BugTraq Mode:
(Page 7 of 1620)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences 2015-06-26
SEC Consult Vulnerability Lab (research sec-consult com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SEC Consult Vulnerability Lab Security Advisory < 20150626-0 >
=======================================================================
title: Critical vulnerabilities allow surveillance on conferences
product: Polycom RealPrese

[ more ]  [ reply ]
ESA-2015-097: EMC Secure Remote Services (ESRS) Virtual Edition (VE) Multiple Security Vulnerabilities 2015-06-26
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-097: EMC Secure Remote Services (ESRS) Virtual Edition (VE) Multiple Security Vulnerabilities

CVE Identifier: CVE-2015-0543, CVE-2015-0544

Severity Rating: CVSS v2 Base Score: See below for individual scores for each CVE

Affected prod

[ more ]  [ reply ]
CVE-2015-3931 Microsec e-Szigno, CVE-2015-3932 Netlock Mokka XSW vulnerability 2015-06-26
Imre RAD (imre rad search-lab hu)
In November 2014, SEARCH-LAB Ltd. discovered a security vulnerability in Microsec e-Szigno, and Netlock Mokka computer applications that are used to generate and validate
digital signatures, which are applied within the official Hungarian government processes. The vulnerability affected the â??e-akt

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA 2015-06-25
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA

Advisory ID: cisco-sa-20150625-ironport

Revision 1.0

For Public Release 2015 June 25 16:00 UTC (GMT)

+--------------------------------------------

[ more ]  [ reply ]
ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability 2015-06-25
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability

EMC Identifier: ESA-2015-102

CVE Identifier: CVE-2015-0545

Severity Rating: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Affected products:

? EMC Unisphere

[ more ]  [ reply ]
Netgear Prosafe VPN Firewalls - Multiple vulnerabilities 2015-06-25
post encripto no
About Encripto AS
=================

Encripto is a Norwegian company which provides specialized services within IT-security.
Our core expertise is security testing, network security monitoring and training.
Encripto is committed to information security. We do research to discover trends, new vulner

[ more ]  [ reply ]
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE

Application: SAP Mobile Platform 3.0
Versions Affected: SAP Mobile Platform 3.0, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 29.12.2014

[ more ]  [ reply ]
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS
in the module XeClient.Dll

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.2014
Reported:

[ more ]  [ reply ]
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16
- DoS

Application: SYBASE SQL Anywhere 12 and 16
Versions Affected: SYBASE SQL Anywhere 12 and 16, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-009] SAP Afaria 7 XcListener -
Missing authorization check

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: Missing authorization check
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console
ReadProfile Parameters - Information disclosure

Application: SAP Management Console
Versions Affected: SAP NW 7.4 Management Console, probably others
Vendor URL: http://SAP.com
Bugs: Info

[ more ]  [ reply ]
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-005] SAP Mobile Platform - XXE

Application: SAP Mobile Platform 2.3
Versions Affected: SAP Mobile Platform 2.3, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.14
Repor

[ more ]  [ reply ]
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal
ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XXE
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal
XMLValidationComponent - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher
Buffer Overflow - RCE, DoS

Application: SAP NetWeaver Dispatcher
Versions Affected: SAP NetWeaver Dispatcher, probably others
Vendor URL: http://SAP.com
Bugs: RCE
Sent:

[ more ]  [ reply ]
[SECURITY] [DSA 3295-1] cacti security update 2015-06-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3295-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 24, 2015

[ more ]  [ reply ]
CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders 2015-06-24
Federick Joe P Fajardo (fjpfajardo ph ibm com)
CVEID: CVE-2015-4464

SUBJECT: Insufficient Authorization Checks Request Handling Remote
Authentication Bypass for Kguard Digital Video Recorders

DESCRIPTION: A deficiency in handling authentication and authorization
has been found with Kguard 104/108/v2 models. While password-based
authenticat

[ more ]  [ reply ]
CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004 2015-06-24
Marco Delai (Marco Delai csnc ch)
#############################################################
#
# COMPASS SECURITY ADVISORY
# http://www.csnc.ch/en/downloads/advisories.html
#
#############################################################
#
# CVE ID : CVE-2015-3443
# Product: Secret Server [1]
# Vendor: Thycotic
# Subject: Stor

[ more ]  [ reply ]
[SECURITY] [DSA 3294-1] wireshark security update 2015-06-23
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3294-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 23, 2015

[ more ]  [ reply ]
ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-06-23
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability

EMC Identifier: ESA-2015-110

CVE Identifier: CVE-2015-0550

Severity Rating: CVSS v2 Base Score: 8.5 (AV:N/AC:L/Au:N/C:C/I:N/A:P)

Affected products:

? EMC D

[ more ]  [ reply ]
ESA-2015-109: EMC Documentum D2 Cross-Site Scripting 2015-06-23
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-109: EMC Documentum D2 Cross-Site Scripting Vulnerability

EMC Identifier: ESA-2015-109

CVE Identifier: CVE-2015-0549

Severity Rating: CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Affected products:

EMC Documentum D2 ver

[ more ]  [ reply ]
KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass) 2015-06-23
n4ser farhadi gmail com
#!/usr/bin/python
#
# KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass)
#
# Author: Naser Farhadi
#
# Date: 21 June 2015 # Version: 3.9.1.136 # Tested on: Windows 7 SP1 (32 bit)
#
# Usage:
# chmod +x KMPlayer.py
# python KMPlayer.py
# Alt+c | Video Capture | Alt+a |

[ more ]  [ reply ]
The "localhosed" attack - stealing IE local machine cookies and exposing its internal IP address 2015-06-22
Amit Klein (aksecurity gmail com)
Dear list

Please check out the extended advisory available from this page:
http://www.securitygalore.com/site3/localhosed

Late last week Microsoft informed me that they don't plan to fix this
vulnerability. So enjoy...

Thanks,
-Amit
http://www.securitygalore.com/

[ more ]  [ reply ]
ManageEngine Asset Explorer v6.1 - Persistent Vulnerability 2015-06-22
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ManageEngine Asset Explorer v6.1 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1488

Release Date:
=============
2015-06-22

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
[oCERT-2015-008] FreeRADIUS insufficent CRL application 2015-06-22
Andrea Barisani (lcars ocert org)

#2015-008 FreeRADIUS insufficent CRL application

Description:

The FreeRADIUS server is an open source project that provides a RADIUS
implementation.

The FreeRADIUS server relies on OpenSSL to perform certificate validation,
including Certificate Revocation List (CRL) checks. The FreeRADIUS usage

[ more ]  [ reply ]
mysql-lite-administrator XSS vulnerabilities 2015-06-21
apparitionsec gmail com
[+] Credits: hyp3rlinx

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-MYSQLLITEADMINISTRATOR0621
.txt

Vendor:
=============================================
code.google.com/p/mysql-lite-administrator

Product:
==================================

[ more ]  [ reply ]
mysql-lite-administrator XSS vulnerabilities 2015-06-21
apparitionsec gmail com
[+] Credits: hyp3rlinx

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-MYSQLLITEADMINISTRATOR0621
.txt

Vendor:
=============================================
code.google.com/p/mysql-lite-administrator

Product:
==================================

[ more ]  [ reply ]
[security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS, Remote Disclosure of Information 2015-06-22
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04718196

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04718196
Version: 1

HPSBMU03356 re

[ more ]  [ reply ]
GeniXCMS XSS Vulnerabilities 2015-06-22
apparitionsec gmail com
[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-GENIXCMS0621.txt

Vendor:
=============================================
genixcms.org

Product:
=====================================================
GeniXCMS v0

[ more ]  [ reply ]
[SECURITY] [DSA 3293-1] pyjwt security update 2015-06-20
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3293-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
June 20, 2015

[ more ]  [ reply ]
(Page 7 of 1620)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus