BugTraq Mode:
(Page 1 of 1570)  1 2 3 4 5 6 7 8 9 10 11  Next >
Slider Revolution/Showbiz Pro shell upload exploit 2014-11-25
simo morxploit com
#!/usr/bin/perl
#
# Title: Slider Revolution/Showbiz Pro shell upload exploit
# Author: Simo Ben youssef
# Contact: Simo_at_Morxploit_com
# Discovered: 15 October 2014
# Coded: 15 October 2014
# Updated: 25 November 2014
# Published: 25 November 2014
# MorXploit Research
# http://www.MorXploit.com
#

[ more ]  [ reply ]
[security bulletin] HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell, Remote Code Execution 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04479974

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04479974
Version: 1

HPSBST03148 re

[ more ]  [ reply ]
[security bulletin] HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04510286

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04510286
Version: 1

HPSBMU03214 re

[ more ]  [ reply ]
[ MDVSA-2014:227 ] ffmpeg 2014-11-25
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:227
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:226 ] imagemagick 2014-11-25
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:226
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:225 ] ruby 2014-11-25
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:225
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[oCERT 2014-008] libFLAC multiple issues 2014-11-25
Daniele Bianco (danbia ocert org)

Description:

FLAC is an open source lossless audio codec supported by several software
and music players.

The libFLAC project, an open source library implementing reference
encoders and decoders for native FLAC and Ogg FLAC audio content,
suffers from multiple implementation issues.

In particula

[ more ]  [ reply ]
Docker 1.3.2 - Security Advisory [24 Nov 2014] 2014-11-24
Eric Windisch (eric windisch docker com)
Today, we are releasing Docker 1.3.2 in order to address two critical
security issues. This release also includes several bugfixes,
including changes to the insecure-registry option. Below are CVE
descriptions for the vulnerabilities addressed in this release.

Docker 1.3.2 is available immediately

[ more ]  [ reply ]
CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com
CodeMeter Weak Service Permissions

Vendor Website : http://www.codemeter.com

INDEX
---------------------------------------
1. Background
2. Description
3. Affected Products
4. Vulnerability
5. Solution
6. Credit
7. Disclosure Timeline
8. CVE

1. BACKGROUND
--------

[ more ]  [ reply ]
Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
Larry W. Cashdollar (larry0 me com)
#!/bin/bash
#Larry W. Cashdollar, @_larry0
#Will brute force and search a Wordpress target site with WP-DB-Backup v2.2.4 plugin installed for any backups done on
#20141031 assumes the wordpress database is wordpress and the table prefix is wp_
#http://www.vapid.dhs.org/advisories/wordpress/plugins/w

[ more ]  [ reply ]
[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-11-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04396638

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04396638
Version: 2

HPSBUX03087 SS

[ more ]  [ reply ]
[ MDVSA-2014:224 ] krb5 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:224
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:223 ] wireshark 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:223
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:222 ] libvirt 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:222
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:221 ] php-smarty 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:221
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:220 ] qemu 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:220
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2014:219 ] srtp 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:219
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities 2014-11-21
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04347622

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04347622
Version: 2

HPSBHF03052 re

[ more ]  [ reply ]
[ MDVSA-2014:218 ] asterisk 2014-11-21
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:218
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)
OVERVIEW
========

A security flaw in WordPress 3 allows injection of JavaScript into
certain text fields. In particular, the problem affects comment boxes
on WordPress posts and pages. These don't require authentication by
default.

The JavaScript injected into a comment is executed when the target

[ more ]  [ reply ]
AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-012

Product Asterisk
Summary Mixed IP address families in access control lists
may permit unwanted traffic.

[ more ]  [ reply ]
AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-013

Product Asterisk
Summary PJSIP ACLs are not loaded on startup
Nature of Advisory Unauthorized Access

[ more ]  [ reply ]
AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-015

Product Asterisk
Summary Remote Crash Vulnerability in PJSIP channel driver
Nature of Advisory Denial of Service

[ more ]  [ reply ]
AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-016

Product Asterisk
Summary Remote Crash Vulnerability in PJSIP channel driver
Nature of Advisory Denial of Service

[ more ]  [ reply ]
AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-017

Product Asterisk
Summary Permission escalation through ConfBridge
actions/dialplan functions

[ more ]  [ reply ]
AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-018

Product Asterisk
Summary AMI permission escalation through DB dialplan
function

[ more ]  [ reply ]
AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2014-014

Product Asterisk
Summary High call load may result in hung channels in
ConfBridge.

[ more ]  [ reply ]
Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn
Vulnerability title: Multiple SQL Injection in SP Client Document Manager plugin
Plugin: SP Client Document Manager
Vendor: http://smartypantsplugins.com
Product: https://wordpress.org/plugins/sp-client-document-manager/
Affected version: version 2.4.1 and previous version
Fixed version: N/A
Google

[ more ]  [ reply ]
[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3075-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 20, 2014

[ more ]  [ reply ]
CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin 2014-11-20
phi n le itas vn
Vulnerability title: Code Injection in Wordpress CM Download Manager plugin
CVE: CVE-2014-8877
Plugin: CM Download Manager plugin
Vendor: CreativeMinds - https://www.cminds.com/
Product: https://wordpress.org/plugins/cm-download-manager/
Affected version: 2.0.0 and previous version
Fixed version: 2

[ more ]  [ reply ]
(Page 1 of 1570)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus