BugTraq Mode:
(Page 7 of 1693)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
[SYSS-2016-065] NASdeluxe NDL-2400r: OS Command Injection 2016-08-04
klaus eisentraut syss de
Advisory ID: SYSS-2016-065
Product: NASdeluxe NDL-2400r
Vendor: Starline Computer GmbH
Affected Version(s): 2.01.10
Tested Version(s): 2.01.09
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: no fix (product has reached EOL since 3 years)
Vendor Notification: 2016

[ more ]  [ reply ]
FortiManager (Series) - (Bookmark) Persistent Vulnerability 2016-08-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FortiManager (Series) - (Bookmark) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1685

Fortinet PSIRT ID: 1624461

Release Notes 1: http://docs.fortinet.com/uploaded/files/2499/fortios-5.0.12-r

[ more ]  [ reply ]
FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Web Vulnerability 2016-08-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1686

Fortinet PSIRT ID: 1624489

Release Notes 1: http://docs.fortinet.com/uploaded/files

[ more ]  [ reply ]
Cross-Site Scripting in WordPress Landing Pages Plugin 2016-08-03
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in WordPress Landing Pages Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Activity Log WordPress Plugin 2016-08-03
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Activity Log WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

------------------------------------------------------------------------

A

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in search function Activity Log WordPress Plugin 2016-08-03
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in search function Activity Log
WordPress Plugin
------------------------------------------------------------------------

Edwin Molenaar, July 2016

-------------------------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 3640-1] firefox-esr security update 2016-08-03
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3640-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 03, 2016

[ more ]  [ reply ]
Secunia Research: LibGD "_gdContributionsAlloc()" Integer Overflow Denial of Service Vulnerability 2016-08-03
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 03/08/2016

LibGD "_gdContributionsAlloc()" Integer Overflow

Denial of Service Vulnerability

===============================================================

[ more ]  [ reply ]
[security bulletin] HPSBGN03633 rev.1 - HPE Release Control, Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access to Files or Server-Side Request Forgery(SSRF) 2016-08-03
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05219560

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05219560
Version: 1

HPSBGN03633 r

[ more ]  [ reply ]
Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability 2016-08-03
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20160803-rv180_2

Revision 1.0

For Public Release 2016 August 3 16:00 UTC (GMT)

+----------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability 2016-08-03
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability

Advisory ID: cisco-sa-20160803-rv180_1

Revision 1.0

For Public Release 2016 August 3 16:00 UTC (GMT)

+------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability 2016-08-03
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability

Advisory ID: cisco-sa-20160803-rv110_130w2

Revision 1.0

For Public Release 2016 August 3 16:00 UTC (GMT)

+---------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability 2016-08-03
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability

Advisory ID: cisco-sa-20160803-ucm

Revision 1.0

For Public Release 2016 August 3 16:00 UTC (GMT)

+-----------

[ more ]  [ reply ]
[SECURITY] [DSA 3639-1] wordpress security update 2016-08-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3639-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 03, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3638-1] curl security update 2016-08-03
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3638-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
August 03, 2016

[ more ]  [ reply ]
WorldCIST'17 - Call for Workshops Proposals; Deadline: September 5 2016-08-03
Maria Lemos (marialemos72 gmail com)
--
-----
---------
WorldCIST'17 - 5th World Conference on Information Systems and Technologies
Porto Santo Island, Madeira, Portugal
11th-13th of April 2017
http://www.worldcist.org/
-------------------------------------------

WORKSHOP FORMAT

The Information Systems and Technologies research and

[ more ]  [ reply ]
Arbitrary File Content Disclosure in Atutor 2016-08-02
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23297
Product: Atutor
Vendor: Atutor
Vulnerable Version(s): 2.2.1 and probably prior
Tested Version: 2.2.1
Advisory Publication: February 24, 2016 [without technical details]
Vendor Notification: February 24, 2016
Vendor Patch: July 1, 2016
Public Disclosure: August 2, 2016
Vuln

[ more ]  [ reply ]
Cross-Site Scripting in WangGuard WordPress Plugin 2016-08-02
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in WangGuard WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

------------------------------------------------------------------------

Abst

[ more ]  [ reply ]
Cross-Site Scripting in Uji Countdown WordPress Plugin 2016-08-02
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Uji Countdown WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
WinSaber - Unquoted Service Path Privilege Escalation 2016-08-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
WinSaber - Unquoted Service Path Privilege Escalation

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1879

Release Date:
=============
2016-07-29

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities 2016-08-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1882

Release Date:
=============
2016-08-01

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
Docebo LMS 6.9 - (Moxie) API Calls RST Remote Code Execution Vulnerability 2016-08-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Docebo LMS 6.9 - (Moxie) API Calls RST Remote Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1888

Video: http://www.vulnerability-lab.com/get_content.php?id=1892

Release Date:
===========

[ more ]  [ reply ]
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability 2016-08-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1891

Release Date:
=============
2016-08-01

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability 2016-08-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1887

Release Date:
=============
2016-07-29

Vulnerability Laboratory ID (VL-ID):
==============

[ more ]  [ reply ]
FortiManager (Series) - Multiple Web Vulnerabilities 2016-08-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FortiManager (Series) - Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1684

Fortinet PSIRT ID: 1624459

Release Notes 1: http://docs.fortinet.com/uploaded/files/2910/fortimanager-v5.4.0-rel

[ more ]  [ reply ]
[security bulletin] HPSBGN03564 rev.2 - HPE Release Control using Java Deserialization, Remote Code Execution 2016-08-01
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05063986

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05063986
Version: 2

HPSBGN03564 r

[ more ]  [ reply ]
[security bulletin] HPSBUX03632 SSRT110194 rev.1 - HP-UX Mail Server running Sendmail, Local Unauthorized Disclosure of Information 2016-08-01
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05216368

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05216368
Version: 1

HPSBUX03632 S

[ more ]  [ reply ]
[CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c 2016-08-01
wpengfeinudt gmail com
I found this double-fetch vulnerability when I was doing my research on double-fetch issue analysis, and I?d like to make an announcement here.

This was found in Linux kernel file Linux-4.5/drivers/scsi/aacraid/commctrl.c, and crafted user space data change under race condition will lead to over-b

[ more ]  [ reply ]
Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin 2016-08-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

---------------------------------------------------------

[ more ]  [ reply ]
Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) 2016-08-01
David Coomber (davidcoomber infosec gmail com)
Kaspersky Safe Browser iOS Application - MITM SSL Certificate
Vulnerability (CVE-2016-6231)
--
http://www.info-sec.ca/advisories/Kaspersky-Safe-Browser.html

Overview

"Stay safe from malicious links, suspicious content and identity theft
while you surfing the Internet."

"Our Safe Browser covers th

[ more ]  [ reply ]
(Page 7 of 1693)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus