Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying entries 1 - 10 of 64627 in total

Microsoft DNS obsolete version Vulnerability

  • Severity: 10
  • Published: June 30, 2015

Micrsoft DNS running on Windows 2000 Server or Windows Server 2003, are obsolete and are no longer supported.

SUSE Linux Security Vulnerability: CVE-2014-9402 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE Linux Security Vulnerability: CVE-2014-9298 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE Linux Security Vulnerability: CVE-2014-5220 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE Linux Security Vulnerability: CVE-2014-9297 Vulnerability

  • Severity: 4
  • Published: February 22, 2015

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

WordPress Admin Shell Upload Exploit

Disclosed: February 21, 2015

This module will generate a plugin, pack the payload into it and upload it to a server running WordPress providing valid admin credentials are used.

DSA-3167-1 sudo -- security update Vulnerability

  • Severity: 4
  • Published: February 21, 2015

Jakub Wilk reported that sudo, a program designed to provide limited super user privileges to specific users, preserves the TZ variable from a user's environment without any sanitization. A user with sudo access may take advantage of this to exploit bugs in the C library functions which parse the TZ environment variable or to open files ...

APSB15-04: Security updates available for Adobe Flash Player (CVE-2015-0331) Vulnerability

  • Severity: 4
  • Published: February 20, 2015

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.

FreeBSD: krb5 1.12 -- New release/fix multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: February 19, 2015

The MIT Kerberos team announces the availability of MIT Kerberos 5 Release 1.12.3: Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354] [CVE-2014-5353] Fix multiple kadmind vulnerabilities, some of which are based in the gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421 CVE-20...

SUSE Linux Security Vulnerability: CVE-2014-9421 Vulnerability

  • Severity: 9
  • Published: February 18, 2015

The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or po...