BugTraq Mode:
(Page 1 of 1610)  1 2 3 4 5 6 7 8 9 10 11  Next >
Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability 2015-05-27
David Coomber (davidcoomber infosec gmail com)
Thycotic Password Manager Secret Server iOS Application - MITM SSL
Certificate Vulnerability
--
http://www.info-sec.ca/advisories/Thycotic-SecretServer.html

Overview
"With the Password Manager Secret Server app, you can access passwords
for an EXISTING on-premise Secret Server or Secret Server Onli

[ more ]  [ reply ]
[SECURITY] [DSA 3268-2] ntfs-3g security update 2015-05-26
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3268-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 26, 2015

[ more ]  [ reply ]
CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS] 2015-05-26
pan vagenas gmail com
# Exploit Title: WordPress Free Counter Plugin [Stored XSS]
# Date: 2015/05/25
# Exploit Author: Panagiotis Vagenas
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://www.free-counter.org
# Software Link: https://wordpress.org/plugins/free-counter/
# Version: 1.1
# Tested on: WordPr

[ more ]  [ reply ]
[SECURITY] [DSA 3273-1] tiff security update 2015-05-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3273-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 25, 2015

[ more ]  [ reply ]
Synology Photo Station multiple Cross-Site Scripting vulnerabilities 2015-05-25
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Synology Photo Station multiple Cross-Site Scripting vulnerabilities
------------------------------------------------------------------------

Han Sahin, May 2015

----------------------------------------------------------------

[ more ]  [ reply ]
Reflected Cross-Site Scripting in Synology DiskStation Manager 2015-05-25
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Reflected Cross-Site Scripting in Synology DiskStation Manager
------------------------------------------------------------------------

Han Sahin, May 2015

----------------------------------------------------------------------

[ more ]  [ reply ]
Command injection vulnerability in Synology Photo Station 2015-05-25
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Command injection vulnerability in Synology Photo Station
------------------------------------------------------------------------

Han Sahin, May 2015

------------------------------------------------------------------------

Ab

[ more ]  [ reply ]
[SECURITY] [DSA 3265-2] zendframework regression update 2015-05-24
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3265-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 24, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3272-1] ipsec-tools security update 2015-05-23
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3272-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 23, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3271-1] nbd security update 2015-05-23
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3271-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
May 23, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03325 rev.1 - HP SiteScope, Remote Elevation of Privilege 2015-05-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04688784

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04688784
Version: 1

HPSBGN03325 re

[ more ]  [ reply ]
[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability 2015-05-22
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: Sendio ESP Information Disclosure Vulnerability
Advisory ID: CORE-2015-0010
Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure
-vulnerability
Date published: 2015-05-22
Date of last update: 2015-05-22
Vendors contacted: Sendio
Releas

[ more ]  [ reply ]
[SECURITY] [DSA 3270-1] postgresql-9.4 security update 2015-05-22
Christoph Berg (myon debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3270-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Christoph Berg
May 22, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3268-1] ntfs-3g security update 2015-05-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3268-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 22, 2015

[ more ]  [ reply ]
[security bulletin] HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service (DoS), Execution of Arbitrary Code 2015-05-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

UPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04685037
Version: 1

HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service
(DoS),

Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be act

[ more ]  [ reply ]
[SECURITY] [DSA 3267-1] chromium-browser security update 2015-05-22
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3267-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
May 22, 2015

[ more ]  [ reply ]
CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation] 2015-05-21
pan vagenas gmail com
# Exploit Title: WordPress WP Membership plugin [Privilege escalation]
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://wpmembership.e-plugins.com/
# Software Link: http://codecanyon.net/item/wp-membership/10066554
# Version: 1.2.3
# Tested on: WordPress 4.2.2
# CVE: CVE-2015-4038

[ more ]  [ reply ]
CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] 2015-05-21
pan vagenas gmail com
# Exploit Title: WordPress WP Membership plugin [Stored XSS]
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://wpmembership.e-plugins.com/
# Software Link: http://codecanyon.net/item/wp-membership/10066554
# Version: 1.2.3
# Tested on: WordPress 4.2.2
# CVE: CVE-2015-4039

========

[ more ]  [ reply ]
[SECURITY] [DSA 3266-1] fuse security update 2015-05-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3266-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 21, 2015

[ more ]  [ reply ]
Webgrind XSS vulnerability 2015-05-21
hyp3rlinx gmail com
Credits: John Page ( hyp3rlinx )
Domains: hyp3rlinx.altervista.org

Source:
http://hyp3rlinx.altervista.org/advisories/AS-WEBGRIND0520.txt

Vendor:
https://github.com/jokkedk/webgrind

Product:
Webgrind is a Xdebug Profiling Web Frontend in PHP.

Advisory Information:
==============================

[ more ]  [ reply ]
CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) 2015-05-21
Julian Reschke (julian reschke greenbytes de)
Dear readers,

we just fixed a recently reported vulnerability in Apache Jackrabbit's
WebDAV module; see

- the attached CVE report

- patches for all currently maintained Jackrabbit branches

We just released Jackrabbit 2.10.1 (see below) and we'll get to the
other branches shortly. Check the CVE

[ more ]  [ reply ]
CVE for Apple's ECDHE-ECDSA SecureTransport bug? 2015-05-20
Jeffrey Walton (noloader gmail com)
Does anyone know if Apple's ECDHE-ECDSA SecureTransport bug was
assigned a CVE? It affected OS X and iOS.

Effectively, the bug was an implementation error that cause
interoperability failures. To mostly counter it, the cipher suites had
to be disabled, which resulted in a loss of security. If the p

[ more ]  [ reply ]
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update 2015-05-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3261-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
May 20, 2015

[ more ]  [ reply ]
[security bulletin] HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS), or Other Vulnerabilities 2015-05-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04679309

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04679309
Version: 1

HPSBUX03333 SS

[ more ]  [ reply ]
[security bulletin] HPSBUX03334 SSRT102000 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-05-20
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04679334

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04679334
Version: 1

HPSBUX03334 SS

[ more ]  [ reply ]
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1456

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
========

[ more ]  [ reply ]
Stored XSS in WP Photo Album Plus WordPress Plugin 2015-05-20
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23257
Product: WP Photo Album Plus WordPress Plugin
Vendor: J.N. Breetvelt
Vulnerable Version(s): 6.1.2 and probably prior
Tested Version: 6.1.2
Advisory Publication: April 29, 2015 [without technical details]
Vendor Notification: April 29, 2015
Vendor Patch: April 29, 2015
Publi

[ more ]  [ reply ]
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1498

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
[SECURITY] [DSA 3265-1] zendframework security update 2015-05-20
David Prévot (david tilapin org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3265-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ David Prévot
May 20, 2015

[ more ]  [ reply ]
ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability 2015-05-19
akashchavan0708 gmail com
========================================================================
=================
CSRF Vulnerability in ManageEngine EventLog Analyzer Version :10.0, Build Number : 10001
========================================================================
=================


. contents:: Table Of Conte

[ more ]  [ reply ]
(Page 1 of 1610)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus