Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying entries 1 - 10 of 64628 in total

Microsoft DNS obsolete version Vulnerability

  • Severity: 10
  • Published: June 30, 2015

Micrsoft DNS running on Windows 2000 Server or Windows Server 2003, are obsolete and are no longer supported.

Seagate Business NAS Unauthenticated Remote Command Execution Exploit

Disclosed: March 01, 2015

Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open to attack from users ...

SUSE Linux Security Vulnerability: CVE-2014-9402 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE Linux Security Vulnerability: CVE-2014-5220 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE Linux Security Vulnerability: CVE-2014-9298 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE Linux Security Vulnerability: CVE-2014-9297 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

WordPress Admin Shell Upload Exploit

Disclosed: February 21, 2015

This module will generate a plugin, pack the payload into it and upload it to a server running WordPress providing valid admin credentials are used.

DSA-3167-1 sudo -- security update Vulnerability

  • Severity: 4
  • Published: February 21, 2015

Jakub Wilk reported that sudo, a program designed to provide limited super user privileges to specific users, preserves the TZ variable from a user's environment without any sanitization. A user with sudo access may take advantage of this to exploit bugs in the C library functions which parse the TZ environment variable or to open files ...

APSB15-04: Security updates available for Adobe Flash Player (CVE-2015-0331) Vulnerability

  • Severity: 4
  • Published: February 20, 2015

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.

FreeBSD: krb5 1.12 -- New release/fix multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: February 19, 2015

The MIT Kerberos team announces the availability of MIT Kerberos 5 Release 1.12.3: Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354] [CVE-2014-5353] Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421 CVE-20...