BugTraq Mode:
(Page 8 of 1620)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >
Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1460

Video: http://www.vulnerability-lab.com/get_content.php?id=1526

View Video: https://www.yo

[ more ]  [ reply ]
ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1522

Release Date:
=============
2015-06-16

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1501

Release Date:
=============
2015-06-19

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
[SECURITY] [DSA 3292-1] cinder security update 2015-06-19
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3292-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
June 19, 2015

[ more ]  [ reply ]
DUO Security push Timing Attack 2015-06-18
jpierini paysw com
DUO ?push? Timing Attack

PSC Risk Assessment
CVSS 7.3, (AV:N/AC:L/Au:M/C:C/I:N/A:C/E:F/RL:ND/RC:ND)

Description
Duo ?push? authentications are susceptible to a low-profile timing-based attack that permits an intruder to steal an authenticated session from an end-user accessing Duo-protected resour

[ more ]  [ reply ]
[SECURITY] [DSA 3291-1] drupal7 security update 2015-06-18
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3291-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
June 18, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3290-1] linux security update 2015-06-18
Ben Hutchings (benh debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3290-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Ben Hutchings
June 18, 2015

[ more ]  [ reply ]
[security bulletin] HPSBGN03338 rev.1 - HP Service Manager running RC4, Remote Disclosure of Information 2015-06-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04687922

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04687922
Version: 1

HPSBGN03338 re

[ more ]  [ reply ]
[security bulletin] HPSBGN03350 rev.1 - HP SiteScope Using RC4, Remote Disclosure of Information 2015-06-17
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04708650

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04708650
Version: 1

HPSBGN03350 re

[ more ]  [ reply ]
VCE3570: VCE Vision(TM) Intelligent Operations Cryptographic and Cleartext Vulnerabilities 2015-06-17
VCE - PSIRT (VCEPSIRT vce com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

VCE3570: VCE Vision(TM) Intelligent Operations Cryptographic and Cleartext Vulnerabilities

CVE Identifier: CVE-2015-4056, CVE-2015-4057

Severity Rating: CVSSv2 Base Score: See below for individual scores for each CVE

Affected products:

[ more ]  [ reply ]
Reflected Cross-Site Scripting (XSS) in SearchBlox 2015-06-17
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23256
Product: SearchBlox
Vendor: SearchBlox Software, Inc.
Vulnerable Version(s): 8.2 and probably prior
Tested Version: 8.2
Advisory Publication: April 22, 2015 [without technical details]
Vendor Notification: April 22, 2015
Vendor Patch: May 26, 2015
Public Disclosure: June 17

[ more ]  [ reply ]
OS Command Injection in Vesta Control Panel 2015-06-17
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23261
Product: Vesta Control Panel
Vendor: http://vestacp.com
Vulnerable Version(s): 0.9.8 and probably prior
Tested Version: 0.9.8
Advisory Publication: May 20, 2015 [without technical details]
Vendor Notification: May 20, 2015
Vendor Patch: June 3, 2015
Public Disclosure: June

[ more ]  [ reply ]
ESA-2015-043: RSA® Validation Manager Security Update for Multiple Vulnerabilities 2015-06-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-043: RSA® Validation Manager Security Update for Multiple Vulnerabilities

EMC Identifier: ESA-2015-043

CVE Identifier: CVE-2014-3566, CVE-2014-0098, CVE-2014-0231, CVE-2014-0226, CVE-2013-1862, CVE-2012-3499, CVE-2015-0526, CVE-2013-256

[ more ]  [ reply ]
ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability 2015-06-16
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability

EMC Identifier: ESA-2015-106

CVE Identifier: CVE-2015-0546

Severity Rating: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Affe

[ more ]  [ reply ]
BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability 2015-06-16
d4rkr0id gmail com
# Exploit Title: BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability
# Date: 2015/06/16
# Vendor Homepage: http://blackcat-cms.org/
# Software Link: http://blackcat-cms.org/temp/packetyzer/blackcatcms_2fo3PXdKj1.zip
# Version: v1.1.1
# Tested on: Centos 6.5,PHP 5.4.41
# Category: webapps

* D

[ more ]  [ reply ]
[SECURITY] [DSA 3289-1] p7zip security update 2015-06-15
Ben Hutchings (benh debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3289-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Ben Hutchings
June 15, 2015

[ more ]  [ reply ]
WebdesignJiNi Cms Sql Injection Vulnerability 2015-06-14
iedb team gmail com
Sql Injection Vulnerability in WebdesignJiNi Cms in All Version

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@ @@@ @

[ more ]  [ reply ]
Productsurf Cms Sql Injection Vulnerability 2015-06-14
iedb team gmail com
Sql Injection Vulnerability in Productsurf Cms All Version

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@
# @@@ @@@ @@@ @@

[ more ]  [ reply ]
[SECURITY] [DSA 3252-2] sqlite3 security update 2015-06-14
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3252-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
June 14, 2015

[ more ]  [ reply ]
[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager 2015-06-15
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: SQL Injection in TYPO3 Extension Akronymmanager

An SQL injection vulnerability in the TYPO3 extension "Akronymmanager"
allows authenticated attackers to inject SQL statements and thereby read
data from the TYPO3 database.

Details
=======

Product: sb_akronymmanager
Affected Versions: <=

[ more ]  [ reply ]
[SECURITY] [DSA 3287-1] openssl security update 2015-06-13
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3287-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
June 13, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3288-1] libav security update 2015-06-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3288-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 13, 2015

[ more ]  [ reply ]
Buffer Overflow in My Wifi Router Software 2015-06-13
sudson08 gmail com
Hi there,

I have seen a buffer overflow in My Wifi Router software version 1.0

The link of the software is available :- http://mywifirouter.software.informer.com/1.0/

Exploit :- After running the software you will see two places to enter details i.e "Hotspot Name" and "Password".

To exploit thi

[ more ]  [ reply ]
[SECURITY] [DSA 3286-1] xen security update 2015-06-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3286-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 13, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3285-1] qemu-kvm security update 2015-06-12
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3285-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 13, 2015

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2015-162-01) 2015-06-11
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2015-162-01)

New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:10.openssl 2015-06-12
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:10.openssl Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SYSS-2015-020] ZENWorks Mobile Management - Cross-Site Scripting 2015-06-12
ludwig stage syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-020
Product(s): ZENWorks Mobile Management
Vendor: Novell
Affected Version(s): 3.1.0
Tested Version(s): 3.1.0
Vulnerability Type: Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: Open
Vendor Notification: 2015-0

[ more ]  [ reply ]
ZCMS SQL Injection & Persistent XSS 2015-06-12
apparitionsec gmail com
[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-ZCMS0612.txt

Vendor:
=============================================
http://zencherry.com/
http://sourceforge.net/projects/zencherrycms

Product:
===============

[ more ]  [ reply ]
[slackware-security] php (SSA:2015-162-02) 2015-06-11
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2015-162-02)

New php packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/php-5.4.4

[ more ]  [ reply ]
(Page 8 of 1620)  < Prev  3 4 5 6 7 8 9 10 11 12 13  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus