BugTraq Mode:
(Page 8 of 1685)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >
[CVE-2014-1520] NOT FIXED: privilege escalation via Mozilla's executable installers 2016-06-14
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

<https://bugzilla.mozilla.org/show_bug.cgi?id=961676> should
have fixed CVE-2014-1520 in Mozilla's executable installers for
Windows ... but does NOT!

JFTR: this type of vulnerability (really: a bloody stupid trivial
beginner's error!) is well-known and well-documented as
<http

[ more ]  [ reply ]
[SECURITY] [DSA 3603-1] libav security update 2016-06-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3603-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 14, 2016

[ more ]  [ reply ]
Bashi v1.6 iOS - Persistent Mail Encoding Vulnerability 2016-06-14
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Bashi v1.6 iOS - Persistent Mail Encoding Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1852

Release Date:
=============
2016-05-25

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
[SECURITY] [DSA 3602-1] php5 security update 2016-06-14
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3602-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 14, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3601-1] icedove security update 2016-06-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3601-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 13, 2016

[ more ]  [ reply ]
Oracle Orakill.exe Buffer Overflow 2016-06-14
hyp3rlinx lycos com
[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-ORAKILL.EXE-BUFFER-OVE
RFLOW.txt

[+] ISR: apparitionsec

Vendor:
==============
www.oracle.com

Product:
===================
orakill.exe v11.2.0

The orakill utility is

[ more ]  [ reply ]
ESA-2016-047: RSA Archer® GRC Platform Sensitive Information Disclosure Vulnerability 2016-06-13
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-047: RSA Archer® GRC Platform Sensitive Information Disclosure Vulnerability

EMC Identifier: ESA-2016-047

CVE Identifier: CVE-2016-0899

Severity Rating: CVSS v3 Base Score: 6.3 (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)

Affected Produc

[ more ]  [ reply ]
CM Ad Changer 1.7.7 Wordpress Plugin - Cross Site Scripting Web Vulnerability 2016-06-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
CM Ad Changer 1.7.7 Wordpress Plugin - Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1856

Release Date:
=============
2016-06-13

Vulnerability Laboratory ID (VL-ID):
=========

[ more ]  [ reply ]
FlashFXP v5.3.0 (Windows) - Memory Corruption Vulnerability 2016-06-13
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FlashFXP v5.3.0 (Windows) - Memory Corruption Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1853

Release Date:
=============
2016-06-13

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
OpenWRT: swconfig infrastructure fails to check permissions 2016-06-10
Elliott Mitchell ehem+bugtraq (at) m5p (dot) com [email concealed] (ehem+bugtraq m5p com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Sometimes trying silly things produces interesting results. I thought
this was a silly thing to try, but I tried it and got a result that is
troubling. This is on a device with a heavily modified setup and kernel,
but the kernel is still ultimately

[ more ]  [ reply ]
ESA-2016-062: EMC Data Domain Multiple Vulnerabilities 2016-06-10
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-062: EMC Data Domain Multiple Vulnerabilities

EMC Identifier: ESA-2016-062

CVE Identifier: CVE-2016-0911, CVE-2016-0912

Severity Rating: See below for individual scores for each CVE

Affected products:

EMC Data Domain OS 5.4: All

[ more ]  [ reply ]
[security bulletin] HPSBGN03617 rev.2 - HPE IceWall Federation Agent and IceWall File Manager using libXML2 library, Remote Denial of Service (DoS) 2016-06-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05157239

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05157239
Version: 2

HPSBGN03617 r

[ more ]  [ reply ]
[SECURITY] [DSA 3600-1] iceweasel/firefox-esr security update 2016-06-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3600-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 09, 2016

[ more ]  [ reply ]
SimpleSAMLphp Link Injection 2016-06-10
hyp3rlinx lycos com
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/SIMPLESAML-PHP-LINK-INJECTION
.txt

[+] ISR: apparitionsec

Vendor:
=================
simplesamlphp.org

Product:
======================
simplesamlphp < 1.14.4

[ more ]  [ reply ]
[SECURITY] [DSA 3599-1] p7zip security update 2016-06-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3599-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 09, 2016

[ more ]  [ reply ]
CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability 2016-06-09
John Kinsella (jlk apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability

CVSS v2:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Vendors:
The Apache Software Foundation
Accelerite, Inc

Versions affected:
CloudStack versions 4.5.0 and newer

Description:
Apache Cloud

[ more ]  [ reply ]
ESA-2016-064: EMC Data Domain Information Disclosure Vulnerability 2016-06-08
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-064: EMC Data Domain Information Disclosure Vulnerability

EMC Identifier: ESA-2016-064

CVE Identifier: CVE-2016-0910

Severity Rating: CVSS v3 Base Score: 8.2 (AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)

Affected products:

EMC Data Domain

[ more ]  [ reply ]
ESA-2016-072: EMC NetWorker Remote Code Execution Vulnerability 2016-06-08
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-072: EMC NetWorker Remote Code Execution Vulnerability

EMC Identifier: ESA-2016-072

CVE Identifier: CVE-2016-0916

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected products:

EMC NetWorker 8.2

[ more ]  [ reply ]
[security bulletin] HPSBMU03614 rev.1 - HPE Systems Insight Manager using Samba, Multiple Remote Vulnerabilities 2016-06-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05166182

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05166182
Version: 1

HPSBMU03614

[ more ]  [ reply ]
[security bulletin] HPSBMU03584 rev.2 - HPE Network Node Manager I (NNMi), Multiple Remote Vulnerabilities 2016-06-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05103564

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05103564
Version: 2

HPSBMU03584 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03618 rev.1 - HPE Service Manager remote Denial of Service (DoS), Disclosure of Information, Unauthorized Read Access to Files, Server Side Request Forgery 2016-06-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05167176

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05167176
Version: 1

HPSBGN03618 r

[ more ]  [ reply ]
[security bulletin] HPSBGN03624 rev.1 - HPE Project and Portfolio Management Center, Remote Disclosure of Sensitive Information, Execution of Arbitrary of Commands 2016-06-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05167126

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05167126
Version: 1

HPSBGN03624 r

[ more ]  [ reply ]
Cisco EPC 3928 Multiple Vulnerabilities 2016-06-08
patryk bogdan secorda com
# Title: Cisco EPC 3928 Multiple Vulnerabilities
# Vendor: http://www.cisco.com/
# Vulnerable Version(s): Cisco Model EPC3928 DOCSIS 3.0 8x4 Wireless Residential Gateway
# CVE References: CVE-2015-6401 / CVE-2015-6402 / CVE-2016-1328 / CVE-2016-1336 / CVE-2016-1337
# Author: Patryk Bogdan from Secor

[ more ]  [ reply ]
[SECURITY] [DSA 3598-1] vlc security update 2016-06-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3598-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 07, 2016

[ more ]  [ reply ]
[security bulletin] HPSBGN03623 rev.1 - HPE Universal CMDB, Remote Disclosure of Sensitive Information 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164813

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164813
Version: 1

HPSBGN03623

[ more ]  [ reply ]
[security bulletin] HPSBGN03622 rev.1 - HPE UCMDB, Universal Discovery, and UCMDB Configuration Manager using Apache Commons Collection, Remote Code Executon 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164408

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164408
Version: 1

HPSBGN03622

[ more ]  [ reply ]
[security bulletin] HPSBGN03621 rev.1 - HPE Universal CMDB using OpenSSL, Remote Disclosure of Sensitive Information 2016-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05164821

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05164821
Version: 1

HPSBGN03621

[ more ]  [ reply ]
[CVE-2016-0392] IBM GPFS / Spectrum Scale Command Injection 2016-06-07
john fitzpatrick mwrinfosecurity com
###[IBM GPFS / Spectrum Scale Command Injection]###

A command injection vulnerability in GPFS / Spectrum Scale allows attackers to escalate privileges to root

* Product: IBM GPFS / Spectrum Scale
* Severity: High
* CVE Reference: CVE-2016-0392
* Type: Command injection
* Author: John Fitzpatrick (

[ more ]  [ reply ]
[SECURITY] [DSA 3597-1] expat security update 2016-06-07
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3597-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
June 07, 2016

[ more ]  [ reply ]
Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability 2016-06-07
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wordpress Levo-Slideshow v2.3 - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1855

Release Date:
=============
2016-06-06

Vulnerability Laboratory ID (VL-ID):
==============================

[ more ]  [ reply ]
(Page 8 of 1685)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus