BugTraq Mode:
(Page 7 of 1703)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin 2016-11-08
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-------------------------------------------------------

[ more ]  [ reply ]
Cross Site Scripting Vulnerability In Verint Impact 360 2016-11-08
sanehsingh controlcase com
Overview
========

* Title : Cross Site Scripting Vulnerability In Verint Impact 360
* Author: Sanehdeep Singh
* Plugin Homepage: http://www.verint.com
* Severity: Medium
* Version Affected: 11.1
* Version patched: Patches available. Contact Vendor

Description
===========

About the Product
=====

[ more ]  [ reply ]
[SECURITY] [DSA 3707-1] openjdk-7 security update 2016-11-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3707-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 07, 2016

[ more ]  [ reply ]
[CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow 2016-11-07
Pedro Ribeiro (pedrib gmail com)
tl;dr

A stack bof in several Dlink routers, which can be exploited by an
unauthenticated attacker in the LAN. There is no patch as Dlink did not
respond to CERT's requests. As usual, a Metasploit module is in the
queue (see [9] below) and should hopefully be integrated soon.

The interesting thing

[ more ]  [ reply ]
[security bulletin] HPSBGN03643 rev.1 - HPE KeyView using Filter SDK, Remote Code Execution 2016-11-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053258
36

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05325836

Version: 1

HPSBGN03643 rev.1

[ more ]  [ reply ]
Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1931

Release Date:
=============
2016-11-07

Vulnerability Laboratory ID (VL-ID):
==================

[ more ]  [ reply ]
Edusson (Robotdon) - Client Side Cross Site Scripting Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Edusson (Robotdon) BB - Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1871

Release Date:
=============
2016-11-04

Vulnerability Laboratory ID (VL-ID):
================

[ more ]  [ reply ]
Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1870

Release Date:
=============
2016-11-03

Vulnerability Laboratory ID (VL-ID):
======================

[ more ]  [ reply ]
Faraznet Cms Cross-Site Scripting Vulnerability 2016-11-07
iedb team gmail com
Cross-Site Scripting in Faraznet Cms Version 4.x

###########################

# Faraznet Cms Cross-Site Scripting Vulnerability

###########################

#####################################

# Iranian Exploit DataBase And Security Team - iedb.ir

# Title : Faraznet Cms Cross-Site Scripting V

[ more ]  [ reply ]
Faraznet Cms Cross-Site Scripting Vulnerability 2016-11-07
iedb team gmail com
Cross-Site Scripting in Faraznet Cms Version 4.x

###########################

# Faraznet Cms Cross-Site Scripting Vulnerability

###########################

#####################################

# Iranian Exploit DataBase And Security Team - iedb.ir

# Title : Faraznet Cms Cross-Site Scripting V

[ more ]  [ reply ]
WinaXe v7.7 FTP 'Server Ready' CMD Remote Buffer Overflow 2016-11-05
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/WINAXE-FTP-CLIENT-REMOTE-BUFF
ER-OVERFLOW.txt

[+] ISR: Apparition Security

Vendor:
============
www.labf.com

Product:
================
WinaXe v7.7 FTP

The X W

[ more ]  [ reply ]
Axessh 4.2.2 Denial Of Service 2016-11-05
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt

[+] ISR: ApparitionSec

Vendor:
============
www.labf.com

Product:
=============
Axessh 4.2.2

Axessh is a SSH client. It is a supe

[ more ]  [ reply ]
Rapid PHP Editor CSRF Remote Command Execution 2016-11-05
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/RAPID-PHP-EDITOR-REMOTE-CMD-E
XEC.txt

[+] ISR: Apparition Security

Vendor:
======================
www.rapidphpeditor.com

Product:
==============================

[ more ]  [ reply ]
[security bulletin] HPSBGN03656 rev.1 - HPE Network Node Manager i (NNMi) Software using Java Deserialization, Remote Arbitrary Code Execution and Cross-Site Scripting 2016-11-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053258
23

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05325823

Version: 1

HPSBGN03656 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBGN03657 rev.1 - HPE Network Node Manager i (NNMi) Software, Local Code Execution 2016-11-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053258
11

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05325811

Version: 1

HPSBGN03657 rev.1

[ more ]  [ reply ]
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution 2016-11-04
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution

Title: Sophos Web Appliance Remote Code Execution
Advisory ID: KL-001-2016-009
Publication Date: 2016.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-009.txt

1. Vulnerability Details

Affected Vend

[ more ]  [ reply ]
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation 2016-11-04
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation

Title: Sophos Web Appliance Privilege Escalation
Advisory ID: KL-001-2016-008
Publication Date: 2016.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-008.txt

1. Vulnerability Details

Affected Vendor

[ more ]  [ reply ]
MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) 2016-11-04
Dawid Golunski (dawid legalhackers com)
CVE-2016-6664 / (Oracle)CVE-2016-5617
Vulnerability: MySQL / MariaDB / PerconaDB - Root Privilege Escalation

Discovered by:
Dawid Golunski
@dawid_golunski
https://legalhackers.com

MySQL-based databases including MySQL, MariaDB and PerconaDB are affected
by a privilege escalation vulnerability whic

[ more ]  [ reply ]
[security bulletin] HPSBUX03665 rev.1 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection 2016-11-04
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053247
59

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324759

Version: 1

HPSBUX03665 rev.1

[ more ]  [ reply ]
Axessh 4.2.2 Denial Of Service 2016-11-04
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt

[+] ISR: ApparitionSec

Vendor:
============
www.labf.com

Product:
=============
Axessh 4.2.2

Axessh is a SSH client. It is a supe

[ more ]  [ reply ]
[security bulletin] HPSBUX03664 SSRT110248 rev.1 - HP-UX BIND Service running named, Remote Denial of Service (DoS) 2016-11-02
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053211
07

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05321107

Version: 1

HPSBUX03664 SSRT11

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability

Advisory ID: cisco-sa-20161102-cms

Revision: 1.0

For Public Release 2016 November 2 16:00 UTC (GMT)

+-----------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability

Advisory ID: cisco-sa-20161102-tl1

Revision: 1.0

For Public Release 2016 November 2 16:00 UTC (GMT)

+-------------------------------------------

[ more ]  [ reply ]
Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the first
entry in that series.
The below information is also available on my blog at
http://blog.skylined.nl/20161101001.html. There you can find a repro
that triggered

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-305-04) 2016-11-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-305-04)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
[slackware-security] mariadb (SSA:2016-305-03) 2016-11-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mariadb (SSA:2016-305-03)

New mariadb packages are available for Slackware 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/m

[ more ]  [ reply ]
CfP and Special Session :: CyberSec2017 2016-11-01
Jackie Blanco (jackie sdiwc info)
You are invited to participate in the following conference:

THE FIFTH INTERNATIONAL CONFERENCE ON CYBER SECURITY, CYBER WELFARE AND
DIGITAL FORENSIC (CyberSec2017)

Venue: St. Mary's University, Addis Ababa, Ethiopia
Dates: April 22-24, 2017
URL:
http://sdiwc.net/conferences/6th-international-cyb

[ more ]  [ reply ]
[slackware-security] x11 (SSA:2016-305-02) 2016-11-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] x11 (SSA:2016-305-02)

New x11 packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
p

[ more ]  [ reply ]
OS-S 2016-23 - Local DoS: Linux Kernel EXT4 Error Handling (EXT4 calling panic()) 2016-10-31
Ralf Spenneberg (info os-t de)
OS-S Security Advisory 2016-23
Local DoS: Linux Kernel EXT4 Error Handling (EXT4 calling panic())

Date:
October 31th, 2016
Authors:
Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg
CVE:
Not yet assigned
CVSS:
4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Severity:
Critical
Ease of Exploitation:
Trivial
Vulne

[ more ]  [ reply ]
[HITB-Announce] HITB2017AMS CFP 2016-10-31
Hafez Kamal (aphesz hackinthebox org)
The Call for Papers for the 8th annual Hack In The Box Security
Conference in The Netherlands is now open!

Call for Papers: https://cfp.hackinthebox.org/
Event Website: https://conference.hitb.org/hitbsecconf2017ams/

HITBSecConf has always been an attack oriented deep-knowledge research
event aime

[ more ]  [ reply ]
(Page 7 of 1703)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus