BugTraq Mode:
(Page 1 of 1528)  1 2 3 4 5 6 7 8 9 10 11  Next >
[security bulletin] HPSBMU02995 rev.3 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04236102

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04236102
Version: 3

HPSBMU02995 re

[ more ]  [ reply ]
[security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04239372

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04239372
Version: 2

HPSBMU02998 re

[ more ]  [ reply ]
[ MDVSA-2014:079 ] json-c 2014-04-17
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:079
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04250814

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04250814
Version: 1

HPSBGN03010 r

[ more ]  [ reply ]
[security bulletin] HPSBMU02935 rev.2 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03969437

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03969437
Version: 2

HPSBMU02935 re

[ more ]  [ reply ]
[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04220407

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04220407
Version: 1

HPSBMU02988 re

[ more ]  [ reply ]
[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04201408

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04201408
Version: 1

HPSBMU02982 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04248997

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04248997
Version: 1

HPSBGN03008 r

[ more ]  [ reply ]
D-Link DAP-1320 Wireless Range Extender Directory Traversal and XSS Vulnerabilities 2014-04-17
kyle Lovett (krlovett gmail com)
D-Link's DAP-1320 Wireless Range Extender suffers from both a
directory traversal and a XSS vulnerability on all firmware versions.
(current v. 1.20B07)

------------------------------------------------------------------------
---------------------------------------------
Directory Traversal
CWE-22:

[ more ]  [ reply ]
[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution 2014-04-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04219959

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04219959
Version: 1

HPSBMU02987 re

[ more ]  [ reply ]
[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code 2014-04-16
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04026039

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04026039
Version: 1

HPSBMU02996 re

[ more ]  [ reply ]
Buggy insecure "security" software executes rogue binary during installation and uninstallation 2014-04-16
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the $*&#§ware by the name of "McAfee Security Scanner Plus" that Adobe dares
to push to unsuspecting users of Microsoft Windows trying to get flash player
from their main distribution page <hxxp://get.adobe.com/flashplayer/> was
developed, packaged and tested by people who obviously never h

[ more ]  [ reply ]
CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server 2014-04-16
Portcullis Advisories (advisories portcullis-security com)
Vulnerability title: Denial of Service in PCNetSoftware RAC Server
CVE: CVE-2014-2597
Vendor: PCNetSoftware
Product: RAC Server
Affected version: 4.0.4, 4.0.5
Fixed version: N/A
Reported by: Kyriakos Economou

Details:
Latest and possibly earlier versions of RAC Server software are
vulnerable to loc

[ more ]  [ reply ]
[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2907-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 16, 2014

[ more ]  [ reply ]
[ MDVSA-2014:078 ] asterisk 2014-04-16
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:078
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[CORE-2014-0003] - SAP Router Password Timing Attack 2014-04-16
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

SAP Router Password Timing Attack

1. *Advisory Information*

Title: SAP Router Password Timing Attack
Advisory ID: CORE-2014-0003
Advisory URL:
http://www.coresecurity.com/advisories/sap-router-password-timing-attack

Date publish

[ more ]  [ reply ]
[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stored Cross Site Scripting in Ektron CMS 8.7

CVE reference: CVE-2014-2729
Affected platforms: Ektron Web Content Management System
Version: 8.7.0
Date: 2013-December-19
Security risk: Medium (CVSS - AV:N/AC:L/Au:S/C:P/I:P/A:N)
Researcher: Joseph Zeng

[ more ]  [ reply ]
[Security Advisory] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stored Cross Site Scripting in Ektron CMS 8.7

CVE reference: CVE-2014-2729
Affected platforms: Ektron Web Content Management System
Version: 8.7.0
Date: 2013-December-19
Security risk: Medium (CVSS - AV:N/AC:L/Au:S/C:P/I:P/A:N)
Researcher: Joseph Zeng

[ more ]  [ reply ]
ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities 2014-04-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities

EMC Identifier: ESA-2014-028

CVE Identifier: CVE-2014-0644, CVE-2014-0645

Severity Rating: CVSS v2 Base Score: See below for indivi

[ more ]  [ reply ]
[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information 2014-04-16
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04239374

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04239374
Version: 1

HPSBMU02999 re

[ more ]  [ reply ]
SQL Injection in mAdserve 2014-04-16
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23209
Product: mAdserve
Vendor: MobFox
Vulnerable Version(s): 2.0 and probably prior
Tested Version: 2.0
Advisory Publication: March 26, 2014 [without technical details]
Vendor Notification: March 26, 2014
Public Disclosure: April 16, 2014
Vulnerability Type: SQL Injection [CWE-

[ more ]  [ reply ]
CVE-2014-2735 - WinSCP: missing X.509 validation 2014-04-16
Micha Borrmann (micha borrmann syss de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2014-003
Product: WinSCP
Affected Version(s): 5.5.2.4130
Tested Version(s): 5.5.2.4130 (Windows 7 32 bit and Windows 8.1 64 bit)
Vulnerability Type: Missing X.509 validation
Risk Level: Medium
Solution Status: Fixed
Vendor Notificat

[ more ]  [ reply ]
[SECURITY] [DSA 2905-1] chromium-browser security update 2014-04-16
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2905-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Michael Gilbert
April 15, 2014

[ more ]  [ reply ]
[security bulletin] HPSBUX03001 SSRT101382 rev.1 - HP-UX Whitelisting (WLI), Local System Integrity Risk 2014-04-16
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04227671

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04227671
Version: 1

HPSBUX03001 SS

[ more ]  [ reply ]
[SECURITY] [DSA 2904-1] virtualbox security update 2014-04-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2904-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 15, 2014

[ more ]  [ reply ]
[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information 2014-04-15
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04240206

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04240206
Version: 1

HPSBST03001 re

[ more ]  [ reply ]
[SECURITY] CVE-2014-0111 Apache Syncope 2014-04-15
Francesco Chicchiriccò (ilgrosso apache org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2014-0111: Remote code execution by an authenticated administrator

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Syncope 1.0.0 to 1.0.8
Syncope 1.1.0 to 1.1.6

Description:
In the various places in which Apache Co

[ more ]  [ reply ]
RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 2014-04-14
Ruckus Product Security Team (security ruckuswireless com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

RUCKUS ADVISORY ID 041414

Customer release date: April 14, 2014
Public release date: April 14, 2014

TITLE

OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160

SUMMARY

OpenSSL library is used in Ruckus products to implement various

[ more ]  [ reply ]
VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) 2014-04-14
VUPEN Security Research (advisories vupen com)
VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free
Code Execution (Pwn2Own)

Website : http://www.vupen.com

Twitter : http://twitter.com/vupen

I. BACKGROUND
---------------------

Adobe Flash Player is a cross-platform browser-based application runtime
that delivers viewing of

[ more ]  [ reply ]
[SECURITY] [DSA 2903-1] strongswan security update 2014-04-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2903-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Yves-Alexis Perez
April 14, 2014

[ more ]  [ reply ]
(Page 1 of 1528)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus