BugTraq Mode:
(Page 9 of 1693)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
[SYSS-2016-059] Microsoft Wireless Desktop 2000 - Insufficient Verification of Data Authenticity (CWE-345) 2016-07-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-059
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Mouse Sp

[ more ]  [ reply ]
[SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks 2016-07-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-044
Product: K520 (Keyboard of Wireless Combo MK520)
Manufacturer: Logitech
Affected Version(s): Model Y-R0012
Tested Version(s): Model Y-R0012
Vulnerability Type: Cryptographic Issues (CWE-310)
Insufficient

[ more ]  [ reply ]
[SYSS-2016-045] Perixx PERIDUO-710W - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-07-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-045
Product: PERIDUO-710W
Manufacturer: Perixx Computer GmbH
Affected Version(s): Part No. KG-1027
Tested Version(s): Part No. KG-1027
Vulnerability Type: Insufficient Protection of Code (Firmware) and
Data

[ more ]  [ reply ]
[SYSS-2016-047] Perixx PERIDUO-710W - Keystroke Injection Vulnerability 2016-07-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-047
Product: PERIDUO-710W
Manufacturer: Perixx Computer GmbH
Affected Version(s): Part No. KG-1027
Tested Version(s): Part No. KG-1027
Vulnerability Type: Cryptographic Issues (CWE-310)
Keystroke Injection Vu

[ more ]  [ reply ]
[SYSS-2016-046] Perixx PERIDUO-710W - Missing Protection against Replay Attacks 2016-07-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-046
Product: PERIDUO-710W
Manufacturer: Perixx Computer GmbH
Affected Version(s): Part No. KG-1027
Tested Version(s): Part No. KG-1027
Vulnerability Type: Cryptographic Issues (CWE-310)
Missing Protection aga

[ more ]  [ reply ]
[SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks 2016-07-29
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-044
Product: K520 (Keyboard of Wireless Combo MK520)
Manufacturer: Logitech
Affected Version(s): Model Y-R0012
Tested Version(s): Model Y-R0012
Vulnerability Type: Cryptographic Issues (CWE-310)
Insufficient

[ more ]  [ reply ]
ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities 2016-07-29
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1890

Release Date:
=============
2016-07-28

Vulnerability Laboratory ID (VL-ID):
==========

[ more ]  [ reply ]
[S21SEC-047] Fotoware Fotoweb 8.0 Cross Site Scripting 2016-07-29
S21sec Vulnerability Research (vulns s21sec com)
##############################################################

- S21Sec Advisory -
- S21SEC-047-en.txt -

##############################################################

Title: Fotoware Fotoweb 8.0 Cross Site Scripting (XSS)
ID: S21sec-047-

[ more ]  [ reply ]
Vicon Network Cameras - Authentication Bypass 2016-07-28
reggie dodd30 gmail com
TITLE
Vicon Network Cameras - Authentication Bypass

AUTHOR
Reginald Dodd / Information Security Engineer
https://www.linkedin.com/in/reginalddodd

VENDOR
Vicon Industries Inc.
http://www.vicon-security.com
http://www.vicon-security.com/products/network-cameras/

DESCRIPTION
Remote unauthenticated u

[ more ]  [ reply ]
Saveya Bounty #1 - Bypass & Persistent Vulnerability 2016-07-28
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Saveya Bounty #1 - Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1857

SaveYa ID: 56

Acknowledgements: https://www.saveya.com/white-hat-program-acknowledgements

Release Date:
======

[ more ]  [ reply ]
Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities 2016-07-28
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1881

Release Date:
=============
2016-07-27

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability 2016-07-28
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1886

Release Date:
=============
2016-07-27

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
Zortam Media Studio 20.60 - Buffer Overflow Vulnerability 2016-07-28
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Zortam Media Studio 20.60 - Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1884

Release Date:
=============
2016-07-27

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
[SECURITY] [DSA 3633-1] xen security update 2016-07-27
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3633-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 27, 2016

[ more ]  [ reply ]
CVE-2016-2783 - Avaya VOSS/VSP Release 4.1.0.0 Vulnerable to SPB Traffic traversal 2016-07-27
Grebovich, Dragan \(Dragan\) (dgrebovich avaya com)
Virtual Services Platform (VOSS) Security Vulnerability CVE-2016-2783 - Release 4.1.0.0 Vulnerable to SPB Traffic traversal

Avaya Networking was notified by Kryptos Logic and Stora, that Avaya VSP (VOSS) 4.1.0.0 has security vulnerability on November 30, 2015. Avaya R&D has confirmed the existence

[ more ]  [ reply ]
[SECURITY] [DSA 3632-1] mariadb-10.0 security update 2016-07-27
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3632-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 27, 2016

[ more ]  [ reply ]
VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability 2016-07-27
Vulnerability Lab (research vulnerability-lab com) (1 replies)
Document Title:
===============
VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1877

Release Date:
=============
2016-07-26

Vulnerability Laboratory ID (VL-ID):
==================================

[ more ]  [ reply ]
RE: VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability 2016-07-27
Wick, Ryan \(US - Chicago\) (rwick deloitte com)
VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability 2016-07-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1876

Release Date:
=============
2016-07-25

Vulnerability Laboratory ID (VL-ID):
=================================

[ more ]  [ reply ]
DornCMS v1.4 - (FileManager) Persistent Cross Site Scripting Vulnerability 2016-07-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
DornCMS v1.4 - (FileManager) Persistent Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1885

Release Date:
=============
2016-07-26

Vulnerability Laboratory ID (VL-ID):
============

[ more ]  [ reply ]
Nusiorung CMS 2016 - (Login) Auth Bypass Vulnerability 2016-07-27
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Nusiorung CMS 2016 - (Login) Auth Bypass Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1875

Release Date:
=============
2016-07-13

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
[SECURITY] [DSA 3631-1] php5 security update 2016-07-26
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3631-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 26, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3630-1] libgd2 security update 2016-07-26
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3630-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 26, 2016

[ more ]  [ reply ]
[security bulletin] HPSBST03603 rev.1 - HPE StoreVirtual Products running LeftHand OS using glibc, Remote Arbitrary Code Execution, Denial of Service (DoS) 2016-07-26
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05212266

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05212266
Version: 1

HPSBST03603 r

[ more ]  [ reply ]
Silurus Classifieds XSS Vulnerability 2016-07-26
ak47464659484 gmail com
Title: Silurus Classifieds XSS Vulnerability
Software : Silurus Classifieds

Software Version : v2.0

Vendor: http://snowhall.com/slides/silurus

Vulnerability Published : 2016-07-25

Author:zhiwei_jiang
Email:ak47464659484 (at) gmail (dot) com [email concealed]
Impact : Medium(CVSS2 Base : 4.3, AV:N/AC:M/Au:N/C:N/I:P/A

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in ColorWay WordPress Theme 2016-07-26
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in ColorWay WordPress Theme
------------------------------------------------------------------------

Yorick Koster, July 2016

-----------------------------------------------------------------

[ more ]  [ reply ]
Dropbox 6.4.14 DLL Hijacking Vulnerability 2016-07-26
mehta himanshu21 gmail com
Aloha,

Summary
Dropbox Installer for Windows contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to some DLL file is loaded by 'DropboxInstaller.exe' improperly. And it allows an a

[ more ]  [ reply ]
Huawei ISM Professional XSS Vulnerability 2016-07-26
ak47464659484 gmail com
Title: Huawei ISM Professional XSS Vulnerability
Software : ISM Professional OceanStor

Software Version : Copyright©Huawei Technologies Co., Ltd. 2009-2010. All rights reserved.

Vendor: www.huawei.com

Vulnerability Published : 2016-07-25

Author:zhiwei_jiang
Email:ak47464659484@gmail

[ more ]  [ reply ]
Crashing Browsers Remotely via Insecure Search Suggestions 2016-07-26
research nightwatchcybersecurity com
[Original here:
https://wwws.nightwatchcybersecurity.com/2016/07/26/research-crashing-br
owsers-remotely-via-insecure-search-suggestions/]

Summary

Intercepting insecure search suggestion requests from browsers, and
returning very large responses leads to browser crashes (but not RCE).
Affected brow

[ more ]  [ reply ]
MySQL 0days followup (CVE-2016-3477) CVSS 8.1 2016-07-26
lem nikolas gmail com
Among other issues reported, the most critical flaw in the July CPU 2016, rated CVSS v3.0 base score 8.1, is the Server Parser subcomponent issue(CVE-2016-3477) and one of our findings.

Versions 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier are affected. The zero-day permits unauth

[ more ]  [ reply ]
(Page 9 of 1693)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus