BugTraq Mode:
(Page 1 of 1587)  1 2 3 4 5 6 7 8 9 10 11  Next >
SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home 2015-02-27
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150227-0 >
=======================================================================
title: Multiple vulnerabilities
product: Loxone Smart Home
vulnerable version: Firmware: 5.49; Android-App: 3.4.1
fixed version: 6.3

[ more ]  [ reply ]
Wordpress Media Cleaner Plugin - XSS Vulnerability 2015-02-27
iletisim ismailsaygili com tr
# Exploit Title: Wordpress Media Cleaner - XSS
# Author: İsmail SAYGILI
# Web Site: www.ismailsaygili.com.tr
# E-Mail: iletisim (at) ismailsaygili.com (dot) tr [email concealed]
# Date: 2015-02-26
# Plugin Download: https://downloads.wordpress.org/plugin/wp-media-cleaner.2.2.6.zip
# Version: 2.2.6

# Vulnerable File(s):
 

[ more ]  [ reply ]
[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags 2015-02-27
Jeremy Boynes (jboynes apache org)
CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Standard Taglibs 1.2.1
The unsupported 1.0.x and 1.1.x versions may also be affected.

Description:
When an application uses <x:parse> or <x:transform> tags t

[ more ]  [ reply ]
HelpDezk 1.0.1 Multiple Vulnerabilities 2015-02-26
dennis veninga gmail com
# Exploit Title: HelpDezk 1.0.1 Multiple Vulnerabilities
# Google Dork: "intext: helpdezk-community-1.0.1"
# Date: 26-2-2015
# Exploit Author: Dennis Veninga
# Vendor Homepage: http://www.helpdezk.org/
# Vendor contacted: 26-2-2015
# Version: 1.0.1
# Tested on: Firefox 36 & Chrome 38 / W8.1-x64

Hel

[ more ]  [ reply ]
Cross-Site-Scripting (XSS) in tcllib's html::textarea 2015-02-26
Ben Fuhrmannek (bef sektioneins de)

SektionEins GmbH
www.sektioneins.de

-= Security Advisory =-

Advisory: Cross-Site-Scripting (XSS) in tcllib's html::textarea
Release Date: 26 February 2015
Last Modified: 26 February 2015
Autho

[ more ]  [ reply ]
[SECURITY] [DSA 3176-1] request-tracker4 security update 2015-02-26
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3176-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 26, 2015

[ more ]  [ reply ]
Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities 2015-02-26
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wireless File Transfer Pro Android - CSRF Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1437

Release Date:
=============
2015-02-25

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
Data Source: Scopus CMS - SQL Injection Web Vulnerability 2015-02-26
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Data Source: Scopus CMS - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1436

Release Date:
=============
2015-02-25

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
DSS TFTP 1.0 Server - Path Traversal Vulnerability 2015-02-26
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
DSS TFTP 1.0 Server - Path Traversal Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1440

Release Date:
=============
2015-02-26

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities 2015-02-26
Peter Adkins (peter adkins kernelpicnic net)
>> D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities

Discovered by:
----
Peter Adkins <peter.adkins (at) kernelpicnic (dot) net [email concealed]>

Access:
----
Local network; unauthenticated access.
Remote network; unauthenticated access*.
Remote network; 'drive-by' via CSRF.

Tracking and identifiers:
----
CVE -

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2015-056-01) 2015-02-26
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2015-056-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2015-056-02) 2015-02-26
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2015-056-02)

New mozilla-thunderbird packages are available for Slackware 14.1 and -current
to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
[security bulletin] HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2015-02-26
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04580241

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04580241
Version: 1

HPSBUX03273 SS

[ more ]  [ reply ]
[security bulletin] HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-26
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04556853

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04556853
Version: 2

HPSBUX03244 SS

[ more ]  [ reply ]
[SECURITY] [DSA 3175-1] kfreebsd-9 security update 2015-02-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3175-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
February 25, 2015

[ more ]  [ reply ]
[security bulletin] HPSBUX03162 SSRT101885 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04556853

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04556853
Version: 1

HPSBUX03162 SS

[ more ]  [ reply ]
[SECURITY] [DSA 3174-1] iceweasel security update 2015-02-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3174-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
February 25, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3173-1] libgtk2-perl security update 2015-02-25
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3173-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
February 25, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3172-1] cups security update 2015-02-25
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3172-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Sebastien Delafond
February 25, 2015

[ more ]  [ reply ]
GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server 2015-02-25
rgutierrez gdssecurity com
GDS LABS ALERT: CVE-2015-2080
JetLeak Vulnerability Remote Leakage Of Shared Buffers In Jetty Web Server

SYNOPSIS
========
Gotham Digital Science discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data fro

[ more ]  [ reply ]
EnanoCMS 1.1.8pl1 XSS Vulnerability 2015-02-25
dennis veninga gmail com
# Exploit Title: EnanoCMS 1.1.8pl1 XSS Vulnerability
# Google Dork: "Website engine powered by Enano"
# Date: 24-2-2015
# Exploit Author: Dennis Veninga
# Vendor Homepage: http://enanocms.org
# Version: 1.1.8pl1
# Tested on: Firefox 36 & Chrome 38 / W8.1-x64

XSS Vulnerability in comments:
http://{t

[ more ]  [ reply ]
TangoBB 1.5.0-A3 XSS Vulnerability 2015-02-25
dennis veninga gmail com
# Exploit Title: TangoBB 1.5.0-A3 XSS Vulnerability
# Google Dork: "Powered by TangoBB"
# Date: 24-2-2015
# Exploit Author: Dennis Veninga
# Vendor Homepage: https://github.com/Codetana/TangoBB
# Version: 1.5.0-A3
# Tested on: Firefox 36 & Chrome 38 / W8.1-x64
# CVE : NONE

Published: 24-

[ more ]  [ reply ]
[security bulletin] HPSBMU03260 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Disclosure of Information 2015-02-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04571379

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04571379
Version: 1

HPSBMU03260 r

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA 2015-02-25
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security Advisory ONAPSIS-2015-004: SAP Business Objects
Unauthorized Audit Information Delete via CORBA

1. Impact on Business
=====================

By exploiting this vulnerability a remote unauthenticated attacker would be
able to delete a

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA 2015-02-25
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security AdvisoryONAPSIS-2015-005: SAP Business Objects
Unauthorized Audit Information Access via CORBA

1. Impact on Business
=====================

By exploiting this vulnerability a remote unauthenticated attacker would be
able to read audi

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA 2015-02-25
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security AdvisoryONAPSIS-2015-003: SAP Business Objects
Unauthorized File Repository Server Write via CORBA

1. Impact on Business
=====================

By exploiting this vulnerability a remote unauthenticated attacker would be
able to overw

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA 2015-02-25
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security Advisory ONAPSIS-2015-002: SAP Business Objects
Unauthorized File Repository Server Read via CORBA

1. Impact on Business
=====================

By exploiting this vulnerability a remote unauthenticated attacker would be
able to retri

[ more ]  [ reply ]
[Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench 2015-02-25
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security AdvisoryONAPSIS-2015-001: Multiple Reflected Cross Site
Scripting Vulnerabilities in SAP HANA Web-based Development Workbench

1. Impact on Business
=====================

By exploiting this vulnerability a remote unauthenticated atta

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:05.bind 2015-02-25
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:05.bind Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:04.igmp 2015-02-25
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:04.igmp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
(Page 1 of 1587)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus