BugTraq Mode:
(Page 1 of 1620)  1 2 3 4 5 6 7 8 9 10 11  Next >
[SECURITY] [DSA 3319-1] bind9 security update 2015-07-28
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3319-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 28, 2015

[ more ]  [ reply ]
SEC Consult SA-20150728-0 :: McAfee Application Control Multiple Vulnerabilities 2015-07-28
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20150728-0 >
=======================================================================
title: McAfee Application Control Multiple Vulnerabilities
product: McAfee Application Contr

[ more ]  [ reply ]
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne 2015-07-28
Samuel Lavitt - CVE-2015-0942 (CVE-2015-0942 precipice fi)
English: Multiple vulnerabilities in Basware Banking/Maksuliikenne software that were reported already 08/2012 may still enable undetectable economic crimes against user organizations (companies)
Finnish: Basware Banking/Maksuliikenne -ohjelmiston haavoittuvuudet, joista raportoitiin jo 08/2012, saa

[ more ]  [ reply ]
Another Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability 2015-07-27
Federico Fazzi (federico fazzi gmail com)
--------------------------------------------------------
Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability
--------------------------------------------------------

Vendor
------

https://www.snorby.org/

Version
-------

2.6.2

Description
-----------

Found another Stored Cross-site Scrip

[ more ]  [ reply ]
Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability 2015-07-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1512

Apple Security ID: 623920272

Video: http://www.vulnerability-lab.com/get_content.php?id=15

[ more ]  [ reply ]
[SECURITY] [DSA 3318-1] expat security update 2015-07-26
Laszlo Boszormenyi (gcs debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3318-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Laszlo Boszormenyi (GCS)
July 26, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3317-1] lxc security update 2015-07-25
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3317-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 25, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3316-1] openjdk-7 security update 2015-07-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3316-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 25, 2015

[ more ]  [ reply ]
Integer overflow in .NET Framework System.DirectoryServices.Protocols.Utility class 2015-07-25
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Integer overflow in .NET Framework
System.DirectoryServices.Protocols.Utility class
------------------------------------------------------------------------

Yorick Koster, May 2015

---------------------------------------------

[ more ]  [ reply ]
Hawkeye-G v3.0.1 Persistent XSS & Information Leakage 2015-07-25
apparitionsec gmail com
[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt

Vendor:
================================
www.hexiscyber.com

Product:
================================
Hawkeye-G v3.0.1.4912

Hawkeye G is an

[ more ]  [ reply ]
Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-07-24
apparitionsec gmail com
***[UPDATED CORRECTION] ***

[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0724.txt

Vulnerability Type:
===================
CSRF

CVE Reference:
==============
CVE-2015-2878

Vendor:
==============

[ more ]  [ reply ]
[SECURITY] [DSA 3315-1] chromium-browser security update 2015-07-24
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3315-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
July 23, 2015

[ more ]  [ reply ]
Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 2015-07-24
apparitionsec gmail com
[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0724.txt

Vulnerability Type:
===================
CSRF

CVE Reference:
==============
CVE-2015-2878

Vendor:
===================
www.hexiscyber.com

P

[ more ]  [ reply ]
[SECURITY] [DSA 3314-1] typo3-src end of life 2015-07-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3314-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 23, 2015

[ more ]  [ reply ]
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
Qualys Security Advisory (qsa qualys com)

Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for
CVE-2015-3245 and CVE-2015-3246. Please find our advisory below, and
our exploit attached.

Qualys Security Advisory

CVE-2015-3245 userhelper chfn() newline filtering

CVE-2015-3246 libuser passwd file handling

--[ Summary

[ more ]  [ reply ]
ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability 2015-07-23
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1555

Release Date:
=============
2015-07-23

Vulnerability Laboratory ID (VL-ID):
==================================

[ more ]  [ reply ]
[SECURITY] [DSA 3313-1] linux security update 2015-07-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3313-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 23, 2015

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability

Advisory ID: cisco-sa-2015722-tftp

Revision 1.0

For Public Release 2015 July 22 16:00 UTC (GMT)

---------------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability

Advisory ID: cisco-sa-20150722-mp

Revision 1.0

For Public Release 2015 July 22 16:00 UTC (GMT)

---------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability

Advisory ID: cisco-sa-20150722-apic

Revision 1.0

For Public Release 2015 July 22 16:00 UTC (GMT)

-------------------------------------------

[ more ]  [ reply ]
ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-118: EMC Avamar Directory Traversal Vulnerability

EMC Identifier: ESA-2015-118

CVE Identifier: CVE-2015-4527

Severity Rating: CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)

Affected products:

? EMC Avamar Server all vers

[ more ]  [ reply ]
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
modzero (security modzero ch)

See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt

---------------------------------------------------------------------

modzero Security Advisory:
Multiple Vulnerabilities in Xceedium Xsuite [MZ-15-02]

---------------------------------------------------------------------

-

[ more ]  [ reply ]
Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23264
Product: Paid Memberships Pro WordPress plugin
Vendor: Stranger Studios
Vulnerable Version(s): 1.8.4.2 and probably prior
Tested Version: 1.8.4.2
Advisory Publication: July 1, 2015 [without technical details]
Vendor Notification: July 1, 2015
Vendor Patch: July 8, 2015
Pub

[ more ]  [ reply ]
SQL Injection in Count Per Day WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23267
Product: Count Per Day WordPress plugin
Vendor: Tom Braider
Vulnerable Version(s): 3.4 and probably prior
Tested Version: 3.4
Advisory Publication: July 1, 2015 [without technical details]
Vendor Notification: July 1, 2015
Vendor Patch: July 1, 2015
Public Disclosure: July

[ more ]  [ reply ]
[SECURITY] [DSA 3312-1] cacti security update 2015-07-22
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3312-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
July 22, 2015

[ more ]  [ reply ]
NetCracker Resource Management 8.0 - SQL Injection Vulnerability 2015-07-22
jychia sec gmail com
# Vulnerability type: SQL Injection
# Vendor: http://www.netcracker.com/
# Product: NetCracker Resource Management System
# Affected version: =< 8.0
# Patched version: 8.2
# Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan
# CVE ID: CVE-2015-3423

# PROOF OF CONCEPT (SQLi)

SQL Injection (SQLi) vul

[ more ]  [ reply ]
NetCracker Resource Management 8.0 - XSS Vulnerability 2015-07-22
jychia sec gmail com
# Vulnerability type: Cross-site Scripting
# Vendor: http://www.netcracker.com/
# Product: NetCracker Resource Management System
# Affected version: =< 8.0
# Patched version: 8.2
# Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan
# CVE ID: CVE-2015-2207

# PROOF OF CONCEPT (XSS)

Cross-site script

[ more ]  [ reply ]
Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities 2015-07-22
apparitionsec gmail com
[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt

Vendor:
================================
www.openwebanalytics.com

Product:
================================
Open-Web-Analytics-1.5.7

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:13.tcp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
Logstash vulnerability CVE-2015-5378 2015-07-21
Kevin Kluge (kevin elastic co)
Summary:

Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfully implement a man in the middle attack, intercepting communication between the Logstash Forwarder agent and Lo

[ more ]  [ reply ]
(Page 1 of 1620)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus