BugTraq Mode:
(Page 9 of 1700)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
[slackware-security] php (SSA:2016-252-01) 2016-09-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-252-01)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
PHPHolidays CMS v3.00.50 - Cross Site Scripting Web Vulnerability 2016-09-08
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PHPHolidays CMS v3.00.50 - Cross Site Scripting Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1948

Release Date:
=============
2016-09-08

Vulnerability Laboratory ID (VL-ID):
====================

[ more ]  [ reply ]
Picosmos Shows v1.6.0 - Stack Buffer Overflow Vulnerability 2016-09-08
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Picosmos Shows v1.6.0 - Stack Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1936

Release Date:
=============
2016-09-05

Vulnerability Laboratory ID (VL-ID):
==================================

[ more ]  [ reply ]
CVE-2016-4264 Adobe ColdFusion <= 11 XXE Vulnerability 2016-09-07
Dawid Golunski (dawid legalhackers com)
Vulnerability: Adobe ColdFusion <= 11 XXE Injection
CVE: CVE-2016-4264
Vendor ID: APSB16-30
Discovered by: Dawid Golunski (http://legalhackers.com)

Adobe ColdFusion in versions 11 and below is vulnerable to XXE
Injection when processing untrusted office documents.

Depending on a web application's

[ more ]  [ reply ]
CVE-2016-6920 ffmpeg exr file Heap Overflow 2016-09-07
unlimitsec gmail com
=======

Product: ffmpeg
Affected Versions: <= 3.1.2
Vulnerability Type: Heap Overflow
Security Risk: High
Credit: Yaoguang Chen of Aliapy unLimit Security Team

Introduction
============

$ ffmpeg_debug_312/bin/ffmpeg -i tiled_with_deeptile_type.exr -y xx.png
ffmpeg version 3.1.2 Copyright (c) 20

[ more ]  [ reply ]
Infoblox Cross-site scripting vulnerabilities 2016-09-06
alex_haynes outlook com
Exploit Title: Infoblox Cross-site scripting vulnerabilities
Product: Infoblox Network Automation
Vulnerable Versions: 7.0.1 and all previous versions
Tested Version: 6.9.2
Advisory Publication: 06/09/2016
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: NONE
Credit: Alex Haynes

Ad

[ more ]  [ reply ]
[CVE-2016-6484] Infoblox Network Automation CRLF Injection/ HTTP splitting 2016-09-06
alex_haynes outlook com
Exploit Title: [CVE-2016-6484] Infoblox Network Automation CRLF Injection/ HTTP splitting vulnerability
Product: Infoblox Network Automation
Vulnerable Versions: 7.0.1 and all previous versions
Tested Version: 6.9.2
Advisory Publication: 06/09/2016
Vulnerability Type: [CWE-113:] Improper Neutraliz

[ more ]  [ reply ]
[SECURITY] [DSA 3661-1] charybdis security update 2016-09-06
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3661-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 06, 2016

[ more ]  [ reply ]
Unauthenticated Arbitrary Directory Dump in BMC BladeLogic Server Automation 2016-09-04
ZeroDay (zeroday contextis co uk)
Title: Unauthenticated Arbitrary Directory Dump in BMC BladeLogic Server Automation
Affected Software: BMC BladeLogic Server Automation for Linux <= 8.7
CVSSv2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Reference: CVE-

[ more ]  [ reply ]
[SECURITY] [DSA 3659-1] linux security update 2016-09-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3659-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 04, 2016

[ more ]  [ reply ]
Google Nexus 5X Bootloader Unauthorized Memory Dumping via USB 2016-09-04
Roee Hay (roeehay gmail com)
Vulnerable versions:
================
Android 6.0.0 MDA89E through 6.0.1 MMB29V (bootloaders bhz10i/k)

Non-vulnerable versions:
====================
Android 6.0.1 MHC19J (bootloader bhz10m) and above.

Details:
======
The attacker reboots the phone into the 'fastboot' mode. A physical
attacker can

[ more ]  [ reply ]
FormatFactory 3.9.0 - (.task) Stack Overflow Vulnerability 2016-09-02
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FormatFactory 3.9.0 - (.task) Stack Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1935

Release Date:
=============
2016-09-01

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability 2016-08-31
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability

Advisory ID: cisco-sa-20160831-spa

Revision 1.0

For Public Release: 2016 August 31 16:00 GMT

+-----------------------------------------------------------------------
--

Summary

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability 2016-08-31
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability

Advisory ID: cisco-sa-20160831-sps3

Revision 1.0

For Public Release 2016 August 31 16:00 UTC (GMT)

+---------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution 2016-08-31
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability

Advisory ID: cisco-sa-20160831-meetings-player

Revision 1.0

For Public Release 2016 August 31 16:00 UTC (GMT)

+----------------------------------------------

[ more ]  [ reply ]
[security bulletin] HPSBGN03637 rev.1 - HP Operations Manager for Unix, Solaris, and Linux, Remote Cross-Site Scripting (XSS) 2016-08-31
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052498
33

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05249833
Version: 1

HPSBGN03637 rev.1 - HP Opera

[ more ]  [ reply ]
[security bulletin] HPSBHF03641 rev.1 - HPE Integrated Lights-Out 3 (iLO 3), Remote Disclosure of Information 2016-08-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052497
60

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05249760
Version: 1

HPSBHF03641 rev.1 - HPE Inte

[ more ]  [ reply ]
[slackware-security] kernel (SSA:2016-242-01) 2016-08-30
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] kernel (SSA:2016-242-01)

New kernel packages are available for Slackware 14.1 to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/linux-3.10.103/*: Upg

[ more ]  [ reply ]
[security bulletin] HPSBGN03638 rev.1 - HPE Remote Device Access: Virtual Customer Access System (vCAS) using lighttpd and OpenSSH, Unauthorized Modification of Information, Remote Denial of Service (DoS), Remote Disclosure of Information 2016-08-29
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052473
75

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05247375
Version: 1

HPSBGN03638 rev.1 - HPE Remo

[ more ]  [ reply ]
Apple libc incomplete fix of Security Update for OS X El Capitan 10.11.2 2016-08-26
submit cxsec org
------------------------------------------------------------------------
--------
Apple libc incomplete fix of Security Update for OS X El Capitan 10.11.2
Credit: Maksymilian Arciemowicz from CXSECURITY.COM
URL: https://cxsecurity.com/issue/WLB-2016080232
---------------------------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 3654-1] quagga security update 2016-08-26
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3654-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
August 26, 2016

[ more ]  [ reply ]
Necroscan <= v0.9.1 Buffer Overflow 2016-08-26
hyp3rlinx lycos com
[+] Credits: John Page aka HYP3RLINX

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/NECROSCAN-BUFFER-OVERFLOW.txt

[+] ISR: ApparitionSec

Vendor:
===================
nscan.hypermart.net

Product:
======================================
NECROSOFT

[ more ]  [ reply ]
[SECURITY] [DSA 3652-1] imagemagick security update 2016-08-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3652-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 25, 2016

[ more ]  [ reply ]
APPLE-SA-2016-08-25-1 iOS 9.3.5 2016-08-25
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-08-25-1 iOS 9.3.5

iOS 9.3.5 is now available and addresses the following:

Kernel
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to disclose kernel memory
D

[ more ]  [ reply ]
SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise 2016-08-25
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20160825-0 >
=======================================================================
title: Multiple vulnerabilities
product: Micro Focus GroupWise
vulnerable version: GroupWise 2014 R2 (<=SP1)
GroupWis

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2016-0005 2016-08-25
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2016-0005
------------------------------------------------------------------------

Date reported : August 25, 2016
Advisory ID : WSA-2016-0005
Advisory

[ more ]  [ reply ]
nullcon 8-bit Call for Papers is open 2016-08-24
nullcon (nullcon nullcon net)
Dear Hackers and Security Pros,

Welcome to nullcon 8-bit!
nullcon is an annual security conference held in Goa, India. The focus
of the conference is to showcase the next generation of offensive and
defensive security technology. We happily open doors to researchers
and hackers around the world and

[ more ]  [ reply ]
[slackware-security] gnupg (SSA:2016-236-01) 2016-08-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnupg (SSA:2016-236-01)

New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+------------------------

[ more ]  [ reply ]
[security bulletin] HPSBNS03635 rev.1 - HPE NonStop Servers OSS Script Languages running Perl and PHP, Multiple Local and Remote Vulnerabilities 2016-08-20
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052407
31

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05240731
Version: 1

HPSBNS03635 rev.1 - HPE NonS

[ more ]  [ reply ]
Path traversal vulnerability in WordPress Core Ajax handlers 2016-08-20
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Path traversal vulnerability in WordPress Core Ajax handlers
------------------------------------------------------------------------

Yorick Koster, July 2016

-------------------------------------------------------------------

[ more ]  [ reply ]
(Page 9 of 1700)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus