Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2013/07/19 12:0 a.m.28 views

EMC Avamar security vulnerabilities

Privilege escalation, crossite scripting...

9CVSS2.8AI score0.03101EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.42 views

[security bulletin] HPSBGN02882 rev.1 - HP Database and Middleware Automation (DMA) using SSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03788014 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03788014 Version: 1 HPSBGN02882 rev....

7.9CVSS0.6AI score0.01136EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.47 views

Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit

Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit Date: 2013-7-17 Author : MJ0011 Version: Symantec Workspace Virtualization 6.4.1895.0 Tested on: Windows XP SP3 DETAILS: In fslx.sys 's hook function of "NtQueryValueKey" , it directly write to the buffer ...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.59 views

Western Digital My Net N600, N750, N900 and N900C - Plain text disclosure of administrative credentials

Vulnerable Products - WD My Net N600 HD Dual Band Router Wireless N WiFi Router Accelerate HD WD My Net N750 HD Dual Band Router Wireless N WiFi Router Accelerate HD Linux 2.6.3 Kernel All firmware including the latest Ver. 1.04.16 WD My Net N900 HD Dual Band Router Wireless N WiFi Router...

1.8AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.46 views

Xpient Cash Drawer unauthorized access

TCP/7510 port unauthorized access...

3.1AI score0.16201EPSS
Exploits6References1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.80 views

CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response

Product: Embedded Jopr - JBoss AS Administration Console Vendor: Red Hat Middleware, LLC Version: 1.2 Tested Version: 1.2 Vendor Notified Date: May 29, 2013 Release Date: June 03, 2013 Risk: Moderate Authentication: Required Remote: Yes Description: Passwords submitted to the application are...

6CVSS0.1AI score0.01579EPSS
Exploits2
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.106 views

CORE-2013-0517 - Xpient Cash Drawer Operation Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Xpient Cash Drawer Operation Vulnerability 1. Advisory Information Title: Xpient Cash Drawer Operation Vulnerability Advisory ID: CORE-2013-0517 Advisory URL:...

9.6AI score0.16201EPSS
Exploits6
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.57 views

ESA-2013-055: EMC Avamar Multiple Vulnerabilities

ESA-2013-055.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-055: EMC Avamar Multiple Vulnerabilities EMC Identifier: ESA-2013-055 CVE Identifier: CVE-2013-3274, CVE-2013-3275 Severity Rating: See below for individual scores Affected products: All EMC Avamar Server and Avamar Virtual...

9CVSS0.3AI score0.03101EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.30 views

Cisco Intrusion Prevention System multiple security vulnerabilities

Multiple DoS conditions...

7.8CVSS2AI score0.01887EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.32 views

Cisco Unified Communications Manager multiple security vulnerabilities

Hardcoded encryption key, code execution, privilege escation, SQL injection...

8.5CVSS3AI score0.03017EPSS
Exploits0Affected Software2
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.37 views

IBM WebSphere information leakage

Access token inside URL...

4.3CVSS1.8AI score0.00748EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.360 views

[email protected]

Title: ====== ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities Date: ===== 2013-07-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1017 VL-ID: ===== 1017 Common Vulnerability Scoring System: ==================================== 6.6 Introduction: ============...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.123 views

[CVE-2013-0523] IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to Padding Oracle Attacks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: Encrypted URL Parameter Vulnerable to Padding Oracle Attacks Release Date: 2013-06-19 Application: IBM...

4.3CVSS5.7AI score0.00748EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.82 views

[SECURITY] [DSA 2724-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2724-1 [email protected] http://www.debian.org/security/ Michael Gilbert July 17, 2013 http://www.debian.org/security/faq -...

9.3CVSS0.8AI score0.04733EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.43 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6CVSS1.6AI score0.01878EPSS
Exploits5References6Affected Software4
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.143 views

[security bulletin] HPSBMU02900 rev.2 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03839862 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03839862 Version: 2 HPSBMU02900 rev....

7.5CVSS1AI score0.73327EPSS
Exploits27
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.103 views

HP System Management Homepage multiple security vulnerabilities

Code execution, unauthorized access, DoS...

7.5CVSS2AI score0.73327EPSS
Exploits27References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.178 views

SEC Consult SA-20130625-0 :: Multiple vulnerabilities in IceWarp Mail Server

SEC Consult Vulnerability Lab Security Advisory 20130625-0 ======================================================================= title: Multiple vulnerabilities in IceWarp Mail Server product: IceWarp Mail Server vulnerable version: =10.4.5 fixed version: 10.4.5-1 impact: Critical homepage:...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.54 views

SEC Consult SA-20130719-0 :: Multiple vulnerabilities in Sybase EAServer

SEC Consult Vulnerability Lab Security Advisory 20130719-0 ======================================================================= title: Multiple vulnerabilities product: Sybase EAServer vulnerable version: =6.3.1 fixed version: vendor did not supply version information CVE number: - impact:...

Exploits0
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.74 views

Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability

Title: ====== Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Date: ===== 2013-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1013 VL-ID: ===== 1013 Common Vulnerability Scoring System: ==================================== 7.5...

Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.35 views

Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities

Title: ====== Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities Date: ===== 2013-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1009 VL-ID: ===== 1009 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: =============...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.50 views

Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities

Title: ====== Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities Date: ===== 2013-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=833 VL-ID: ===== 833 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.58 views

Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability Summary: Huawei E587 3G Mobile Hotspot, version 11.203.27, is prone to a XSS vulnerability in the Web UI. A specialy crafted SMS can bypass the function used to sanitize incoming...

1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.61 views

[CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4

Hi list, I would like to inform you that the details of the vulnerability in built-in system app of Samsung Galaxy S3/S4 assigned as CVE-2013-4763 and CVE-2013-4764 are now disclosed to public. In Samsung Galaxy S3/S4, a pre-loaded app, i.e., sCloudBackupProvider.apk, is used to provide backup...

0.7AI score0.00353EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.43 views

ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability

ESA-2013-041.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability EMC Identifier: ESA-2013-041 CVE Identifier: CVE-2013-3270 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected products: •...

6.8CVSS1.1AI score0.003EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.55 views

MiniDLNA multiple security vulnerabilities

Buffer overflows, SQL injections...

3.1AI score0.04695EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.22 views

Trend Micro DirectPass multiple security vulnerabilities

DoS conditions...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.69 views

Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities

Title: ====== Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities Date: ===== 2013-05-21 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=894 Article: http://www.vulnerability-lab.com/dev/?p=580 Trend Micro Reference:...

Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.82 views

[CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2612 Huawei E587 3G Mobile Hotspot Command Injection Summary: Huawei E587 3G Mobile Hotspot, version 11.203.27, is prone to a command injection vulnerability in the Web UI. Successful exploitation allows unauthenticated attackers to execute...

2.8AI score0.02973EPSS
Exploits1
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.100 views

[CVE-2013-2745, CVE-2013-2738, CVE-2013-2739] MiniDLNA v1.0.25 Multiple Vulnerabilities

MiniDLNA prior to v1.1.0 http://sourceforge.net/projects/minidlna/ is prone to a variety of issues which could be used to take control of a host running this software. CVE-2013-2738 and CVE-2013-2745 are SQL injection issues. CVE-2013-2739 has been assigned for a heap-based buffer overflow which...

2.1AI score0.04695EPSS
Exploits1
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.48 views

Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability

Title: ====== Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability Date: ===== 2013-07-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=776 BARRACUDA NETWORK SECURITY ID: BNSEC-807 VL-ID: ===== 776 Common Vulnerability Scoring System:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.24 views

EMC VNX / Celerra privilege escalation

Weak permissions for script files...

6.8CVSS3AI score0.003EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.53 views

FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability

Title: ====== FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability Date: ===== 2013-07-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1007 VL-ID: ===== 1007 Common Vulnerability Scoring System: ==================================== 3.7 Introduction: ============= FTP...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.33 views

Samsung Galaxy SMS manipulation

It's possible to manipulate SMS via built-in backup utility...

2.7AI score0.00353EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/07/17 12:0 a.m.38 views

Huawei E587 access point security vulnerabilities

Crossite scripting, code execution...

1.6AI score0.02973EPSS
Exploits1References2
securityvulns
securityvulns
added 2013/07/16 12:0 a.m.65 views

Squid-3.3.5 DoS PoC

Squid Crash PoC Copyright C Kingcope 2013 tested against squid-3.3.5 this seems to be the patch for the vulnerability: http://www.squid-cache.org/Versions/v3/3.3/squid-3.3.8.patch The squid-cache service will respawn, looks like a kind of assert exception: 2013/07/15 20:48:36 kid1| Closing HTTP...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2013/07/16 12:0 a.m.49 views

McAfee ePolicy Orchestrator security vulnerability

Few vulnerabilities are used in-the-wild to compromise corporate networks...

7.9CVSS1.9AI score0.02544EPSS
Exploits4References3Affected Software1
securityvulns
securityvulns
added 2013/07/16 12:0 a.m.117 views

Re: [ MDVSA-2013:195 ] php

Hey guys, Related to this I?ve found a proof of concept test script: php -r 'xmlparseintostructxml parsercreatens, strrepeat"blah", 1000, $b;' Gabe twitter: @gmaggiotti On Mon, Jul 15, 2013 at 3:41 AM, [email protected] wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux...

6.8CVSS8.1AI score0.05186EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/16 12:0 a.m.67 views

Re: Multiple vulnerabilities in McAfee ePO 4.6.6

McAfee has released a Knowledgebase Article KB to address the issues reported by a NATO pen test. https://kc.mcafee.com/corporate/index?page=content&id=KB78824 Both SQL Injection vulnerabilities were identified on May 10th, 2013 and patched as specified in SB10043. McAfee's internal testing leads...

8.2AI score
Exploits0
securityvulns
securityvulns
added 2013/07/16 12:0 a.m.50 views

PHP memory corruption

Memory corruption in XML parsing, jdtojewish function DoS...

6.8CVSS3AI score0.05186EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2013/07/16 12:0 a.m.477 views

[security bulletin] HPSBPV02891 rev.1 - HP ProCurve Switches, Remote Unauthorized Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03819065 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03819065 Version: 1 HPSBPV02891 rev....

4.3CVSS0.3AI score0.03426EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.64 views

Linksys routers security vulnerabilities

Crossite request forgery, XSS, code execution in web administration interface...

4.1AI score0.25129EPSS
Exploits14References3
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.135 views

Linksys X3000 - Multiple Vulnerabilities

Device: X3000 Vendor: Linksys ============ Vulnerable Firmware Releases: ============ Firmware Version: v1.0.03 build 001 Jun 11,2012 ============ Vulnerability Overview: ============ OS Command Injection The vulnerability is caused by missing input validation in the pingip parameter and can be...

8AI score
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.170 views

[waraxe-2013-SA#106] - Multiple Vulnerabilities in Saurus CMS 4.7.1

waraxe-2013-SA106 - Multiple Vulnerabilities in Saurus CMS 4.7.1 ================================================================================ Author: Janek Vind "waraxe" Date: 14. July 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-106.html Description of vulnerable software...

Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.35 views

Windows 7/8 admin account installation password stored in the clear in LSA Secrets

---------------------------------- Bug title: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Affected systems: Windows 7, 8 related issue on XP Author: Xavier CC ---------------------------------- Background: ---------------------------------- "Windows LSA...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.316 views

[security bulletin] HPSBHF02888 rev.1 - HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03808969 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03808969 Version: 1 HPSBHF02888 rev....

10CVSS6.7AI score0.10719EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.79 views

[ISecAuditors Security Advisories] Multiple Vulnerabilities in Telaen <= 1.3.0

============================================= INTERNET SECURITY AUDITORS ALERT 2013-009 - Original release date: March 15th, 2013 - Last revised: June 4th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score - CVE-ID: CVE-2013-2621, CVE-2013-2623, CVE-2013-2624...

0.4AI score0.10692EPSS
Exploits6
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.34 views

Microsoft Windows information leakage

It's possible to recover administrator's password used during system installation...

2.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.41 views

[security bulletin] HPSBST02896 rev.1 - HP StoreVirtual Storage, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03825537 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03825537 Version: 1 HPSBST02896 rev....

9.4CVSS0.3AI score0.03905EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.58 views

Wifi Album v1.47 iOS - Command Injection Vulnerability

Title: ====== Wifi Album v1.47 iOS - Command Injection Vulnerability Date: ===== 2013-04-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=935 VL-ID: ===== 935 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: ============= WiF...

0.2AI score
Exploits0
Total number of security vulnerabilities47153