BugTraq Mode:
(Page 5 of 1655)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
los818 CMS 2016 Q1 - SQL Injection Web Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
los818 CMS 2016 Q1 - SQL Injection Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1680

Release Date:
=============
2016-01-27

Vulnerability Laboratory ID (VL-ID):
==================================

[ more ]  [ reply ]
Kleefa v1.7 (IR) - Multiple Web Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Kleefa v1.7 (IR) - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1677

Release Date:
=============
2016-01-23

Vulnerability Laboratory ID (VL-ID):
====================================
16

[ more ]  [ reply ]
WebMartIndia CMS 2016 Q1 - SQL Injection Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WebMartIndia CMS 2016 Q1 - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1681

Release Date:
=============
2016-01-26

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
Classic Infomedia (Login) - Auth Bypass Web Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Classic Infomedia (Login) - Auth Bypass Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1679

Release Date:
=============
2016-01-25

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1203

eBay Inc. Bug Bounty Program ID: EIBBP-26644

Release Date:
=============
2016-01-18

Vulnerability Labora

[ more ]  [ reply ]
Telegram (API) - Cross Site Request Forgery Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Telegram (API) - Cross Site Request Forgery Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1648

Release Date:
=============
2016-01-17

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
Barracuda Networks Bug Bounty #38 Message Archiver - Multiple Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Barracuda Networks Bug Bounty #38 Message Archiver - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1108

Barracuda Networks Security ID (BNSEC): BNSEC-1530

Release Date:
=============
2016-01

[ more ]  [ reply ]
Apple WatchOS v2.1 - Denial of Service Vulnerability 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Apple WatchOS v2.1 - Denial of Service Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1659

Followup ID: 634926833

Release Date:
=============
2016-01-11

Vulnerability Laboratory ID (VL-ID):
==========

[ more ]  [ reply ]
Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities 2016-01-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1682

Release Date:
=============
2016-01-27

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
BK Mobile CMS SQLi and XSS Vulnerability 2016-01-27
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : BK Mobile CMS
#Exploit Author : Rahul Pratap Singh
#Version : 2.4
#Home page Link :
http://codecanyon.net/item/jquery-mobile-website-with-full-admin-panel/2
441358
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 27/J

[ more ]  [ reply ]
[SECURITY] [DSA 3456-1] chromium-browser security update 2016-01-27
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3456-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
January 27, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3455-1] curl security update 2016-01-27
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3455-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
January 27, 2016

[ more ]  [ reply ]
[ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption 2016-01-27
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption

Application: SAP HANA
Versions Affected: SAP HANA 1.00.095
Vendor URL: http://SAP.com
Bugs: Memory corruption, RCE
Reported: 17.07.2015
Vend

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:10.linux 2016-01-27
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:10.linux Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:09.ntp 2016-01-27
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:09.ntp Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-16:08.bind 2016-01-27
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-16:08.bind Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 3454-1] virtualbox security update 2016-01-26
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3454-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 27, 2016

[ more ]  [ reply ]
WP-Ultimate CSV Importer XSS Vulnerability 2016-01-26
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : WP-Ultimate CSV Importer
#Exploit Author : Rahul Pratap Singh
#Version : 3.8.6
#Home page Link : https://wordpress.org/plugins/wp-ultimate-csv-importer
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 27/Jan/2016

XS

[ more ]  [ reply ]
[security bulletin] HPSBGN03537 rev.1 - HPE IceWall Federation Agent and IceWall File Manager running libXML2, Remote or Local Denial of Service (DoS) 2016-01-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04944172

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04944172
Version: 1

HPSBGN03537 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03536 rev.1 - HP IceWall Products running OpenSSL, Remote and Local Denial of Service (DoS) 2016-01-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04944173

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04944173
Version: 1

HPSBGN03536 r

[ more ]  [ reply ]
PHP LiteSpeed SAPI out of boundaries read due to missing input validation 2016-01-25
Imre RAD (imre rad search-lab hu)
The LiteSpeed SAPI module in PHP did not sanitize several fields of the
LSAPI request correctly. In the source file sapi/litespeed/lsapilib.c,
the parseRequest function calculated addresses of thesevariables in the
following way:

pReq->m_pScriptFile = pReq->m_pReqBuf +
pReq->m_pHeader->m_sc

[ more ]  [ reply ]
[CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities 2016-01-25
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: Lenovo ShareIT Multiple Vulnerabilities
Advisory ID: CORE-2016-0002
Advisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabi
lities
Date published: 2016-01-25
Date of last update: 2016-01-22
Vendors contacted: Lenovo
Release mode: Coordina

[ more ]  [ reply ]
Authentication bypass in PHP File Manager 0.9.8 2016-01-25
Imre Rad (imre rad search-lab hu)
PHP File Manager 0.9.8 (http://phpfm.sourceforge.net/) is vulnerable
to authentication bypass due to insecure implementation of register
globals emulation. An attacker is able to override the blockKeys array
and thus build a valid session and access all the protected
functionality (including executi

[ more ]  [ reply ]
APPLE-SA-2016-01-25-1 tvOS 9.1.1 2016-01-25
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-01-25-1 tvOS 9.1.1

tvOS 9.1.1 is now available and addresses the following:

Disk Images
Available for: Apple TV (4th generation)
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: A memory

[ more ]  [ reply ]
Magento 1.9.x Multiple Man-In The Middle 2016-01-25
cxsecurity protonmail com
Magento 1.9.x Multiple Man-In The Middle
https://cxsecurity.com/issue/WLB-2016010129

--- Description ---
The man-in-the middle attack intercepts a communication between two systems. For example, in an http transaction the target is the TCP connection between client and server. Using different tech

[ more ]  [ reply ]
glibc catopen() Multiple unbounded stack allocations 2016-01-25
cxsecurity protonmail com
glibc catopen() Multiple unbounded stack allocations
URL: https://cxsecurity.com/issue/WLB-2016010149

---------------------------------------
PoC:

#include <nl_types.h>
#include <string.h>
#include <stdlib.h>

int main(){

char *buff;
buff=malloc(11111111);
memset(buff,'A',11111110);
buff[11111110

[ more ]  [ reply ]
[SECURITY] [DSA 3453-1] mariadb-10.0 security update 2016-01-25
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3453-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 25, 2016

[ more ]  [ reply ]
WP Easy Gallery v4.1.4 Stored XSS Vulnerability 2016-01-26
Rahul Pratap Singh (techno rps gmail com)
#Product : WP Easy Gallery
#Exploit Author : Rahul Pratap Singh
#Version : 4.1.4
#Home page Link : https://wordpress.org/plugins/wp-easy-gallery
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 26/Jan/2016

XSS Vulnerability:

----

[ more ]  [ reply ]
PHP LiteSpeed SAPI secret key improper disposal 2016-01-25
Imre RAD (imre rad search-lab hu)
In suEXEC_Daemon mode of the LiteSpeed web server spawns one PHP master
process during startup. It is running as root and accepts LSAPI
requests, which in turn specify what user under the script should run.
The LSAPI request is authenticated with a MAC, which is based on
preshared random key between

[ more ]  [ reply ]
PHP-FPM fpm_log.c memory leak and buffer overflow 2016-01-25
Imre RAD (imre rad search-lab hu)
The FastCGI Process Manager (FPM) SAPI of PHP was vulnerable to memory
leak and buffer overflow in the access logging feature.

PHP-FPM offers customization of the access log lines based on format
string variables which can be specified with the access.format option of
the FPM configuration file.
Th

[ more ]  [ reply ]
(Page 5 of 1655)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus