BugTraq Mode:
(Page 10 of 1610)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
[SYSS-2015-013] Panda Antivirus Pro 2015 - Authentication Bypass 2015-04-14
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-013
Product: Panda Antivirus Pro 2015
Vendor: Panda Security
Affected Version(s): 15.1.0
Tested Version(s): 15.1.0
Vulnerability Type: Authentication Bypass Using an Alternate Path or
Channel (CWE-288)
Risk

[ more ]  [ reply ]
[SYSS-2015-012] Panda Internet Security 2015 - Authentication Bypass 2015-04-14
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2015-012
Product: Panda Internet Security 2015
Vendor: Panda Security
Affected Version(s): 15.0.1
Tested Version(s): 15.0.1
Vulnerability Type: Authentication Bypass Using an Alternate Path or
Channel (CWE-288)
R

[ more ]  [ reply ]
Security Advisory - Apache HTTP Server 2.2.29 / 2.4.12 NULL Pointer dereference in protocol.c 2015-04-14
lem nikolas gmail com
-=[Advanced Information Security Corporation]=-

Advisory for Apache Http Server 2.2.29 / 2.4.12 NULL Pointer Dereference

Author: Nicholas Lemonias
Advisory Date: 14/4/2015
Email: lem.nikolas (at) gmail (dot) com

Introduction
==========
During a source-code audit of the Apache HTTPD 2.2.29

[ more ]  [ reply ]
Security Advisory - Apache HTTP Server 2.2.29 / 2.4.12 NULL Pointer dereference in protocol.c 2015-04-14
Nicholas Lemonias. (lem nikolas googlemail com)
-=[Advanced Information Security Corporation]=-

Advisory for Apache Http Server 2.2.29 / 2.4.12 NULL Pointer Dereference

Author: Nicholas Lemonias
Advisory Date: 14/4/2015
Email: lem.nikolas (at) gmail (dot) com

Introduction
==========
During a source-code audit of the Apache HTTPD 2.2.29

[ more ]  [ reply ]
[CVE-2015-2810] Integer Overflow leading to heap corruption when assigning a long paragraph size value to a HanWord document 2015-04-13
Daniel Regalado (daniel regalado FireEye com)
Product: Hancom Office Hwp 2014
Vendor: Hancom - www.hancom.com
Versions Affected (32 bits only):

HanWord Viewer 2007 (Korean)
HanWord Viewer 2010 ­ 8.5.6.1158 (English)
HwpViewer 2014 VP- 9.1.0.2186 (English)
Hwp 2014 VP - 9.0.0.1405 (English/Korean)
Version Not vulnerable:
Hwp 2014 VP - 9.1.0.234

[ more ]  [ reply ]
[security bulletin] HPSBOV03318 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS) and other Vulnerabilities 2015-04-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04635715

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04635715
Version: 1

HPSBOV03318 re

[ more ]  [ reply ]
[security bulletin] HPSBHF03310 rev.2 - HP Thin Clients running Windows Embedded Standard 7 (WES7) or Windows Embedded Standard 2009 (WES09) with HP Easy Deploy, Remote Elevation of Privilege, Execution of Code 2015-04-13
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04629160

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04629160
Version: 2

HPSBHF03310 re

[ more ]  [ reply ]
Apache HTTPD 2.4.12, 2.2.29 Security Audit - Advanced Information Security Corp 2015-04-13
lem nikolas gmail com
-=[Advanced Information Security Corp]=-

Author: Nicholas Lemonias
Advisory Date: 13/4/2015
Email: lem.nikolas (at) gmail (dot) com

Introduction
==========
During a source-code audit of the Apache HTTPD 2.2.29 release
implementation for linux; conducted internally by the Advanced
Information Secur

[ more ]  [ reply ]
Apache HTTPD 2.4.12/ 2.2.29 Security Audit Notes - Advanced Information Security Corp 2015-04-13
Nicholas Lemonias. (lem nikolas googlemail com)
-=[Advanced Information Security Corp]=-

Author: Nicholas Lemonias
Advisory Date: 13/4/2015
Email: lem.nikolas (at) gmail (dot) com

Introduction
==========
During a source-code audit of the Apache HTTPD 2.2.29 release
implementation for linux; conducted internally by the Advanced
Information Secur

[ more ]  [ reply ]
[SECURITY] [DSA 3224-1] libx11 security update 2015-04-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3224-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 12, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3223-1] ntp security update 2015-04-12
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3223-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
April 12, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3222-1] chrony security update 2015-04-12
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3222-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
April 12, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3221-1] das-watchdog security update 2015-04-12
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3221-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
April 12, 2015

[ more ]  [ reply ]
Safari iOS/OS X/Windows cookie access vulnerability 2015-04-12
Jouko Pynnonen (jouko iki fi)
OVERVIEW
==========

The 4/8/2015 security updates from Apple included a patch for a Safari
cross-domain vulnerability. An attacker could create web content
which, when viewed by a target user, bypasses some of the normal
cross-domain restrictions to access or modify HTTP cookies belonging
to any we

[ more ]  [ reply ]
[SECURITY] [DSA 3220-1] libtasn1-3 security update 2015-04-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3220-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
April 11, 2015

[ more ]  [ reply ]
Hijacking any Weebly Website [Insecure Direct Object Reference Vulnerability] 2015-04-11
huehuehuehue10 gmail com
Title: Hijack any website from weebly.com by just adding an administrator to their website. [Insecure Direct Object Reference Vulnerability]

=====

Weebly is a web-hosting service that allows the user to ?drag-and-drop? while using their website builder. As of August 2012, Weebly hosts over 20 mill

[ more ]  [ reply ]
[SECURITY] [DSA 3219-1] libdbd-firebird-perl security update 2015-04-11
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3219-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Alessandro Ghedini
April 11, 2015

[ more ]  [ reply ]
OrangeHRM Blind SQL Injection & XSS Vulnerabilities 2015-04-11
Rehan Ahmed (knight_rehan hotmail com)
I. Overview
========================================================
OrangeHRM (Opensource 3.2.1, Professional & Enterprise 4.11) are prone to a multiple Blind SQL injection & XSS vulnerabilities. These vulnerabilities allows an attacker to inject SQL commands to compromise the affected database m

[ more ]  [ reply ]
[ MDVSA-2015:203 ] batik 2015-04-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:203
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[security bulletin] HPSBGN03316 rev.1 - HP Support Solution Framework on Windows, Remote Execution of Code, Disclosure of Information 2015-04-10
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04634535

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04634535
Version: 1

HPSBGN03316 re

[ more ]  [ reply ]
[SECURITY] [DSA 3218-1] wesnoth-1.10 security update 2015-04-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3218-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 10, 2015

[ more ]  [ reply ]
Hidden backdoor API to root privileges in Apple OS X 2015-04-10
Jeffrey Walton (noloader gmail com)
https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-
privileges-in-apple-os-x/

The Admin framework in Apple OS X contains a hidden backdoor API to
root privileges. Itâ??s been there for several years (at least since
2011), I found it in October 2014 and it can be exploited to esc

[ more ]  [ reply ]
SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035) 2015-04-10
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150410-0 >
=======================================================================
title: Unauthenticated Local File Disclosure
product: Multiple TP-LINK products (see Vulnerable / tested versions)
vulnerable version: Mul

[ more ]  [ reply ]
[ MDVSA-2015:201 ] arj 2015-04-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:201
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
Ruxcon 2015 Call For Presentations 2015-04-13
cfp ruxcon org au
Ruxcon 2015 Call For Presentations
Melbourne, Australia, October 24-25
CQ Function Centre

http://www.ruxcon.org.au

The Ruxcon team is pleased to announce the first round of Call For Presentations for Ruxcon 2015.

This year the conference will take place over the weekend of the 24th and 25th of Oc

[ more ]  [ reply ]
[ MDVSA-2015:202 ] ntp 2015-04-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:202
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:200 ] mediawiki 2015-04-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:200
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[ MDVSA-2015:199 ] less 2015-04-10
security mandriva com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:199
http://www.mandriva.com/en/support/security/
___________________________________________________________

[ more ]  [ reply ]
[SECURITY] [DSA 3217-1] dpkg security update 2015-04-09
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3217-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
April 09, 2015

[ more ]  [ reply ]
SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows 2015-04-09
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20150409-0 >
=======================================================================
title: Multiple XSS & XSRF vulnerabilities
product: Comalatech Comala Workflows
vulnerable version: <= 4.6.1
fixed version: 4.6.2 fo

[ more ]  [ reply ]
(Page 10 of 1610)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus