ======================================================================= title: Multiple vulnerabilities product: Sybase EAServer vulnerable version: =6.3.1 fixed version: vendor did not supply version information CVE number: - impact:...

Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.66 views

[security bulletin] HPSBHF02878 rev.1 - HP Smart Zero Client, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03757330 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03757330 Version: 1 HPSBHF02878 rev....

4.6CVSS0.2AI score0.00521EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.63 views

Open-Xchange Security Advisory 2013-06-03

Open-Xchange Security Advisory multiple vulnerabilities Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been discovered and fixed. The vendor has chosen a responsible full disclosure method to publish security issue details. Users of the software have already been provided...

4.3CVSS6.2AI score0.00942EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.122 views

AFU and XSS vulnerabilities in TinyMCE Image Manager

Hello 3APA3A! These are Arbitrary File Uploading and Cross-Site Scripting vulnerabilities in TinyMCE Image Manager plugin for TinyMCE. ------------------------- Affected products: ------------------------- Vulnerable are TinyMCE Image Manager 1.1 and previous versions. -------------------------...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.20 views

Dell PacketTrap multiple security vulnerabilities

Multiple web interface vulnerabilities...

2.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.38 views

HP Database and Middleware Automation information leakage

No description provided...

7.9CVSS1.2AI score0.01136EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.31 views

ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities

Title: ====== ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities Date: ===== 2013-07-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1017 VL-ID: ===== 1017 Common Vulnerability Scoring System: ==================================== 6.6 Introduction: ============...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.25 views

IceWarp multiple security vulnerabilities

Web interface crossite scripting and XML injeciton...

1.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.73 views

Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability

Title: ====== Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Date: ===== 2013-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1013 VL-ID: ===== 1013 Common Vulnerability Scoring System: ==================================== 7.5...

Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.84 views

Voice Logger astTECS - bypass login & arbitrary file download

Author: Michal Blaszczak Website: http://blaszczakm.blogspot.com Project: hack voip - http://blaszczakm.blogspot.com/search/label/hack20voip Date: 16.07.2013 Voice Logger - VoIP software for Call Center 1 bypass login login: admin' or 1='1 password: admin line: 168 file: managerlogin.server.php 2...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.62 views

WiFly 1.0 Pro iOS - Multiple Web Vulnerabilities

Title: ====== WiFly 1.0 Pro iOS - Multiple Web Vulnerabilities Date: ===== 2013-07-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1011 VL-ID: ===== 1011 Common Vulnerability Scoring System: ==================================== 6.3 Introduction: ============= It is t...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.60 views

XSS Vulnerabilities in OpenCms

Advisory ID: HTB23160 Product: OpenCms Vendor: Alkacon Software Vulnerable Versions: 8.5.1 and probably prior Tested Version: 8.5.1 Vendor Notification: June 12, 2013 Vendor Patch: July 10, 2013 Public Disclosure: July 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...

4.3CVSS5.9AI score0.01878EPSS
Exploits3
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.26 views

Sybase EAServer multiple security vulnerabilities

Directory traversal, XML injection, shell characters injection...

3AI score
Exploits0References1Affected Software1
Total number of security vulnerabilities47153